background image

8-2

Time Protocols     

Overview

Overview

This chapter describes:

SNTP Time Protocol Operation

Timep Time Protocol Operation

Using time synchronization ensures a uniform time among interoperating 
devices. This helps you to manage and troubleshoot switch operation by 
attaching meaningful time data to event and error messages. 

The switch offers TimeP and SNTP (Simple Network Time Protocol) and a 

timesync

 command for changing the time protocol selection (or turning off 

time protocol operation).

N o t e s

Although you can create and save configurations for both time proto-
cols without conflicts, the switch allows only one active time protocol 
at any time.

In the factory-default configuration, the time synchronization option 
is set to TimeP, with the TimeP mode itself set to 

Disabled

.

TimeP Time Synchronization

You can either manually assign the switch to use a TimeP server or use DHCP 
to assign the TimeP server. In either case, the switch can get its time synchro-
nization updates from only one, designated Timep server. This option 
enhances security by specifying which time server to use.

SNTP Time Synchronization

SNTP provides two operating modes:

Broadcast Mode:

 The switch acquires time updates by accepting the 

time value from the first SNTP time broadcast detected. (In this case, 
the SNTP server must be configured to broadcast time updates to the 
network broadcast address. Refer to the documentation provided 
with your SNTP server application.) Once the switch detects a partic-

Summary of Contents for ProCurve 4104GL

Page 1: ...hp procurve series 4100gl switches management and configuration guide www hp com go hpprocurve ...

Page 2: ......

Page 3: ...HP Procurve Series 4100GL Switches Management and Configuration Guide Software Release G 05 02 or Greater ...

Page 4: ...scapeisa registered trademark ofNetscape Corporation Cisco is a trademark of Cisco Systems Inc Disclaimer The information contained in this document is subject to change without notice HEWLETT PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS MATERIAL INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE Hewlett Packard shall no...

Page 5: ...Selecting a Management Interface Contents 1 1 Overview 1 2 Understanding Management Interfaces 1 2 Advantages of Using the Menu Interface 1 3 Advantages of Using the CLI 1 4 Advantages of Using the HP Web Browser Interface 1 5 Advantages of Using HP TopTools for Hubs Switches 1 6 2 Using the Menu Interface Contents 2 1 Overview 2 2 Starting and Ending a Menu Session 2 3 How To Start a Menu Interfa...

Page 6: ...ands and Command Options 3 8 Listing Commands Available at Any Privilege Level 3 8 Command Option Displays 3 10 Displaying CLI Help 3 11 Configuration Commands and the Context Configuration Modes 3 13 CLI Control and Editing 3 16 4 Using the HP Web Browser Interface Contents 4 1 Overview 4 2 General Features 4 3 Starting an HP Web Browser Interface Session with the Switch 4 4 Using a Standalone We...

Page 7: ...Detail Views of Alert Log Entries 4 21 The Status Bar 4 22 Setting Fault Detection Policy 4 23 5 Switch Memory and Configuration Contents 5 1 Overview 5 2 Overview of Configuration File Management 5 2 Using the CLI To Implement Configuration Changes 5 4 Using the Menu and Web Browser Interfaces To Implement Configuration Changes 5 8 Using the Menu Interface To Implement Configuration Changes 5 9 U...

Page 8: ... Viewing and Configuring System Information 6 11 Web Configuring System Parameters 6 14 Using Friendly Optional Port Names 6 15 Configuring and Operating Rules for Friendly Port Names 6 15 Configuring Friendly Port Names 6 16 Displaying Friendly Port Names with Other Port Data 6 18 7 Configuring IP Addressing Contents 7 1 Overview 7 2 IP Configuration 7 3 Just Want a Quick Start with IP Addressing...

Page 9: ... 8 3 Disabling Time Synchronization 8 4 SNTP Viewing Selecting and Configuring 8 4 Menu Viewing and Configuring SNTP 8 5 CLI Viewing and Configuring SNTP 8 8 Viewing the Current SNTP Configuration 8 8 Configuring Enabling or Disabling the SNTP Mode 8 9 TimeP Viewing Selecting and Configuring 8 13 Menu Viewing and Configuring TimeP 8 14 CLI Viewing and Configuring TimeP 8 16 Viewing the Current Tim...

Page 10: ...ng the CLI To Configure a Static or Dynamic Trunk Group 9 21 Web Viewing Existing Port Trunk Groups 9 24 Trunk Group Operation Using LACP 9 25 Default Port Operation 9 27 LACP Notes and Restrictions 9 28 Trunk Group Operation Using the Trunk Option 9 30 Trunk Operation Using the FEC Option 9 30 How the Switch Lists Trunk Data 9 31 Outbound Traffic Distribution Across Trunked Links 9 31 Configuring...

Page 11: ...h s Current CDP Configuration 10 20 Viewing the Switch s Current CDP Neighbors Table 10 20 Clearing Resetting the CDP Neighbors Table 10 21 Configuring CDP Operation 10 22 Effect of Spanning Tree STP On CDP Packet Transmission 10 24 How the Switch Selects the IP Address To Include in Outbound CDP Packets 10 25 CDP Neighbor Data and MIB Objects 10 26 Operating Notes 10 28 11 Port Based Virtual LANs...

Page 12: ...11 30 IP Interfaces 11 30 VLAN MAC Addresses 11 31 Port Trunks 11 31 Port Monitoring 11 31 VLAN Restrictions 11 31 GVRP 11 33 General Operation 11 34 Per Port Options for Handling GVRP Unknown VLANs 11 36 Per Port Options for Dynamic VLAN Advertising and Joining 11 38 GVRP and VLAN Access Control 11 40 Port Leave From a Dynamic VLAN 11 40 Planning for GVRP Operation 11 41 Configuring GVRP On a Swi...

Page 13: ...h Excludes Well Known or Reserved Multicast Addresses from IP Multicast Filtering 12 19 13 802 1w Rapid Spanning Tree Protocol RSTP and 802 1d Spanning Tree Protocol STP Contents 13 1 Overview 13 2 How Spanning Tree Operates 13 4 Spanning Tree Options RSTP 802 1w and STP 802 1d 13 5 RSTP 802 1w 13 5 STP 802 1d 13 6 Configuring Rapid Reconfiguration Spanning Tree RSTP 13 7 Overview 13 7 Transitioni...

Page 14: ...rface To View Stack Status and Configure Stacking 14 13 Using the Menu Interface To View and Configure a Commander Switch 14 13 Using the Menu To Manage a Candidate Switch 14 15 Using the Commander To Manage The Stack 14 17 Using the Commander To Access Member Switches for Configuration Changes and Monitoring Traffic 14 23 Converting a Commander or Member to a Member of Another Stack 14 24 Monitor...

Page 15: ...NIX Workstation A 6 Menu Xmodem Download to Primary Flash A 7 CLI Xmodem Download from a PC or Unix Workstation to Primary or Secondary Flash A 8 Switch to Switch Download A 9 Menu Switch to Switch Download to Primary Flash A 9 CLI Switch To Switch Downloads A 10 Using the HP TopTools for Hubs Switches Utility A 11 Troubleshooting TFTP Downloads A 12 Transferring Switch Configurations A 13 Copying...

Page 16: ...atistics B 11 Web Browser Access To View Port and Trunk Group Statistics B 11 Viewing the Switch s MAC Address Tables B 12 Menu Access to the MAC Address Views and Searches B 13 CLI Access for MAC Address Views and Searches B 15 Spanning Tree Protocol STP Information B 17 Menu Access to STP Data B 17 CLI Access to STP Data B 18 Internet Group Management Protocol IGMP Status B 19 VLAN Information B...

Page 17: ...rces C 21 Menu Entering and Navigating in the Event Log C 22 CLI C 23 Diagnostic Tools C 24 Port Auto Negotiation C 24 Ping and Link Tests C 24 Web Executing Ping or Link Tests C 26 CLI Ping or Link Tests C 27 Displaying the Configuration File C 29 CLI Viewing the Configuration File C 29 Listing Switch Configuration and Operation Details for Help in Troubleshooting C 30 Web Viewing the Configurati...

Page 18: ...xvi Contents Menu Viewing the Switch s MAC Addresses D 3 CLI Viewing the Port and VLAN MAC Addresses D 4 E Daylight Savings Time on HP Procurve Switches Index ...

Page 19: ...tents Getting Started Introduction xiv Conventions xiv Simulating Display Output xv Command Prompts xv Screen Simulations xv Related Publications xvi Getting Documentation From the Web xvii Sources for More Information xviii Need Only a Quick Start xx ...

Page 20: ...bsite See Getting Documentation From the Web on page xxi below Conventions This guide uses the following conventions for command syntax and displayed information Command Syntax Statements Syntax aaa port access authenticator port list control authorized auto unauthorized Vertical bars separate alternative mutually exclusive elements Square brackets indicate optional elements Braces enclose require...

Page 21: ...witch 4108 To simplify recognition this guide uses HPswitch to represent command prompts for all models For example HPswitch You can use the hostname command to change the text in the CLI prompt Screen Simulations Figures containing simulated screen text and command output look like this Figure 1 Example of a Figure Showing a Simulated Screen In some cases brief command output sequences appear wit...

Page 22: ...to use and configure the following access security features available in the switch Username and Password Security TACACS Authentication RADIUS Authentication and Accounting Secure Shell SSH Encryption Port Based Access Control 802 1x Port Security Using Authorized MAC Addresses Authorized IP Managers HP provides a PDF version of this guide on the Product Documentation CD ROM shipped with the swit...

Page 23: ...on From the Web Getting Documentation From the Web 1 Go to the HP Procurve website at http www hp com go hpprocurve 2 Click on technical support 3 Click on manuals 4 Click on the product for which you want to view or download a manual 2 3 4 ...

Page 24: ...and name followed by help For example Figure 3 Getting Help in the CLI If you need information on specific features in the HP Web Browser Interface hereafter referred to as the web browser interface use the online help available for the web browser interface For more information on web browser Help options refer to Online Help for the HP Web Browser Interface on page 4 11 If you need further infor...

Page 25: ...face select 8 Run Setup For more on using the Switch Setup screen see the Installation and Getting Started Guide you received with the switch To Set Up and Install the Switch in Your Network Im po rta nt Use the HP Procurve Series 4100 Installation and Getting Started Guide shipped with the switch for the following Notes cautions and warnings related to installing and using the switch and its rela...

Page 26: ...xxiv Getting Started Need Only a Quick Start ...

Page 27: ...ontents Overview 1 2 Understanding Management Interfaces 1 2 Advantages of Using the Menu Interface 1 3 Advantages of Using the CLI 1 4 Advantages of Using the HP Web Browser Interface 1 5 Advantages of Using HP TopTools for Hubs Switches 1 6 ...

Page 28: ... information and a subset of switch commands through a standard web browser such as Netscape Navigator or Microsoft Internet Explorer page 1 5 HP TopTools for Hubs Switches an easy to use browser based network management tool that works with HP proactive networking features built into managed HP hubs and switches This manual describes how to use the menu interface chapter 2 the CLI chapter 3 the w...

Page 29: ... or correct IP address and network downtime do not slow or prevent access Enables Telnet in band access to the menu functionality Allows faster navigation avoiding delays that occur with slower display of graphical objects over a web browser interface Provides more security configuration information and passwords are not seen on the network IP addressing VLANs and GVRP Port Security Port and Stati...

Page 30: ...des help at each level for determining available options and vari ables CLI Usage For information on how to use the CLI refer to chapter 3 Using the Command Line Interface CLI To perform specific procedures such as configuring IP addressing or VLANs use the Contents listing at the front of the manual to locate the information you need For monitoring and analyzing switch operation refer to appendix...

Page 31: ... Familiar browser interface locations of window objects consistent with commonly used browsers uses mouse clicking for navigation no terminal setup Many features have all their fields in one screen so you can view all values at once More visual cues using colors status bars device icons and other graphical objects instead of relying solely on alphanumeric values Display of acceptable ranges of val...

Page 32: ...es You can operate HP TopTools from a PC on the network to monitor traffic manage your hubs and switches and proactively recommend network changestoincrease networkuptime andoptimize performance Easy to install and use HP TopTools for Hubs Switches is the answer to your management challenges Figure 1 4 Example of HP TopTools Home Page ...

Page 33: ...network management PC including identity and status informa tion port counters port on off capability sensitivity thresholds for traps IP and security configuration device configuration report and other device features Enables policy based management through the Quality of Service feature QoS to establish traffic priority policies for controlling and improving throughput across all the HP switches...

Page 34: ...1 8 Selecting a Management Interface Advantages of Using HP TopTools for Hubs Switches ...

Page 35: ...and Ending a Menu Session 2 3 How To Start a Menu Interface Session 2 4 How To End a Menu Session and Exit from the Console 2 5 Main Menu Features 2 7 Screen Structure and Navigation 2 9 Rebooting the Switch 2 12 Menu Features List 2 14 Where To Go From Here 2 15 ...

Page 36: ... the Menu Features List on page 2 14 Privilege Levels and Password Security HP strongly recommends that you configure a Manager password to help prevent unauthorized access to your network A Manager password grantsfull read write accessto the switch An Operator password if configured grants access to status and counter Event Log and the Operator level in the CLI After you configure passwords on th...

Page 37: ...ny switch interface overwrites earlier changes made through any other interface The Menu Interface and the CLI Command Line Interface both use the switch console To enter the menu from the CLI use the menu command To enter the CLI from the Menu interface select Command Line CLI option Starting and Ending a Menu Session You can access the menu interface using any of the following A direct serial co...

Page 38: ...p 3 If you are using a PC terminal emulator or a terminal press Enter one or more times until a prompt appears 3 When the switch screen appears do one of the following If a password has been configured the password prompt appears Password _ Type the Manager password and press Enter Entering the Manager password gives you manager level access to the switch Entering the Operator password gives you o...

Page 39: ...nu For more infor mation see the Installation and Getting Started Guide you received with the switch How To End a Menu Session and Exit from the Console The method for ending a menu session and exiting from the console depends on whether during the session you made any changes to the switch configu ration that require a switch reboot to activate Most changes via the menu interface need only a Save...

Page 40: ...made configuration changes that require a switch reboot thatis ifan asterisk appears nexttoa configured item or nexttoSwitch Configuration in the Main Menu a Return to the Main Menu b Press 6 to select Reboot Switch and follow the instructions on the reboot screen Rebooting the switch terminates the menu session and if you are using Telnet disconnects the Telnet session See Rebooting To Activate C...

Page 41: ...isplaying and changing the current configuration settings See the Con tents listing at the front of this manual For a listing of features and parameters configurable through the menu interface see the Menu Fea tures List on page 2 14 Console Passwords Provides access to the screen used to set or change Manager level and Operator level passwords and to delete Manager and Operator password protectio...

Page 42: ...e 5 10 Download OS Enables you to download a new software version to the switch See Appendix A File Transfers Run Setup Displays the Switch Setup screen for quickly configuring basic switch parameters such as IP addressing default gateway logon default interface spanning tree and others See the Installation and Getting Started guide shipped with your switch Stacking Enables you to use a single IP ...

Page 43: ... forms for data entry When you first enter these screens you see the current configuration for the item you have selected To change the configuration the basic operation is to 1 Press E to select the Edit action 2 Navigate through the screen making all the necessary configuration changes See Table 4 1 on the next page 3 Press Enter to return to the Actions line From there you can save the configur...

Page 44: ...r parameter value return to step 3 6 If you are finished editing parameters in the displayed screen press Enter to return to the Actions line and do one of the following To save and activate configuration changes press S for the Save action This saves the changes in the startup configuration and also implements the change in the currently running configuration See Chapter 5 Switch Memory and Confi...

Page 45: ...Use the arrow keys or v to select an action or data field The help line under the Actions items describes the currently selected action or data field For guidance on how to navigate in a screen Seetheinstructionsprovided at the bottom of the screen or refer to Screen Structure and Navigation on page 2 9 Pressing H or highlighting Help and pressing Enter displays Help for the parameters listed in t...

Page 46: ...require a reboot Resets statistical counters to zero Note that statistical counters can be reset to zero without rebooting the switch To Reboot the switch use the Reboot Switch option in the Main Menu Note that the Reboot Switch option is not available if you log on in Operator mode that is if you enter an Operator password instead of a manager password at the password prompt Figure 2 6 The Reboot...

Page 47: ... the Maximum VLANs to support parameter an asterisk appears next to the VLAN Support entry in the VLAN Menu screen and also next to the the Switch Configuration entry in the Main Menu as shown in figure 4 6 Figure 2 7 Indication of a Configuration Change Requiring a Reboot To activate changes indicated by the asterisk go to the Main Menu and select the Reboot Switch option N ot e Executing the wri...

Page 48: ...witch Configuration System Information Port Trunk Settings Network Monitoring Port Spanning Tree Operation IP Configuration SNMP Community Names IP authorized Managers VLAN Menu Console Passwords Event Log Command Line CLI Reboot Switch Download OS Run Setup Stacking Stacking Status This Switch Stacking Status All Stack Configuration Stack Management Available in Stack Commander Only Stack Access ...

Page 49: ...To view and monitor switch status and counters Appendix B Monitoring and Analyzing Switch Operation To learn how to configure and use passwords and other security features Refer to the Access Security Guide for your switch To learn how to use the Event Log Using the Event Log To Identify Problem Sources on page C 21 To learn how the CLI operates Chapter 3 Using the Command Line Interface CLI To do...

Page 50: ...2 16 Using the Menu Interface Where To Go From Here ...

Page 51: ...ege Level Operation 3 4 Operator Privileges 3 4 Manager Privileges 3 5 How To Move Between Levels 3 7 Listing Commands and Command Options 3 8 Listing Commands Available at Any Privilege Level 3 8 Command Option Displays 3 10 Displaying CLI Help 3 11 Configuration Commands and the Context Configuration Modes 3 13 CLI Control and Editing 3 16 ...

Page 52: ...ecting a terminal device to the switch or in band by using Telnet either from a terminal device or through the web browser interface Also if you are using the menu interface you can access the CLI by selecting the Command Line CLI option in the Main Menu Using the CLI The CLI offers these privilege levels to help protect the switch from unautho rized access 1 Operator 2 Manager 3 Global Configurat...

Page 53: ...ssword Without a Manager password configured anyone having serial port Telnet or web browser access to the switch can reach all CLI levels For more on setting passwords refer to the local manager and operator password chapter in the Access Security Guide for your switch When you use the CLI to log on to the switch and passwords are set you will be prompted to enter a password For example Figure 3 ...

Page 54: ...mended that you protect the switch from physical access by unauthorized persons If you are concerned about switch security and operation you should install the switch in a secure location such as a locked wiring closet Privilege Level Operation Figure 3 2 Access Sequence for Privilege Levels Operator Privileges At the Operator level you can examine the current configuration and move between interf...

Page 55: ...on changes to any of the switch s software features The prompt for the Global Configuration level includes the system name and config To select this level enter the config command at the Manager prompt For example HPswitch _ Enter config at the Manager prompt HPswitch config _ The Global Config prompt Context Configuration level Provides all Operator and Manager privileges and enables you to make ...

Page 56: ...from the CLI interface to the menu interface Exit from the CLI interface and terminate the console session Terminate the current session same as logout Manager Privilige ManagerLevel HPswitch Perform system level actions such as system control monitoring and diagnostic commands plus any of the Operator level commands For a list of available commands enter at the prompt Global Configuration Level H...

Page 57: ...face to configure an IP address of X Change in Levels Example of Prompt Command and Result Operator level to Manager level HPswitch enable Password _ After you enter enable the Password prompt appears After you enter the Manager password the system prompt appears with the symbol HPswitch _ Manager level to Global configuration level HPswitch config HPswitch config Global configuration level to a C...

Page 58: ...List all of the commands available at that level List the options for a specific command Listing Commands Available at Any Privilege Level At a given privilege level you can list and execute the commands that level offers plus all of the commands available at preceding levels For example at the Operator level you can list and execute only the Operator level commands However at the Manager level yo...

Page 59: ...on level produces similar results Use T ab To Search for or Complete a Command Word You can use T ab to help you find CLI commands or to quickly complete the current word in a command To do so type one or more consecutive characters in a command and then press T ab with no spaces allowed For example at the Global Configuration level if you press T ab immediately after typing t the CLI displays the...

Page 60: ...after a completed command word lists the further options for that command HPswitch config stack T ab commander commander str join mac addr auto join transmission interval integer cr HPswitch config stack Command Option Displays Conventions for Command Option Displays When you use the CLI to listoptionsfor a particular command youwill see one or more ofthe following conventions to help you interpre...

Page 61: ...mand list with a brief summary of each command s purpose Detailed information on how to use individual commands Displaying Command List Help You can display a listing of command Help summaries for all commands available at the current privilege level That is when you are at the Operator level you can display the Help summaries only for Operator Level commands At the Manager level you can display t...

Page 62: ...enough of the command string to identify the command along with help Syntax command string help For example to list the Help for the interface command in the Global Configuration privilege level Figure 3 7 Example of How To Display Help for a Specific Command A similar action lists the Help showing additional parameter options for a given command The following example illustrates how to list the H...

Page 63: ...nfiguration mode or in selected context modes However using a context mode enables you to execute context specific commands faster with shorter command strings The Switch 4108GL offers interface port or trunk group and VLAN context configuration modes Port or Trunk Group Context Includes port or trunk specific commands that apply only to the selected port s or trunk group plus the global configura...

Page 64: ...C8 Lists the commands you can use in the port or static trunk context plus the Manager Operator and context commands you can execute at this level In the port context the first block of commands in the listingshow thecontext specific commandsthatwillaffect only ports C3 C6 The remaining commands in the listing are Manager Operator and context commands ...

Page 65: ...0 Context Specific Commands Affecting VLAN Context HPswitch config vlan 100 Command executed at configura tion level to enter VLAN 100 context HPswitch vlan 100 Resulting prompt showing VLAN 100 context HPswitch vlan 100 Lists commands you can use in the VLAN context plus Manager Oper ator and context commands you can execute at this level In the VLAN context the first block of commands in the lis...

Page 66: ...ne character Ctrl K Deletes from the cursor to the end of the command line Ctrl L or Ctrl R Repeats current command line on a new line Ctrl N or v Enters the next command line in the history buffer Ctrl P or Enters the previous command line in the history buffer Ctrl U or Ctrl X Deletes from the cursor tothe beginning of the command line Ctrl W Deletes the last word typed Esc B Moves the cursor ba...

Page 67: ...names and Passwords in the Browser Interface 4 8 Using the Passwords 4 10 Using the User Names 4 10 If You Lose a Password 4 11 Online Help for the HP Web Browser Interface 4 11 Support Mgmt URLs Feature 4 12 Support URL 4 13 Help and the Management Server URL 4 13 Status Reporting Features 4 15 The Overview Window 4 15 The Port Utilization and Status Displays 4 16 Port Utilization 4 16 Port Statu...

Page 68: ...wser interface session page 4 7 Creating usernames and passwords in the web browser interface page 4 8 Selecting the fault detection configuration for the Alert Log operation page 4 23 Getting access to online help for the web browser interface page 4 11 Description of the web browser interface Overview window and tabs page 4 15 Port Utilization and Status displays page 4 16 Alert Log and Alert ty...

Page 69: ...and Primary VLAN Fault detection Port monitoring mirroring System information Enable Disable Multicast Filtering IGMP and Spanning Tree IP Stacking Support and management URLs Switch Security Passwords Switch Diagnostics Ping Link Test Device reset Configuration report Switch status Port utilization Port counters Port status Alert log Switch system information listing ...

Page 70: ...ches on your network Using a Standalone Web Browser in a PC or UNIX Workstation This procedure assumes that you have a supported web browser installed on your PC or workstation and that an IP address has been configured on the switch For more on assigning an IP address refer to IP Configuration on page 7 3 1 Make sure the JavaTM applets are enabled for your browser If they are not use the options ...

Page 71: ...owser interface from a non management PC or workstation For HP TopTools requirements refer to the information provided with HP TopTools for Hubs Switches This procedure assumes that Youhave installed the recommended web browser on a PC orworkstation that serves as your network management station The networked device you want to access has been assigned an IP address and optionally a DNS name and h...

Page 72: ...us Overview window displayed for the selected device as shown in figure 4 1 N ot e If the Registration window appears click on the Status tab Figure 4 1 Example of Status Overview Screen N ot e The above screen appears somewhat different if the switch is configured as a stack Commander For an example see figure 1 3 on page 1 5 Alert Log First Time Install Alert ...

Page 73: ...e Install Window When you access the switch s web browser interface for the first time the Alert log contains a First Time Install alert as shown in figure 4 2 This gives you information about first time installations and provides an immediate opportunity to set passwords for security and to specify a Fault Detection policy which determines the types of messages that will be displayed in the Alert...

Page 74: ...olicy click on select the fault detection configuration in the second bullet in the window and go to the section Setting Fault Detection Policy on page 4 23 You can also access the password screen by clicking on the Configuration tab and then Fault Detection button Creating Usernames and Passwords in the Browser Interface You may want to create both a username and password to create access securit...

Page 75: ...nstall event entry double click on this event then in the resulting display click on the secure access to the device link Select the Security tab 2 Click in the appropriate box in the Device Passwords window and enter user names and passwords You will be required to repeat the password strings in the confirmation boxes Both the user names and passwords can be up to 16 printable ASCII characters 3 ...

Page 76: ...l access to all switch interfaces Once set you will be prompted to supply the password every time you try to access the switch through any of its interfaces The password you enter determines the capability you have during that session Entering the manager password gives you full read write capabilities Entering the operator password gives you read and limited write capabil ities Using the User Nam...

Page 77: ... is installed in a secure location such as a locked wiring closet Online Help for the HP Web Browser Interface Online Help is available for the web browser interface You can use it by clicking on the question mark button in the upper right corner of any of the web browser interface screens Figure 4 5 The Help Button Context sensitive help is provided for the screen you are on N ot e If you do not ...

Page 78: ...fsetup theURL ofa network managementstationrunning HP TopTools for Hubs Switches Figure 4 6 The Default Support Mgmt URLs Window 3 Enter URLs for the support information source you want the switch to access when you click on the web browser interface Support tab the default is HP s ProCurve network products World Wide Web home page the URL of the network Management server or other source of the on...

Page 79: ...gement station running HP TopTools for Hubs Switches Providing Online Help The Help files are automatically available if you install HP TopTools for Hubs Switches on your network or if you already have Internet access to the World Wide Web The Help files are included with HP TopTools for Hubs Switches and are also automatically available from HP via the World Wide Web Retrieval of the Help filesis...

Page 80: ...ccess Web Browser Interface Online Help Policy Management and Configuration HP Top Tools for Hubs Switches can perform network wide policy management and configuration of your switch The Management Server URL field identifies the management station that is performing that function For more information refer to the documentation provided on the HP TopTools for Hubs Switches CD shipped with the swit...

Page 81: ...t log page 4 19 The Status bar page 4 22 The Overview Window The Overview Window is the home screen for any entry into the web browser interface The following figure identifies the various parts of the screen Figure 4 8 The Overview Window Alert Log Control Bar Port Utiliza tion Graphs page 4 16 Active Tab Active Button Alert Log page 4 19 Port Status Indicators page 4 18 Button Bar Tab Bar Status...

Page 82: ...ast Pkts Rx All multicast and broadcast traffic received by the port This indicator a gold color on many systems enables you to know at a glance the source of any non unicast traffic that is causing high utilization of the switch For example if one port is receiving heavy broadcast or multicast traffic all ports will become highly utilized By color coding the received broadcast and multicast utili...

Page 83: ...ws Click onthebandwidthdisplaycontrolbuttoninthe upperleftcorner of the graph The button shows the current scale setting such as 40 In the resulting menu select the bandwidth scale you want the graph to show 3 10 25 40 75 or 100 as shown in figure figure 4 10 Note that when viewing activity on a gigabit port you may want to select a lower value such as 3 or 10 This is because the bandwidth utiliza...

Page 84: ... device A cable may not be connected to the port or the device at the other end may be powered off or inoperable or the cable or connected device could be faulty Port Disabled the port has been configured as disabled through the web browser interface the switch console or SNMP network manage ment Port Fault Disabled a fault condition has occurred on the port that has caused it to be auto disabled ...

Page 85: ...e The date and time the event was received by the web browser interface This value is shown in the format DD MM YY HH MM SS AM PM for example 16 Sep 99 7 58 44 AM Description A short narrative statement that describes the event For example Excessive CRC Alignment errors on port 8 Sorting the Alert Log Entries The alerts are sorted by default by the Date Time field with the most recent alert listed...

Page 86: ... malfunctioning NIC NIC driver or transceiver Excessive late collisions Late collisions collisions detected after transmitting 64 bytes have been detected on this port Possible causes include An overextended LAN topology Duplex mismatch full duplex configured on one end of the link half duplex configured on the other A misconfigured or faulty device connected to the port High collision or drop rat...

Page 87: ... a Detail View or separate window detailing information about the events The Detail View contains a description of the problem and a possible solution It also provides four management buttons Acknowledge Event removes the New symbol from the log entry Delete Event removes the alert from the Alert Log Cancel Button closes the detail view with no change to the status of the alert and returns you to ...

Page 88: ... Key System Name The name you have configured for the switch by using Identity screen system name command or the switch console System Information screen Most Critical Alert Description A brief description of the earliest unacknowledged alert with the current highest severity in the Alert Log appearing in the right portion of the Status Bar In instances where multiple critical alerts have the same...

Page 89: ... of alerts reported to the Alert Log based on their level of severity Set this policy in the Fault Detection window figure 4 16 Figure 4 16 The Fault Detection Window The Fault Detection screen contains a list box for setting fault detection and response policy You set the sensitivity level at which a network problem should generate an alert and send it to the Alert Log To provide the most informa...

Page 90: ...s a lot of problems and you want to be informed of only the most severe ones Never Disables the Alert Log and transmission of alerts traps to the management server in cases where a network management tool such as HP TopTools for Hubs Switches is in use Use this option when you don t want to use the Alert Log The Fault Detection Window also contains three Change Control Buttons Apply Changes This b...

Page 91: ...ion Changes 5 8 Using the Menu Interface To Implement Configuration Changes 5 9 Using Save and Cancel in the Menu Interface 5 9 Rebooting from the Menu Interface 5 10 Using the Web Browser Interface To Implement Configuration Changes 5 11 Using Primary and Secondary Flash Image Options 5 12 Displaying the Current Flash Image Data 5 12 OS Downloads 5 14 Local OS Replacement and Removal 5 15 Rebooti...

Page 92: ...nagement The switch maintains two configuration files the running config file and the startup config file Figure 5 1 Conceptual Illustration of Switch Memory Operation Running Config File Controls switch operation When the switch reboots the contents of this file are erased and replaced by the contents of the startup config file Startup Config File Preserves the most recently saved configuration t...

Page 93: ... one or more changes to the running config file creates a new operating configuration Saving a new configuration meansto overwrite replace thecurrentstartup config file with the current running config file This means that if the switch subsequently reboots for any reason it will resume operation using the new configuration instead of the configuration previously defined in the startup config file ...

Page 94: ...nfig file then the switch prompts you to save the change For example if you use the CLI to create VLAN 20 and then select the menu interface VLAN 20 is configured in the running config file but not in the startup config file In this case you will see HPswitch config vlan 20 HPswitch config menu Do you want to save current configuration y n If you type Y the switch overwrites the startup config fil...

Page 95: ...igurations are the same you will see Running configuration is the same as the startup configuration If the two configurations are different you will see Running configuration has been changed and needs to be saved N ot e Show config show running config and write terminal commands display the configuration settings that differ from the switch s factory default configura tion How To Use the CLI To R...

Page 96: ... now saved in the startup config file and the startup config and running config files are identical If you subsequently reboot the switch the auto 10 mode configuration on port A5 will remain because it is included in the startup config file How To Cancel Changes You Have Made to the Running Config File If you use the CLI to change parameter settings in the running config file and then decide that...

Page 97: ...artup config file That is if you use the CLI to change a parameter setting but then reboot the switch from either the CLI or the menu interface without first executing the write memory command in the CLI the current startup config file will replace the running config file and any changes in the running config file will be lost Using the Save command in the menu interface does not save a change mad...

Page 98: ...y default config uration and reboot the switch Press N to retain the current configuration and prevent a reboot Using the Menu and Web Browser Interfaces To Implement Configuration Changes The menu and web browser interfaces offer these advantages Quick easy menu or window access to a subset of switch configuration features See the Menu Features List on page 2 14 and the web browser General Featur...

Page 99: ... under Rebooting To Activate Configuration Changes on page 5 11 Using Save and Cancel in the Menu Interface For any configuration screen in the menu interface the Save command 1 Implements the changes in the running config file 2 Saves your changes to the startup config file If you decide not to save and implement the changes in the screen select Cancel to discard them and continue switch operatio...

Page 100: ... execute write memory in the CLI before rebooting the switch Rebooting from the Menu Interface Terminates the current session and performs a reset of the operating system Activates any configuration changes that require a reboot Resets statistical counters to zero Note that statistical counters can be reset to zero without rebooting the switch See Displaying Port Counters on To Display the Port Co...

Page 101: ...arameter values for the Maximum VLANs to support parameter an asterisk appears next to the VLAN Support entry in the VLAN Menu screen and also next to the the Switch Configuration entry in the Main menu as shown in figure 4 6 Figure 5 6 Indication of a Configuration Change Requiring a Reboot Using the Web Browser Interface To Implement Configuration Changes You can use the web browser interface to...

Page 102: ... OS system image file With the Primary Secondary flash option you can test a new image in your system without having to replace a previously existing image You can also use the image options for troubleshooting For example you can copy a problem image into Secondary flash for later analysis and place another proven image in Primary flash to run your system The switch can use only one image at a ti...

Page 103: ...condary images are identical This command provides a comparison of flash image sizes plus the boot ROM version and from which flash image the switch booted For example in the following case the images are different versions of the OS software flash image and the switch is running on the version stored in the secondary flash image Figure 5 8 Example Showing Different Flash Image Versions Determinin...

Page 104: ...ve different copy commands plus xmodem and tftp These topics are covered in Chapter A File Transfers Download Interruptions In most cases if a power failure or other cause interrupts a flash image download the switch reboots with the image previ ously stored in primary flash In the unlikely event that the primary image is corrupted asa resultofaninterruption the switch will rebootfromsecondary 1 I...

Page 105: ...g an OS Image from One Flash Location to Another When you copy the flash image from primary to secondary or the reverse the switch overwrites the file in the destination location with a copy of the file from the source location This means you do not have to erase the current image at the destination location before copying in a new image Ca ut ion Verify that there is an acceptable OS image in the...

Page 106: ...primary or second ary ensure that you have a valid OS file in the other flash image location secondary orprimary Ifthe switch hasonlyone flash imageloaded in either primary or secondary flash and you erase that image then the switch does not have an OS stored in flash In this case if you do not reboot or power cycle the switch you can recover by using xmodem or tftp to download another OS Syntax e...

Page 107: ...errent in a dual flash image system Generally using boot provides more comprehensive self testing using reload gives you a faster reboot time Table 5 2 Comparing the Boot and Reload Commands The prompt shows which flash location will be erased Actions Included In Boot Included In Reload Note Save all configuration changes since the last boot or reload Optional with prompt Yes automatic Config chan...

Page 108: ... display Boot from primary flash Booting from a Specified Flash This version of the boot command gives you the option of specifying whether to reboot from primary or secondary flash and is the required command for rebooting from secondary flash This option also executes the complete set of subsystem self tests Syntax boot system flash primary secondary For example to reboot the switch from seconda...

Page 109: ... Changes Operating Notes Default Boot Source The switch reboots from primary flash by default unless you specify the secondary flash Boot Attempts from an Empty Flash Location In this case the switch aborts the attempt and displays Image does not exist Operation aborted Interaction of Primary and Secondary Flash Images with the Current Configuration The switch has one startup config file page 5 2 ...

Page 110: ...nd Secondary Flash Image Options while using a version Y of the OS and then reboot the switch with an earlier OS version X that does not include all of the features found in Y the OS simply ignores the parameters for any features that it does not support ...

Page 111: ...ss 6 5 Denying Interface Access by Terminating Remote Management Sessions 6 8 System Information 6 9 Menu Viewing and Configuring System Information 6 10 CLI Viewing and Configuring System Information 6 11 Web Configuring System Parameters 6 14 Using Friendly Optional Port Names 6 15 Configuring and Operating Rules for Friendly Port Names 6 15 Configuring Friendly Port Names 6 16 Displaying Friend...

Page 112: ... to Chapter 2 Using the Menu Interface Chapter 3 Using the Command Line Interface CLI Chapter 4 Using the HP Web Browser Interface Why Configure Interface Access and System Information The inter face access features in the switch operate properly by default However you can modify or disable access features to suit your particular needs Similarly you can choose to leave the system information param...

Page 113: ...agers However if unauthorized access to the switch through in band means Telnet or the web browser interface then you can disallow in band access as described in this section and install the switch in a locked environment Feature Default Menu CLI Web Inactivity Time 0 Minutes disabled page 6 4 page 6 6 Inbound Telnet Access Enabled page 6 4 page 6 5 Outbound Telnet Access n a page 6 6 Web Browser ...

Page 114: ...rom the Main Menu Select 2 Switch Configuration 1 System Information Figure 6 1 The Default Interface Access Parameters Available in the Menu Interface 2 Press E for Edit The cursor moves to the System Name field 3 Use the arrow keys v to move to the parameters you want to change Refer to the online help provided with this screen for further information on configuration options for these features ...

Page 115: ...console This example shows the switch s default console serial configuration Figure 6 2 Listing of Show Console Command Reconfigure Inbound Telnet Access In the default configuration inbound Telnet access is enabled Syntax no telnet server To disable inbound Telnet access HPswitch config no telnet server To re enable inbound Telnet access HPswitch config telnet server show console below no telnet ...

Page 116: ...gure one or more console parameters with one console command Syntax console terminal vt100 ansi screen refresh 1 3 5 10 20 30 45 60 baud rate speed sense 1200 2400 4800 9600 19200 38400 57600 flow control xon xoff none inactivity timer 0 1 5 10 15 20 30 60 120 events none all non info critical debug N ot e If you change the Baud Rate or Flow Control settings for the switch you should make the corr...

Page 117: ...ce Figure 6 3 Example of Executing the Console Command with Multiple Parameters You can also execute a series of console commands and then save the configuration and boot the switch For example Figure 6 4 Example of Executing a Series of Console Commands TheswitchimplementstheEventLogchangeimmediately Theswitchimplements the other console changes after executing write memory and reload Configure t...

Page 118: ...s and kill to terminate a currently running remote session Kill does not terminate a Console session on the serial port either through a direct connection or via a modem Syntax kill session number For example if you are using the switch s serial port for a console session and want to terminate a currently active Telnet session you would do the follow ing Figure 6 5 Example of Using the Kill Comman...

Page 119: ...s a MAC address the switch has learned remains in the switch s address table before being aged out deleted Aging out occurs when there has been no traffic from the device belonging to that MAC address for the configured interval Time Sync Method Selects the method TimeP or SNTP the switch will use for time synchronization For more on this topic refer to Chapter 8 Time Protocols Feature Default Men...

Page 120: ...is None For more on this topic see appendix D Daylight Savings Time on HP ProCurve Switches Time Used in the CLI to specify the time of day the date and other system parameters Menu Viewing and Configuring System Information To access the system information parameters 1 From the Main Menu Select 2 Switch Configuration 1 System Information Figure 6 6 The System Information Configuration Screen Defa...

Page 121: ... Main Menu CLI Viewing and Configuring System Information System Information Commands Used in This Section Listing the Current System Information Thiscommandliststhecurrent system information settings Syntax show system information This example shows the switch s default console configuration Figure 6 7 Example of CLI System Information Listing show system information below hostname below snmp ser...

Page 122: ...me name string snmp server contact system contact location system location Both fields allow up to 48 characters Blank spaces are not allowed in the variables for these commands For example to name the switch Blue with Ext 4474 as the system contact and North Data Room as the location Figure 6 8 System Information Listing After Executing the Preceding Commands New hostname contact and location dat...

Page 123: ...r defined Eest of the 0 meridian the sign is West of the 0 meridian the sign is For example the time zone setting for Berlin Germany is 60 zone 1 or 60 minutes and the time zone setting for Vancouver Canada is 480 zone 8 or 480 minutes To configure the time zone anddaylighttime rule for Vancouver Canada HPswitch config time timezone 480 daylight time rule continental us and canada Configure the Ti...

Page 124: ...tion System Contact For access to the MAC Age Interval and the Time parameters use the menu interface or the CLI Configure System Parameters in the Web Browser Interface 1 Click on the Configuration tab 2 Click on System Info 3 Enter the data you want in the displayed fields 4 Implement your new data by clicking on Apply Changes To access the web based help provided for the switch click on in the ...

Page 125: ...how config and showinterface port number commands They do not appear in the output of other show commands or in Menu interface screens See Displaying Friendly Port Names with Other Port Data on page 6 18 Friendly port names are not a substitute for port numbers in CLI com mands or Menu displays Trunking ports together does not affect friendly naming for the individual ports If you want the same na...

Page 126: ...e the write memory command Configuring Friendly Port Names Syntax interface e port list name port name string Assigns a port name to port list no interface e port list nameDeletes the port name from port list Configuring a Single Port Name Suppose that you have connected port A3 on the switch to Bill Smith s workstation and want to assign Bill s name and workstation IP address 10 25 101 73 as a po...

Page 127: ...iguring the Same Name for Multiple Ports Suppose that you want to use ports A5 through A8 as a trunked link to a server used by a drafting group In this case you might configure ports A5 through A8 with the name Draft Server Trunk Figure 6 10 Example of Configuring One Friendly Port Name on Multiple Ports ...

Page 128: ... the traffic statistics for that port The friendly port name data comes from the running config file show config Includes friendly port names in the per port data of the resulting configuration listing show config data comes from the startup config file To List All Ports or Selected Ports with Their Friendly Port Names This command lists names assigned to a specific port Syntax show name port list...

Page 129: ...atically included when you display the port s statistics output Syntax show interface port number Includes the friendly port name with the port s traffic statistics listing For example if you configure port A1 with the name O Connor_10 25 101 43 the show interface output for this port appears similar to the following Figure 6 13 Example of a Friendly Port Name in a Per Port Statistics Listing Port...

Page 130: ...riendly port names in a listing of all interfaces ports configured with non default settings Excludes ports that have neither a friendly port name nor any other non default configuration settings For example if you configure port A1 with a friendly port name Figure 6 14 Example Listing of the Startup Config File with a Friendly Port Name Configured and Saved This command sequence saves the friendl...

Page 131: ...enu Configuring IP Address Gateway and Time To Live TTL 7 5 CLI Configuring IP Address Gateway and Time To Live TTL 7 7 Web Configuring IP Addressing 7 9 How IP Addressing Affects Switch Operation 7 9 DHCP Bootp Operation 7 10 Network Preparations for Configuring DHCP Bootp 7 13 IP Preserve Retaining VLAN 1 IP Addressing Across Configuration File Downloads 7 14 Globally Assigned IP Network Address...

Page 132: ...out overwriting each switch s unique gateway and VLAN 1 IP addressing Why Configure IP Addressing In its factory default configuration the switch operates as a multiport learning bridge with network connectivity provided by the ports on the switch However to enable specific management access and control through your network you will need IP addressing Table 7 1 on page 7 10 shows the switch featur...

Page 133: ...required when a router is needed for tasks such as reaching off subnet destinations or forward ing traffic across multiple VLANs The gateway value is the IP address of the next hop gateway node for the switch which is used if the requested destina tion address is not on a local subnet VLAN If the switch does not have a manually configured default gateway and DHCP Bootp is configured on the primary...

Page 134: ...dressing to the DEFAULT_VLAN N ot e s If multiple VLANs are configured then each VLAN can have its own IP address This is because each VLAN operates as a separate broadcast domain and requires a unique IP address and subnet mask A default gateway IP address for the switch is optional but recommended In the factory default configuration the default VLAN named DEFAULT_VLAN is the switch s primary VL...

Page 135: ...d See chapter 14 HP Procurve Stack Management for more information Menu Configuring IP Address Gateway and Time To Live TTL Do one of the following To manually enter an IP address subnet mask set the IPConfig parameter to Manual and then manually enter the IP address and subnetmask values you want for the switch To use DHCP or Bootp use the menu interface to ensure that the IP Config parameter is ...

Page 136: ...select IP Config and do one of the following If you want to have the switch retrieve its IP configuration from a DHCP or Bootp server at the IP Config field keep the value as DHCP Bootp and go to step 8 If you want to manually configure the IP information use the Space bar to select Manual and use the T ab key to move to the other IP configuration fields 6 Select the IP Address field and enter the...

Page 137: ...red the IP addressing is listed per VLAN The display includes switch wide packet time to live and if config ured the switch s default gateway and Timep configuration Syntax show ip For example in the factory default configuration no IP addressing assigned the switch s IP addressing appears as Figure 5 2 Example of the Switch s Default IP Addressing With multiple VLANs and some other features confi...

Page 138: ...eate the default IP address setting is Disabled Syntax vlan vlan id ip address ip address mask length or vlan vlan id ip address ip address mask bits or vlan vlan id ip address dhcp bootp This example configures IP addressing on the default VLAN with the subnet mask specified in mask bits HPswitch config vlan 1 ip address 10 28 227 103 255 255 255 0 This example configures the same IP addressing a...

Page 139: ...ration tab 2 Click on IP Configuration 3 If you need further information on using the web browser interface click on to access the web based help available for the Switch 2512 2524 How IP Addressing Affects Switch Operation Without an IP address and subnet mask compatible with your network the switch can be managed only through a direct terminal device connection to the Console RS 232 port You can...

Page 140: ...terface Stacking Candidate or Stack Member DHCP or Bootp support for automatic IP address configuration and DHCP support for automatic Timep server IP address configuration Spanning Tree Protocol Port settings and port trunking Console based status and counters information for monitoring switch operation and diagnosing problems through the CLI or menu interface VLANs and GVRP Serial downloads of o...

Page 141: ...tinues to periodically send request packets but with decreasing frequency Thus if a DHCP or Bootp server is not available or accessible to the switch when DHCP Bootp is first configured the switch may not immediately receive the desired configuration After verifying that the server has become accessible to the switch reboot the switch to re start the process immediately DHCP Operation A significan...

Page 142: ...gured in the switch would be similar to this entry j4108switch ht ether ha 0030c1123456 ip 10 66 77 88 sm 255 255 248 0 gw 10 66 77 1 hn vm rfc1048 An entry in the Bootp table file etc bootptab to tell the switch or VLAN where to obtain a configuration file download would be similar to this entry j4108switch ht ether ha 0030c1123456 ip 10 66 77 88 sm 255 255 248 0 gw 10 66 77 1 lg 10 22 33 44 T144...

Page 143: ...t VLAN affects the switch s use of information received via DHCP Bootp For more on this topic see The Primary VLAN on page 11 6 After you reconfigure or reboot the switch with DHCP Bootp enabled in a network providing DHCP Bootp service the switch does the following Receives an IP address and subnet mask and if configured in the server a gateway IP address and the address of a Timep server If the ...

Page 144: ... The switch adopts all other configuration parameters in the configuration file into the startup config file If the switch s current IP addressing for VLAN 1 is from a DHCP server IP Preserve is suspended In this case whatever IP addressing the config uration file specifies is implemented when the switch downloads the file and reboots If the file includes DHCP Bootp as the IP addressing source for...

Page 145: ...itch 4 will be configured to acquire its IP addressing from a DHCP server Entering ip preserve in the last line of a configuration file implements IP Preserve when the file is downloaded to the switch and the switch reboots Switch 4 VLAN 1 DHCP Switch 3 VLAN 1 10 31 22 103 Switch 1 VLAN 1 10 31 22 101 DHCP Server Switch 2 VLAN 1 10 31 22 102 config IP Address Switches 1 through 3 copy and implemen...

Page 146: ...retain their manually assigned IP addressing However switch 4 will be configured with the IP addressing included in the file Using figure 7 5 above switches 1 3 ignore these entries because the file implements IP Preserve and their current IP addressing was not acquired through DHCP Bootp Switch 4 ignores IP Preserve and implements the DHCP Bootp addressing and IP Gateway specified in this file be...

Page 147: ...when it downloads the configuration file and implements whatever IP addressing instructions are in the configuration file If the switch did not receive its most recent VLAN 1 IP addressing from a DHCP Bootpserver itretainsitscurrentIPaddressing whenitdownloads the configuration file The content of the downloaded configuration file determines the IP addresses and subnet masks for other VLANs Becaus...

Page 148: ...izations For more information refer to the latest edition of Internetworking with TCP IP Principles Protocols and Architecture by Douglas E Comer Prentice Hall Inc publisher Country Phone Number E Mail URL Organization Name Address United States Countries not in Europe or Asia Pacific 1 310 823 9358 icann icann org http www icann org The Internet Corporation for Assigned Names and Numbers ICANN 46...

Page 149: ...and Configuring SNTP 8 8 Viewing the Current SNTP Configuration 8 8 Configuring Enabling or Disabling the SNTP Mode 8 9 TimeP Viewing Selecting and Configuring 8 13 Menu Viewing and Configuring TimeP 8 14 CLI Viewing and Configuring TimeP 8 16 Viewing the Current TimeP Configuration 8 16 Configuring Enabling or Disabling the TimeP Mode 8 17 SNTP Unicast Time Polling with Multiple SNTP Servers 8 20...

Page 150: ...any time In the factory default configuration the time synchronization option is set to TimeP with the TimeP mode itself set to Disabled TimeP Time Synchronization You can either manually assign the switch to use a TimeP server or use DHCP to assign the TimeP server In either case the switch can get its time synchro nization updates from only one designated Timep server This option enhances securi...

Page 151: ...mmand This option provides increased security over the Broadcast mode by specifying which time server to use instead of using the first one detected through a broadcast Overview Selecting a Time Synchronization Protocol or Turning Off Time Protocol Operation General Steps for Running a Time Protocol on the Switch 1 Select the time synchronization protocol SNTP or TimeP the default 2 Enable the pro...

Page 152: ... screen of the Menu interface set the Time Synch Method parameter to None then press Enter then S for Save In the Global config level of the CLI execute no timesync SNTP Viewing Selecting and Configuring SNTP Feature Default Menu CLI Web view the SNTP time synchronization configuration n a page 8 5 page 8 8 select SNTP as the time synchronization method timep page 8 6 page 8 9 ff disable time sync...

Page 153: ... ignores any others However if the Poll Interval expires three times without the switch detecting a time update from the original server it the switch accepts a broadcast time update from the next server it detects Poll Interval seconds In Unicast Mode Specifies how often the switch polls the designated SNTP server for a time update In Broadcast Mode Specifies how often the switch polls the networ...

Page 154: ...select SNTP then press v once to display and move to the SNTP Mode field 5 Do one of the following Use the Space bar to select the Broadcast mode then press v to move the cursor to the Poll Interval field and go to step 6 For Broadcast mode details see SNTP Operating Modes on page 8 2 Use the Space bar to select the Unicast mode then do the following i Press to move the cursor to the Server Addres...

Page 155: ...and testing SNTP operation to determine whether any change is necessary Note Using the menu to enter the IP address for an SNTP server when the switch already has one or more SNTP servers config ured causes the switch to delete the primary SNTP server from the server list and to select a new primary SNTP server from the IP address es in the updated list For more on this topic see SNTP Unicast Time...

Page 156: ...nfigured the switch with SNTP as the time synchroni zation method then enabled SNTP in broadcast mode with the default poll interval show sntp lists the following Figure 8 2 Example of SNTP Configuration When SNTP Is the Selected Time Synchronization Method In the factory default configuration where TimeP is the selected time synchronization method show sntp still lists the SNTP configuration even...

Page 157: ...p server ip addr Required only for unicast mode page 8 10 sntp poll interval 30 720 Enabling the SNTP mode also enables the SNTP poll interval default 720 seconds page 8 12 Enabling SNTP in Broadcast Mode Becausethe switch providesan SNTP polling interval default 720 seconds you need only these two commands for minimal SNTP broadcast configuration Syntax timesync sntp Selects SNTP as the time sync...

Page 158: ...replace an existing Unicast server with another To add a second or third server you must use the CLI For more on SNTP operation with multiple servers see SNTP UnicastTime Polling with Multiple SNTP Servers on page 20 Syntax timesync sntp Selects SNTP as the time synchronization method sntp unicast Configures the SNTP mode for Unicast operation sntp server ip addr version Specifies the SNTP server ...

Page 159: ...r and accepts the current SNTP server version default 3 Figure 8 5 Example of Configuring SNTP for Unicast Operation If the SNTP server you specify uses SNTP version 4 or later use the sntp server command to specify the correct version number For example suppose you learned that SNTP version 4 was in use on the server you specified above IP address 10 28 227 141 You would use the following command...

Page 160: ...Synchronization Without Changing the SNTP Configuration The recommended method for disabling time synchroniza tion is to use the timesync command This halts time synchronization without changing your SNTP configuration Syntax no timesync For example suppose SNTP is running as the switch s time synchronization protocol with Broadcast as the SNTP mode and the factory default polling interval You wou...

Page 161: ...d disables time synchronization on the switch Figure 8 8 Example of Disabling Time Synchronization by Disabling the SNTP Mode TimeP Viewing Selecting and Configuring Even though the Time Sync Mode is set to Sntp time synchronization is disabled because no sntp has disabled the SNTP Mode parameter TimeP Feature Default Menu CLI Web view the Timep time synchronization configuration n a page 8 14 pag...

Page 162: ...p server IP address via DHCP If the switch receives a server address it polls the server for updates according to the Timep poll interval Ifthe switch does notreceive a Timep server IP address itcannot perform time synchronization updates Manual When Timep is selected as the time synchronization method the switch attempts to poll the specified server for updates according to the Timep poll interva...

Page 163: ... bar to select TIMEP then press v once to display and move to the TimeP Mode field 5 Do one of the following Use the Space bar to select the DHCP mode then press v to move the cursor to the Poll Interval field and go to step 6 Use the Space bar to select the Manual mode i Press to move the cursor to the Server Address field ii Enter the IP address of the TimeP server you want the switch to use for...

Page 164: ...l configuration in both the startup config and running config files CLI Viewing and Configuring TimeP CLI Commands Described in this Section Thissection describeshowto use the CLIto view enable andconfigure TimeP parameters Viewing the Current TimeP Configuration This command lists both the time synchronization method TimeP SNTP or None and the TimeP configuration even if SNTP is not the selected ...

Page 165: ...onfigure it for either broadcast or unicast mode Remember that to run TimeP as the switch s time synchronization protocol you must also select TimeP as the time synchronization method by using the CLI timesync command or the Menu interface Time Sync Method parameter Syntax timesync timep Selects TimeP as the time protocol ip timep dhcp manual Enables the selected TimeP mode no ip timep Disables th...

Page 166: ...he switch allows only one TimeP server To enable the TimeP protocol Syntax timesync timep Selects Timep ip timep manual ip addr Activates TimeP in Manual mode with a specified TimeP server no ip timep Disables TimeP Note To change from one TimeP server to another you must 1 use the no ip timep command to disable TimeP mode and then reconfigure TimeP in Manual mode with the new server IP address sh...

Page 167: ...fault is 720 minutes and the range is 1 to 9999 minutes This parameter is separate from the poll interval parameter used for SNTP operation Syntax ip timep dhcp interval 1 9999 ip timep manual interval 1 9999 For example to change the poll interval to 60 minutes HPswitch config ip timep interval 60 Disabling Time Synchronization Without Changing the TimeP Configuration The recommended method for d...

Page 168: ...tion as shown below and disables time synchronization on the switch Figure 8 15 Example of Disabling Time Synchronization by Disabling the TimedP Mode Parameter SNTPUnicastTimePollingwithMultiple SNTP Servers When running SNTP unicast time polling as the time synchronization method the switch requests a time update from the server you configured with either the Server Address parameter in the menu...

Page 169: ... the second lowest decimal value assigned as the next address and the third lowest decimal value as the last address If the first octet is the same between two of the addresses the second octet is compared and so on For example Adding and Deleting SNTP Server Addresses Adding Addresses As mentioned earlier you can configure one SNTP server address using either the Menu interface or the CLI To conf...

Page 170: ...dresses and you delete one of them the switch re orders the address priority See Address Prioritization on page 21 Syntax no sntp server ip addr For example to delete the primary address in the above example and automatically convert the secondary address to primary HPswitch config no sntp server 10 28 227 141 Menu Interface Operation with Multiple SNTP Server Addresses Configured When you use the...

Page 171: ...terface to add 10 28 227 160 the new prioritized list will be SNTP Messages in the Event Log If an SNTP time change of more than three seconds occurs the switch s event log records the change SNTP time changes of less than three seconds do not appear in the Event Log New Address List Address Status 10 28 227 153 New Primary The former primary 10 28 227 141 was deleted when you used the menu to add...

Page 172: ...8 24 Time Protocols SNTP Messages in the Event Log ...

Page 173: ...Trunk Group 9 16 CLI Viewing and Configuring a Static or Dynamic Port Trunk Group 9 18 Web Viewing Existing Port Trunk Groups 9 24 Trunk Group Operation Using LACP 9 25 Trunk Group Operation Using the Trunk Option 9 30 Trunk Operation Using the FEC Option 9 30 How the Switch Lists Trunk Data 9 31 Outbound Traffic Distribution Across Trunked Links 9 31 Configuring Port Based Priority for Incoming P...

Page 174: ...nbound traffic that either carries an 802 1Q VLAN tag with a priority of 0 zero or is not a tagged VLAN packet ViewingPortStatusandConfiguringPort Parameters Port Status and ConfigurationFeatures Note On Connecting Transceivers to Fixed Configuration Devices If the switch either fails to show a link between an installed transceiver and another device or demonstrates errors or other unexpected beha...

Page 175: ...tion half duplex or full duplex Note Ensure that the device attached to the port is configured for the same setting that you select here Also if Auto is used the device to which the port is connected must operate in compliance with the IEEE 802 3u Auto Negotiation standard for 100Base T networks If the other device does not comply with the 802 3u standard or is not set to Auto then the port config...

Page 176: ...Flow Control Disabled default The portwill notgenerate flowcontrol packets and dropsany flow control packets it receives Enabled The port uses 802 3x Link Layer Flow Control generates flow control packets and processes received flow control packets Withtheportmode setto Auto the default and FlowControl enabled the switchnegotiates FlowControl on the indicated port If the port mode is not set to Au...

Page 177: ...e menu interface displays the status for ports and if configured a trunk group From the Main Menu select 1 Status and Counters 4 Port Status Figure 9 1 Example of the Port Status Screen Using the Menu To Configure Ports N ot e The menu interface uses the same screen for configuring both individual ports and port trunk groups For information on port trunk groups see Port Trunking on page 9 10 1 Fro...

Page 178: ...nter then press S for Save CLI Viewing Port Status and Configuring Port Parameters Port Status and Configuration Commands From the CLI you can configure and view all port parameter settings and view all port status indicators Using the CLI To View Port Status Use the following commands to dis play port status and configuration show interfaces brief Lists the full status and configuration for all p...

Page 179: ...and Configuring Port Parameters Syntax show interfaces brief show interface config The next two figures list examples of the output of the above two commands for the same port configuration Figure 9 3 Example of a Show Interface Command Listing Figure 9 4 Example of a Show Interface Config Command Listing ...

Page 180: ...ure a single port with the settings in the above command you could either enter the same command with only the one port identified or go to the context level for that port and then enter the command For example to enter the context level for port C6 and then configure that port for 100FDx HPswitch config int e c6 HPswitch eth C6 speed duplex 100 full If port C8 was disabled and you wanted to enabl...

Page 181: ...h show config Displays the startup config file The broadcast limit setting appears here if configured and saved to the startup config file HPswitch show running config Displays the running config file Web Viewing Port Status and Configuring Port Parameters In the web browser interface 1 Click on the Configuration tab 2 Click on Port Configuration 3 Select the ports you want to modify and click on ...

Page 182: ...t of up to four ports configured as members of the same port trunk Note that the ports in a trunk group do not have to be consecutive For example Figure 9 5 Conceptual Example of Port Trunking Feature Default Menu CLI Web viewing port trunks n a page 9 16 page 9 18 page 9 24 configuring a static trunk group none page 9 16 page 9 22 configuring a dynamic LACP trunk group LACP passive page 9 23 Swit...

Page 183: ...hat are later added to a trunk group the switch will reset the port security parameters for those ports to the factory default configuration Ca ut ion To avoid broadcast storms or loops in your network while configuring a trunk first disable or disconnect all ports you want to add to or remove from the trunk After you finish configuring the trunk enable or re connect the ports Series 4100GL switch...

Page 184: ...ther device use the interface ethernet command in the CLI to set the default LACP option to Active on the ports you want to use for the trunk For example the following command sets ports C1 C4 to LACP active HPswitch config int e c1 c4 lacp active Note that the above example works if the ports are not already operating in a trunk To change the LACP option on ports already operating as a trunk you ...

Page 185: ...trunk group to operate in a VLAN other than the default VLAN and GVRP is disabled Refer to VLANs and Dynamic LACP on page 9 29 You want to use a monitor port on the switch to monitor an LACP trunk See Trunk Group Operation Using LACP on page 9 25 Trunk non protocol Provides manually configured static only trunking to Most HP switches and routing switches not running the 802 3ad LACP protocol Windo...

Page 186: ...lowing operate on a per port basis regardless of trunk membership Enable Disable Flow control Flow Ctrl LACP is a full duplex protocol See Trunk Group Operation Using LACP on page 9 25 Trunk Configuration All ports in the same trunk group must be the same trunk type LACP Trunk or FEC All LACP ports in the same trunk group must be either all static LACP or all dynamic LACP A trunk appears as a sing...

Page 187: ...runked port Note that the switch lists the trunk by name such as Trk1 and does not list the individual ports in the trunk Also creating a new trunk automatically places the trunk in IGMP Auto status if IGMP is enabled for the default VLAN A dynamic LACP trunk operates only with the default IGMP settings and does not appear in the IGMP configuration display or show ip igmp listing VLANs Creating a ...

Page 188: ...r Configure Static Port Trunking This procedure uses the Port Trunk Settings screen to configure a static port trunk group on the switch 1 Follow the procedures in the Important note above 2 From the Main Menu Select 2 Switch Configuration 2 Port Trunk Settings 3 Press E for Edit and then use the arrow keys to access the port trunk parameters Figure 9 6 Example of the Menu Screen for Configuring a...

Page 189: ...2 1Q VLAN capability built into the switch more than one VLAN can be assigned to a trunk See Port Based Virtual LANs Static VLANs on page 11 3 To return a port to a non trunk status keep pressing the Space bar until a blank appears in the highlighted Group value for that port Figure 9 7 Example of the Configuration for a Two Port Trunk Group 6 Move the cursor to the Type column for the selected po...

Page 190: ...ed ports are operating properly CLI Viewing and Configuring a Static or Dynamic Port Trunk Group Trunk Status and Configuration Commands Using the CLI To View Port Trunks You can list the trunk type and group for all ports on the switch or for selected ports You can also list LACP only status information for LACP configured ports Listing Static Trunk Type and Group for All Ports or Selected Ports ...

Page 191: ...runks The show trunks e port list command in the above example includes a port list and thus shows trunk group information only for specific ports that have membership in a static trunk In figure 9 9 9 the command does not include a port list so the switch lists all ports having static trunk membership Figure 9 9 Example of a Show Trunk Listing Without Specifying Ports Port A5 appears with an exam...

Page 192: ...y Links Dynamic LACP trunking enables you to configure standby links for a trunk by including more than four ports in a dynamic LACP trunk configuration When four ports trunk links are up the remaining link s will be held in standby status If a trunked link that is Up fails it will be replaced by a standby link which maintains your intended bandwidth for the trunk See also the Standby entry under ...

Page 193: ...to connect the ports before configuring them for trunking you can temporarily disable the ports until the trunk is configured See Using the CLI To Configure Ports on page 9 8 On the Series 4100GL switches you can configure up to six port trunk groups having up to four links each with additional standby links if you re using LACP You can configure trunk group types as follows The following examples...

Page 194: ...e group name of Trk2 HPswitch config trunk trk2 trunk c4 c6 Removing Ports from a Static Trunk Group This command removes one or more ports from an existing Trkx trunk group Ca ut ion Removing a portfrom a trunk can resultin a loopand cause a broadcaststorm Whenyou remove a portfrom a trunkwhere STPisnotin use HP recommends that you first disable the port or disconnect the link on that port Syntax...

Page 195: ...onfigured for LACP Passive Figure 9 12 Example of Criteria for Automatically Forming a Dynamic LACP Trunk Syntax interface port list lacp active This example uses ports C4 and C5 to enable a dynamic LACP trunk group HPswitch config interface c4 c5 lacp active Switch A withportsset to LACP passive the default Switch B withportsset to LACP passive the default Dynamic LACP trunk cannot automatically ...

Page 196: ... recommends that you first disable the port or disconnect the link on that port Syntax no interface port list lacp In this example port C6 belongs to an operating dynamic LACP trunk To remove port C6 from the dynamic trunk and return it to passive LACP you would do the following HPswitch config no interface c6 lacp HPswitch config interface c6 lacp passive Note that in the above example if the por...

Page 197: ...AN unless GVRP is enabledand Forbid isused topreventthe trunked ports from joining the default VLAN Thus if an LACP dynamic port forms using ports that are not in the default VLAN the trunk will automatically move to the default VLAN unless GVRP operation is configured to prevent this from occurring In some cases this can create a traffic loop in your network For more on this topic refer to VLANs ...

Page 198: ... fails To configure a link as a standby for an existing four port dynamic LACP trunk ensure that the ports in the standby link are configured the same as either of the above examples Displaying Dynamic LACP Trunk Data To list the configuration and status for a dynamic LACP trunk use the CLI show lacp command Note The dynamic trunk is automatically created by the switch and is not listed in the sta...

Page 199: ... The port has an active LACP link and is not blocked or in Standby mode Down The port is enabled but an LACP link is not established This can indicate for example a port that is not connected to the network or a speed mismatch between a pair of linked ports Disabled The port cannot carry traffic Blocked LACP STP or FEC has blocked the port The port is not in LACP Standby mode This may be due to a ...

Page 200: ...nd 802 1x cannot be run together HPswitch config To restore LACP to the port you must first remove the port s 802 1x configu ration and then re enable LACP active or passive on the port Port Security Configured on a Port To maintain security LACP is not allowed on ports configured for port security If you configure port security on a port on which LACP active or passive is configured the switch re...

Page 201: ...ning the default VLAN If you want to use LACP for a trunk on a non default VLAN and GVRP is disabled configure the trunk as a static trunk If there are ports that you do not want on the default VLAN ensure that they cannot become dynamic LACP trunk members Otherwise a traffic loop can unexpectedly occur For example Figure 9 13 A Dynamic LACP Trunk Forming in a VLAN Can Cause a Traffic Loop Easy co...

Page 202: ... will be ignored Trunk Group Operation Using the Trunk Option This method creates a trunk group that operates independently of specific trunking protocols and does not use a protocol exchange with the device on the other end of the trunk With this choice the switch simply uses the SA DA method of distributing outbound traffic across the trunked ports without regard for how that traffic is handled ...

Page 203: ...Switch Lists Trunk Data Static Trunk Group Appears in the menu interface and the output from the CLI show trunk and show interfaces commands Dynamic LACP Trunk Group Appears in the output from the CLI show lacp command Outbound Traffic Distribution Across Trunked Links All three trunk group options LACP Trunk and FEC use source destination address pairs SA DA for distributing outbound traffic over...

Page 204: ...nts are evenly distributed across the links in a trunk In actual networking environments this is rarely a problem However if it becomes a problem you can use the HP TopTools for Hubs Switches network management software available from Hewlett Packard to quickly and easily identify the sources of heavy traffic top talkers and make adjustments to improve performance Broadcasts multicasts and floods ...

Page 205: ...d packets as Normal priority level 0 You can assign a priority level to Inbound untagged VLAN packets Inbound tagged VLAN packets having a priority level of 0 zero The switch does not alter the existing priority level of inbound tagged VLAN packets carrying a priority level of 1 7 Thus for example high priority tagged VLAN traffic received on a port retains its priority in the switch However you h...

Page 206: ... port A10 and leaving the switch through any other port configured as a tagged VLAN member would leave the switch as a tagged packet with a priority level of 1 A tagged packet with an 802 1p priority setting of 0 zero coming into the switch on port A10 and leaving the switch through any other port config ured as a tagged VLAN member would leave the switch as a tagged packet with a priority level o...

Page 207: ...en port when port based priority is configured as 0 7 an inbound tagged packet with a priority of 0 zero adopts the specified priority and is sent to the corresponding outbound queue on the outbound port See table 9 8 Mapping Priority Settings to Device Queues on page 34 If the outbound port is a tagged member of the applicable VLAN then the packet carries a tag with that priority setting to the n...

Page 208: ...or incoming untagged packets or tagged packets arriving with a 0 priority on the designated ports as described under Operating Rules for Port Based Priority above qos priority 0 Returns a port based priority setting to the default 0 for untagged packets received on the designated port s In this state the switch handles the untagged packets with Normal priority Refer to 9 8 on page 9 34 show runnin...

Page 209: ...on page C 7 in the Troubleshooting chap ter Ports A9 A12 are now configured to assign a priority level of 1 Low to untagged incoming traffic Any inbound tagged traffic retains its priority level while transiting the switch Configures port based priorityon ports A9 A12 to 1 Low and saves the configuration changes to the startup config file Message Meaning priority level Unable to create The port s ...

Page 210: ...9 38 Optimizing Traffic Flow with Port Controls Port Trunking and Port Based Priority Configuring Port Based Priority for Incoming Packets ...

Page 211: ...Management RMON 10 12 CDP 10 13 Introduction 10 13 CDP Terminology 10 14 General CDP Operation 10 15 Outgoing Packets 10 15 Incoming CDP Packets 10 16 Configuring CDP on the Switch 10 19 Viewing the Switch s Current CDP Configuration 10 20 Viewing the Switch s Current CDP Neighbors Table 10 20 Clearing Resetting the CDP Neighbors Table 10 21 Configuring CDP Operation 10 22 Effect of Spanning Tree ...

Page 212: ...or the switch Configuring the switches for SNMP Communities page 10 4 Trap Receivers and Authentication Traps page 10 8 Information on advanced management through RMON Support page 10 12 To implement SNMP management the switch must have an IP address configured either manually or dynamically with DHCP or Bootp Ifmultiple VLANs are configured each VLAN interface should have its own IP address For D...

Page 213: ...go hpprocurve Click on software then MIBs Configuring for SNMP Access to the Switch SNMP access requires an IP address and subnet mask configured on the switch See IP Configuration on page 7 3 If you are using DHCP Bootp to configure the switch ensure that the DHCP Bootp process provides the IP address See DHCP Bootp Operation on page 7 10 Once an IP address has been configured the main steps for ...

Page 214: ... unrestricted write access Using SNMP requires that the switch have an IP address and subnet mask compatible with your network Ca ut ion Deleting or changing the community named public prevents network man agement applications such as auto discovery traffic monitoring SNMP trap generation and threshold setting from operating in the switch Changing or deleting the public name also generates an Even...

Page 215: ...r fields 3 Enter the name you want in the Community Name field and use the Space bar to select the appropriate value in each of the other fields Use the T ab key to move from one field to the next 4 Press Enter then S for Save Add and Edit options are used to modify the SNMP options See figure 8 2 Note This screen gives an overview of the SNMP communities that are currently configured All fields i...

Page 216: ...in a switch that is both the defauHPswitchlt public community name and another community named red team Figure 10 3 Example of the SNMP Community Listing with Two Communities To list the data for only one community such as the public community use the above command with the community name included For example HPswitch show snmp server public Community Name Commands Page show snmp server community ...

Page 217: ...tomatically assigns the community to the opertor MIB view If you do not specify restricted or unrestricted the switch auto matically assigns the community to restricted read only access The no form uses only the community name variable and deletes the named community from the switch operator manager Optionally assigns an access level At the operator level the community can access all MIB objects e...

Page 218: ...lic community name these traps will be lost Thresholds The switch automatically sends all messages resulting from thresholds to the network management station s that set the thresholds regardless of the trap receiver configuration In the default configuration there are no trap receivers configured and the authentication trap feature is disabled From the CLI you can configure up to ten SNMP trap re...

Page 219: ...nity name data see SNMP Communities on page 10 4 In the next example the show snmp server command shows that the switch has been previously configured to send SNMP traps to management stations belonging to the public red team and blue team communities Figure 10 4 Example of Show SNMP Server Listing Syntax show snmp server Displays current community and trap receiver data Example of Community Name ...

Page 220: ...ddress this command designates a destination network man agement station for receiving SNMP event log messages from the switch If you do not specify the event level then the switch does not send event log messages as traps You can specify up to 10 trap receivers network management stations Note In all cases the switch sends any threshold trap s to the network management station s that explicitly s...

Page 221: ...d traps if configured will still be sent Using the CLI To Enable Authentication Traps N ot e For this feature to operate one or more trap receivers must be configured on the switch See In the default configuration there are no trap receivers configured and the authentication trap feature is disabled From the CLI you can configure up to ten SNMP trap receivers to receive SNMP traps from the switch ...

Page 222: ...sofpacketsofdifferentframe sizes Alarm History of the supported Ethernet statistics Event The RMON agent automatically runs in the switch Use the RMON manage ment station on your network to enable or disable specific RMON traps and events Note that you can access the Ethernet statistics Alarm and Event groups from the HP TopTools for Hubs Switches network management software For more on TopTools s...

Page 223: ...CDP in Series 4100GL switches you should have a working knowledge ofSNMP operation and an SNMP utility capable of polling the switches for CDP data HP s implementation of CDP places specific data into the switch s Management Information Base MIB However retrieval of this data for network mapping is dependent on the operation of your SNMP utility Refer to the documentation provided with the utility...

Page 224: ...the CDP information from the switch s CDP Neighbors table in the switch s MIB refer to the documentation provided with the particular SNMP utility For information on the object identifiers in the CDP MIB see CDP Neighbor Data and MIB Objects on page 10 26 CDP Terminology CDP Device A switch server router workstation or other device running CDP CDP Aware A device that has CDP in its operating code ...

Page 225: ...P packet out each of its ports to make itself known to other CDP devices to which it is connected Thus each CDP device in the network provides data on itself to the CDP neighbors to which it is directly connected However there are instances where a packet is forwarded beyond the immediate neighbor or simply dropped Switch A with CDP Running The Neighborstable in switches A B and D contain informat...

Page 226: ...ard CDP packets as if they were transparent to CDP operation See CDP Capable Hubs on page 10 29 However an intervening CDP aware device that is CDP disabled is not transparent For example in figure 10 7 the Switch A Series 4100GL Switches with CDP Running and Forwarding CDP Packets to Down stream Devices Switch B CDP Aware Switch with CDP Running Switch C CDP Aware Switch with CDP Disabled Router ...

Page 227: ...a Non CDP Hub or Switch CDP Workstation 2 Host 2 CDP Running Non CDP Device Y Such as a Non CDP Hub or Switch CDP Workstation 3 Host 3 CDP Running CDP Switch B CDP Running CDP Neighbor Table Port Data B1 Switch A data B7 Switch C data No CDP data for Switch D because it has dis abled CDP operation Port A1 Port B1 CDP Switch C CDP Running CDP Neighbor Table Port Data C3 Switch B data Port C3 Port B...

Page 228: ...ble 10 1 How Devices Handle Incoming CDP Packets Non CDP devices that is devices that are not capable of running CDP are transparent to CDP operation However an intervening CDP aware device that is CDP disabled is not transparent For example in figure 10 7 page 10 17 B D and E are not CDP neighbors because D the intervening Note that no CDP devices appear on port B5 which is connected to a device ...

Page 229: ...ds and the timer CDP Transmit Interval is 60 seconds Configuring CDP on the Switch On a Series 4100GL switch you can View the switch s current global and per port CDP configuration List the current contents of the switch s CDP Neighbors table that is view a listing of the CDP devices of which the switch is aware Enable or disable CDP Default Enabled Specify the hold time CDP packet time to live fo...

Page 230: ... s global and per port CDP configura tion CDP Enable Disable on the Switch Packet Hold Time in CDP Neighbor Table Interval for Transmitting Outbound CDP Packets on All Ports Per Port CDP Enable Disable Syntax show cdp neighbors Lists the neighboring CDP devices the switch detects with a subset of the information collected from the device s CDP packet For more on this topic refer to table 10 2 CDP ...

Page 231: ... 10 10 Clearing Resetting the CDP Neighbors Table If you execute cdp clear and then execute show cdp neighbors before the switch receives a CDP packet from any neighbor device the displayed table appears empty HP Series 4100GL Switch HP Switch 2524 HP J4813A Marketing 0030c5 38dc59 Management Workstation Mgmt NIC 099a05 09df9 HP Switch 4000M HP J4821A Research 0060b0 889e43 HP Switch 4000M HP J412...

Page 232: ...ration clears the switch s CDP Neighbors table prevents the switch from transmitting outbound CDP packets to advertise itself to neighboring CDP devices and causes the switch to drop inbound CDPpackets from other devices without entering the data in the CDP Neighbors table For example to disable CDP on the switch HPswitch config no cdp run When CDP is disabled show cdp neighbors displays an empty ...

Page 233: ...it receives from switch B Figure 10 13 Example of Disabling CDP on an Individual Port The switch A entry in the switch B CDP Neighbors table remains until the cdp holdtime time to live set in switch A expires Until then the show cdp neighbors command continues to list switch A on port B5 of switch B Syntax no cdp enable ethernet port list For example to disable CDP on port A1 of a Series 4100GL sw...

Page 234: ... of neighboring CDP devices HPswitch config cdp holdtime 60 Effect of Spanning Tree STP On CDP Packet Transmission If STP has blocked a port on the switch that port does not transmit CDP packets However the portstillreceives CDP packets ifthe device onthe other end of the link has CDP enabled Thus for example if switch A has two ports linked to switch B which is a CDP neighbor and also the STP roo...

Page 235: ... table How the Switch Selects the IP Address To Include in Outbound CDP Packets A switch with CDP enabled uses the following prioritizedcriteria to determine which IP address to include in its outbound CDP packets 1 If only one VLAN on theport has an IP address the switch uses that IP address 2 If the Primary VLAN on the port has an IP address the switch uses the Primary VLAN IP address 3 If 1 and...

Page 236: ...display a listing of the CDP MIB objects Electronically using an SNMP utility designed to search the MIB for CDP data As shown under Viewing the Switch s Current CDP Neighbors Table on page 10 20 you can list a subset of data for each CDP device currently found in the switch s CDP Neighbors table Table 10 2 CDP Neighbors Data describes the CDP Neighbor data set available in the Series 4100GL switc...

Page 237: ...for the System Name parameter Device MAC Address Yes Yes Included in the Device Name entry Destination Port Number Yes Yes On the Series 4100GL switches the receiving device the number of the port through which the CDP packet arrived Source Port Number No Yes On the source neighbor device the number of the port through which the CDP packet was sent Product Name ASCII string Yes Yes Platform name d...

Page 238: ...The Series 4100GL switches use CDP V1 but do not include IP prefix information which is a router function not a switch appli cation Port Trunking with CDP Where a static or LACP trunk forms the link between the switch and another CDP device only one physical link in the trunk is used to transmit outbound CDP packets The first number after the MIB string is the switch port on which the data point f...

Page 239: ...s if the hub itself were transparent to CDP Such hubs will appear in the switch s CDP Neighbor table and will also maintain a CDP neighbor table similar to that for switches For more information refer to the documentation provided for the specific hub Troubleshooting CDP Operation Turnto UsingtheEventLogToIdentify Problem Sources on page C 21 ...

Page 240: ...10 30 Configuring for Network Management Applications CDP ...

Page 241: ... Viewing and Configuring VLAN Parameters 11 21 VLAN Tagging Information 11 22 The Secure Management VLAN 11 26 Effect of VLANs on Other Switch Features 11 30 Spanning Tree Operation with VLANs 11 30 IP Interfaces 11 30 VLAN MAC Addresses 11 31 Port Trunks 11 31 Port Monitoring 11 31 VLAN Restrictions 11 31 GVRP 11 33 General Operation 11 34 Per Port Options for Handling GVRP Unknown VLANs 11 36 Pe...

Page 242: ... them with the switch s built in interfaces Port Based VLANs Page 11 3 GVRP Page 11 33 For general information on how to use the switch s built in interfaces see Chapter 2 Using the Menu Interface Chapter 3 Using the Command Line Interface CLI Chapter 4 Using the HP Web Browser Interface Chapter 5 Switch Memory and Configuration ...

Page 243: ...allow up to 30 port based VLANs default 8 For information on GVRP see GVRP on page 11 33 The 802 1Q compatibility enables you to assign each switch port to multiple VLANs if needed and the port based nature of the configuration allows interoperation with older switches that require a separate port for each VLAN General Use and Operation Port based VLANs are typically used to enable broadcast traff...

Page 244: ...and A8 Figure 11 1 Example of Routing Between VLANs via an External Router Overlapping Tagged VLANs A port on the Series 4100GL switches can be a member of more than one VLAN if the device to which they are connected complies with the 802 1Q VLAN standard For example a port connected to a central server using a network interface card NIC that complies with the 802 1Q standard can be a member of mu...

Page 245: ... Technology into Networks Running Legacy Untagged VLANs You can introduce 802 1Q compliant devices into net works that have built untagged VLANs based on earlier VLAN technology The fundamental rule is that legacy untagged VLANs require a separate link for each VLAN while 802 1Q or tagged VLANs can combine several VLANs in one link This means that on the 802 1Q compliant device separate ports conf...

Page 246: ...he switch into one physical broadcast domain In the factory default state the default VLAN is the primary VLAN You can partition the switch into multiple virtual broadcast domains by adding one or more additional VLANs and moving ports from the default VLAN to the new VLANs The switch supports up to 30 VLANs You can change the name of the default VLAN but you cannot change the default VLAN s VID w...

Page 247: ...he source for these values The default VLAN continues to operate as a standard VLAN except as noted above you cannot delete it or change its VID Any ports not specifically assigned to another VLAN will remain assigned to the Default VLAN regardless of whether it is the primary VLAN Candidates for primary VLAN include any static VLAN currently configured on the switch A dynamic GVRP learned VLAN th...

Page 248: ...Port Participation in Designated VLAN Tagged Allows the port to join multiple VLANs Untagged Allows VLAN connection to a device that is configured for an untagged VLAN instead of a tagged VLAN The switch allows no more than one untagged VLAN assignment per port No or Auto No Appears when the switch is not GVRP enabled prevents the port from joining that VLAN Auto Appears when GVRP is enabled on th...

Page 249: ...aging VLANs with SNMP in an IP network each VLAN must have an IP address Refer to IP Configuration on page 7 3 Notes on Using VLANs If you are using DHCP Bootp to acquire the switch s configuration packet time to live and TimeP information you must designate the VLAN on which DHCP is configured for this purpose as the primary VLAN In the factory default configuration the DEFAULT_VLAN is the primar...

Page 250: ...VLAN names and VIDs and then assigning one or more ports to each VLAN The switch accepts a maximum of 30 VLANs including the default VLAN and any dynamic VLANs the switch creates if you enable GVRP page 11 33 Note that each port can be assigned to multiple VLANs by using VLAN tagging See VLAN Tagging Information on page 11 22 To Change VLAN Support Settings This section describes Changing the maxi...

Page 251: ...s later you can increase this number but a switch reboot will be required at that time 3 Press Enter and then S to save the VLAN support configuration and return to the VLAN Menu screen If you changed the value for Maximum VLANs to support you will see an asterisk next to the VLAN Support option see below Figure 11 7 VLAN Menu Screen Indicating the Need To Reboot the Switch If you changed the VLAN...

Page 252: ...AN ID 1 Name _ 3 Type in a VID VLAN ID number This can be any number from 2 to 4094 that is not already being used by another VLAN The switch reserves 1 for the default VLAN Remember that a VLAN must have the same VID in every switch in which you configure that same VLAN GVRP dynamically extends VLANs with correct VID numbering to other switches See GVRP on page 11 33 4 Press v to move the cursor ...

Page 253: ...s added dynamically due to GVRP operation 7 Return to the VLAN Menu to assign ports to the new VLAN s as described in the next section Adding or Changing a VLAN Port Assignment Adding or Changing a VLAN Port Assignment Use this procedure to add ports to a VLAN or to change the VLAN assign ment s for any port Ports not specifically assigned to a VLAN are automat ically in the default VLAN 1 From th...

Page 254: ... Only one untagged VLAN is allowed per port Also there must be at least one VLAN assigned to each port In the factory default configuration all ports are assigned to the default VLAN DEFAULT_VLAN For example if you want ports A4 and A5 to belong to both DEFAULT_VLAN and VLAN 22 and ports A6 and A7 to belong only to VLAN 22 you would use the settings in figure page 11 15 This example assumes the de...

Page 255: ...t state all ports on the switch belong to the default VLAN DEFAULT_VLAN and are in the same broadcast multicast domain The default VLAN is also the default primary VLAN see The Primary VLAN on page 11 6 You can configure up to 29 additional static VLANs by adding new VLAN names and then assigning one or more ports to each VLAN The switch accepts a maximum of 30 VLANs including the default VLAN and...

Page 256: ... configuration GVRP is disabled See GVRP on page 11 33 Syntax show vlan Figure 11 12 Example of Show VLAN Listing GVRP Enabled show vlans below show vlan vlan id page 11 17 max vlans 1 30 page 11 18 primary vlan vlan id page 11 18 no vlan vlan id page 11 19 name vlan name page 11 20 no tagged port list page 11 20 no untagged port list page 11 20 no forbid page 11 20 auto port list page 11 20 Avail...

Page 257: ...s the VID to identify and display the data for a specific static or dynamic VLAN Syntax show vlan vlan id Figure 11 13 Example of Show VLAN for a Specific Static VLAN Figure 11 14 Example of Show VLAN for a Specific Dynamic VLAN Show VLAN lists this data when GVRP is enabled and at least oneportontheswitch has dynamically joined the designated VLAN ...

Page 258: ... switch Syntax max vlans 1 30 For example to reconfigure the switch to allow 10 VLANs Figure 11 15 Example of Command Sequence for Changing the Number of VLANs Changing the Primary VLAN In the factory default configuration the default VLAN DEFAULT_VLAN is the primary VLAN However you can designate any static VLAN on the switch as the primary VLAN For more on the primary VLAN see The Primary VLAN o...

Page 259: ...es not already exist and places you in that VLAN s context level If you do not use the name option the switch uses VLAN and the new VID to automatically name the VLAN If the VLAN already exists the switch places you in the context level for that VLAN vlan vlan name Places you in the context level for that static VLAN For example to create a new static VLAN with a VID of 100 Figure 11 16 Example of...

Page 260: ...anges the per port VLAN membership settings N ot e You can use these options from the configuration level by beginning the command with vlan vlan id or from the context level of the specific VLAN Syntax name vlan name Changes the name of the existing static VLAN Avoid spaces and the following characters in the vlan name entry 2 and no tagged port list Configures the indicated port s as Tagged for ...

Page 261: ... of the following commands At the config level use HPswitch config no vlan 100 tagged 1 5 or At the VLAN 100 context level use HPswitch vlan 100 no tagged 1 5 N ot e You cannot use these commands with dynamic VLANs Attempting to do so results in the message VLAN already exists and no change occurs Web Viewing and Configuring VLAN Parameters In the web browser interface you can do the following Add...

Page 262: ...he Untagged designation for a port VLAN assignment where the port is connected to non 802 1Q compliant device or is assigned to only one VLAN Use the Tagged designation when the port is assigned to more than one VLAN or the port is connected to a device that does comply with the 802 1Q standard For example if port A7 on an 802 1Q compliant switch is assigned to only the Red VLAN the assignment can...

Page 263: ...LAN assignmentper port Devices connected to these ports do not have to be 802 1Q compliant Because both the Red VLAN and the Green VLAN are assigned to port Y5 at least one of the VLANs must be tagged for this port In both switches The ports on the link between the two switches must be configured the same As shown in figure 11 17 above the Red VLAN must be untagged on port X7 and Y5 and the Green ...

Page 264: ... port comply with the 802 1Q standard and are configured to use the correct VID then you can configure all VLAN assignments on a port as Tagged if doing so makes it easier to manage your VLAN assignments or for security reasons For example in the following network switches X and Y and servers S1 and S2 are 802 1Q compliant Server S3 could also be 802 1Q compliant but it makes no difference for thi...

Page 265: ...ed To summarize Switch X Switch Y Port Red VLAN Green VLAN Port Red VLAN Green VLAN X1 Untagged Tagged Y1 Untagged Tagged X2 Untagged Tagged Y2 No Untagged X3 No Untagged Y3 No Untagged X4 Untagged No Y4 Untagged No Y5 Untagged Tagged No means the port is not a member of that VLAN For example port X3 is not a member of the Red VLAN and does not carry Red VLAN traffic Also if GVRP were enabled Auto...

Page 266: ...om the Management VLAN can manage the switch which means that only the workstations and PCs connected to ports belonging to the Management VLAN can manage and reconfigure the switch Figure 11 20 illustrates use of the Management VLAN feature to support management access by a group of management workstations Figure 11 20 Example of Potential Security Breaches Links with Ports Belonging to the Manag...

Page 267: ...hes that support this feature As of June 1 2002 this includes the HP Procurve Series 5300XL and Series 4100GL switches The ports belonging to the Management VLAN should be only the following Ports to which you will connect authorized management stations such as Port A7 in figure 11 21 Switch A1 A3 A6 A7 B2 B4 B5 B9 C2 C3 C6 C8 Management VLAN VID 7 Y N N Y Y Y N N Y N N N Marketing VLAN VID 12 N N...

Page 268: ...f you configure a Management VLAN on a switch by using a Telnet connection through a port that is not in the Management VLAN then you will lose management contact with the switch if you log off your Telnet connection or execute write memory and reboot the switch Configuration Syntax no management vlan vlan id vlan name show vlan info Default Disabled For example suppose you have already configured...

Page 269: ... file and you configure a different VID in the running config file the switch uses the running config version until you either use the write memory command or reboot the switch During a Telnet session to the switch if you configure the Management VLAN to a VID that excludes the port through which you are connected to the switch you will continue to have access only until you terminate the session ...

Page 270: ...formance Refer to Spanning Tree Operation with 802 1Q VLANs on page 13 4 NotethatSpanningTree operatesdifferentlyindifferentdevices Forexample in the obsolete non 802 1Q HP Switch 2000 and the HP Switch 800T Span ning Tree operates on a per VLAN basis allowing redundant physical links as long as they are in separate VLANs IP Interfaces There is a one to one relationship between a VLAN and an IP ne...

Page 271: ...ultiple VLANs Also a port trunk is tagged untagged or excluded from a VLAN in the same way as for individual untrunked ports Port Monitoring If you designate a port on the switch for network monitoring this port will appear in the Port VLAN Assignment screen and can be configured as a member of any VLAN For information on how broadcast multicast and unicast packets are tagged inside and outside of...

Page 272: ...r router OS release if any of the following Hewlett Packard routers are installed in networks in which you will be using VLANs HP Router 440 formerly Router ER HP Router 470 formerly Router LR HP Router 480 formerly Router BR HP Router 650 Release A 09 74 is available on the World Wide Web at http www hp com go hpprocurve Click on software then routers ...

Page 273: ...P aware This operation reduces the chances for errors in VLAN configuration by automat ically providing VLAN ID VID consistency across the network That is you can use GVRP to propagate VLANs to other GVRP aware devices instead of manually having to set up VLANs across your network After the switch creates a dynamic VLAN you can optionally use the CLI static vlan id command to convert it to a stati...

Page 274: ...that switch will send advertisements for that VLAN Operating Note When a GVRP aware port on a switch learns a VID through GVRP from anotherdevice the switch begins advertising that VID out all of its ports except the port on which the VID was learned Core switch with static VLANs VID 1 2 3 Port 2 is a member of VIDs 1 2 3 1 Port 2 advertises VIDs 1 2 3 2 Port 1 receives advertise ment of VIDs 1 2 ...

Page 275: ... VLAN and become a member If the switch already has a static VLAN assignment with the same VID as in the advertisement and the port is configured to Auto for that VLAN then the port will dynamically join the VLAN and begin moving that VLAN s traffic For more detail on Auto see Per Port Options for Dynamic VLAN Advertising and Joining on page 11 38 Ignore the advertisement for that VID Don t partic...

Page 276: ...IP addressing on the VLAN and access it in the same way that you would any other static manually created VLAN Per Port Options for Handling GVRP Unknown VLANs An unknown VLAN is a VLAN that the switch learns of by receiving an advertisement for that VLAN on a port that is not already a member of that VLAN If the port is configured to learn unknown VLANs then the VLAN is dynamically created and the...

Page 277: ...ome a member of any unknown VLAN for which it receives an advertisement Allows the port to advertise other VLANs that have at least one other port on the same switch as a member Block PreventstheportfromjoininganynewdynamicVLANsforwhichitreceives an advertisement Allows the port to advertise other VLANs that have at least one other port as a member Disable Causes the port to ignore and drop all GV...

Page 278: ...pending on your topology Enabling a Port for Dynamic Joins You can configure a port to dynami cally join a static VLAN The join will then occur if that port subsequently receives an advertisement for the static VLAN This is done by using the Auto and Learn options described in table 11 11 4 below Parameters for Controlling VLAN Propagation Behavior You can con figure an individual port to actively...

Page 279: ...vertise dynamic VLANs that have at least one other port as a member The port Will become a member of specified VLAN if it receives advertisements for this VLAN Will advertise this VLAN Will not become a member of newdynamicVLANsforwhich it receives advertisements Will advertise dynamic VLANs that have at least one other port on the same switch as a member The port Will not become a member of the s...

Page 280: ...ements GVRP advertisements and to dynamically join VLANs The two preceding sections describe the per port features you can use to control and limit VLAN propagation To summarize you can Allow a port to advertise and or join dynamic VLANs Learn mode the default Allow a port to send VLAN advertisements but not receive them from other devices that is the port cannot dynamically join a VLAN but other ...

Page 281: ... 39 5 Enable GVRP on all devices you want to use with dynamic VLANs and configure the appropriate Unknown VLAN parameter Learn Block or Disable for each port 6 Configure the static VLANs on the switch es where they are needed along with the per VLAN parameters Tagged Untagged Auto and Forbid see table 11 11 4 on page 11 39 on each port 7 Dynamic VLANs will then appear automatically according to th...

Page 282: ...rsor to the GVRP Enabled field c Press the Space bar to select Yes d Press v again to display the Unknown VLAN fields Figure 11 28 Example Showing Default Settings for Handling Advertisements The Unknown VLAN fields enable you to configure each port to Learn Dynamically join any advertised VLAN and advertise alll VLANs learned through other ports Block Do not dynamically join any VLAN but still ad...

Page 283: ...ying the Switch s Current GVRP Configuration This command shows whether GVRP is disabled along with the current settings for the maximum number of VLANs and the current Primary VLAN For more on the last two parameters see Port Based Virtual LANs Static VLANs on page 11 3 Syntax show gvrp Shows the current settings Figure 11 29 Example of Show GVRP Listing with GVRP Disabled Figure 11 30 Example of...

Page 284: ... Ports When GVRP is enabled on the switch use the unknown vlans command to change the Unknown VLAN field for one or more ports You can use this command at either the Manager level or the interface context level for the desired port s Syntax interface port list unknown vlans Changes the Unknown VLAN learn block disable field setting for the specified port s For example to change and view the config...

Page 285: ... VLANs Switch A has GVRP enabled and has three static VLANs the default VLAN VLAN 222 and VLAN 333 In this scenario switch B will dynamically join VLAN 222 and VLAN 333 The show vlans command lists the dynamic and static VLANs in switch B after it has learned and joined VLAN 222 and VLAN 333 Figure 11 32 Example of Listing Showing Dynamic VLANs Switch A GVRP enabled 3 Static VLANs DEFAULT_VLAN VLA...

Page 286: ...RP Security and make the desired changes ii Click on Apply to save and implement your changes to the Unknown VLAN fields For web based Help on how to use the web browser interface screen click on the button provided on the web browser screen GVRP Operating Notes A dynamic VLAN must be converted to a static VLAN before it can have an IP address The total number of VLANs on the switch static and dyn...

Page 287: ...st first convert it to a static VLAN Rebooting a switch on which a dynamic VLAN exists deletes that VLAN However the dynamic VLAN re appears after the reboot if GVRP is enabled and the switch again receives advertisements for that VLAN through a port configured to add dynamic VLANs By receiving advertisements from other devices running GVRP the switch learns of static VLANs on those other devices ...

Page 288: ...11 48 Port Based Virtual LANs VLANs and GVRP GVRP ...

Page 289: ...ow IGMP Operates 12 11 Operation With or Without IP Addressing 12 12 Automatic Fast Leave IGMP 12 13 Forced Fast Leave IGMP 12 14 Configuration Options for Forced Fast Leave 12 15 Listing the Forced Fast Leave Configuration 12 15 Configuring Per Port Forced Fast Leave IGMP 12 17 Using the Switch as Querier 12 18 Querier Operation 12 18 The Switch Excludes Well Known or Reserved Multicast Addresses...

Page 290: ...edia Traffic Control with IP Multicast IGMP Use the switch to reduce unnecessary bandwidth usage on a per port basis by configuring IGMP controls For general information on how to use the switch s built in interfaces see Chapter 2 Using the Menu Interface Chapter 3 Using the Command Line Interface CLI Chapter 4 Using the HP Web Browser Interface Appendix C Switch Memory and Configuration ...

Page 291: ...ation from one to many hosts or communication originating from many hosts and destined for many other hosts In such multipoint applications IGMP will be configured on the hosts and multicast traffic will be generated by one or more servers inside or outside of the local network Switches in the network that support IGMP can then be config ured to direct the multicast traffic to only the ports where...

Page 292: ...nected to devices IGMP clients that belong to specific multicast groups and triggers updates of this information A querier uses data received from the queries to determine whether to forward or block multicast traffic on specific ports When the switch has an IP address on a given VLAN it automatically operates as a Querier for that VLAN if it does not detect a multicast router or another switch fu...

Page 293: ...e switch to interpret IGMP packets and to filter IP multicast traffic based on the IGMP packet information for ports belonging to a multicast group This means that IGMP traffic will be forwarded on a specific port only if an IGMP host or multicast router is connected to the port Blocked Causes the switch to drop all IGMP transmissions received from a specific port and to block all outgoing IP Mult...

Page 294: ...ming IGMP packets intended for reserved or well known multicastaddresses automatically flood through all ports except the port on which the packets entered the switch For more on this topic see The Switch Excludes Well Known or Reserved Multicast Addresses from IP Multicast Filtering on page 12 19 For more information refer to How IGMP Operates on page 12 11 CLI Configuring and Displaying IGMP IGM...

Page 295: ...er port data For IGMP operating status see Internet Group Management Protocol IGMP Status on page B 19 For example suppose you have the following VLAN and IGMP configurations on the switch You could use the CLI to display this data as follows Figure 12 1 Example Listing of IGMP Configuration for All VLANs in the Switch The following versionoftheshowipigmp command includes theVLAN ID vid designatio...

Page 296: ...are methods to enable and disable IGMP on the default VLAN VID 1 HPswitch config vlan 1 ip igmp Enables IGMP on VLAN 1 HPswitch vlan 1 ip igmp Same as above HPswitch config no vlan 1 ip igmpDisables IGMP on VLAN 1 N ot e If you disable IGMP on a VLAN and then later re enable IGMP on that VLAN the switch restoresthe last savedIGMP configuration forthatVLAN For more on how switch memory operates see...

Page 297: ...bove commands HPswitch show ip igmp vlan 1 config Configuring IGMP Traffic Priority This command assigns high priority to IGMP traffic or returns a high priority setting to normal priority The traffic will be serviced at its inbound priority Syntax vlan vid ip igmp high priority forward Default normal HPswitch config vlan 1 ip igmp Configures high priority for high priority forward IGMP traffic on...

Page 298: ...uerier on VLAN 1 HPswitch show ip igmp config Show command to display results of above querier command Web Enabling or Disabling IGMP In the web browser interface you can enable or disable IGMP on a per VLAN basis To configure other IGMP features telnet to the switch console and use the CLI To Enable or Disable IGMP 1 Click on the Configuration tab 2 Click on Device Features 3 If more than one VLA...

Page 299: ...hanging the Querier Configuration Setting on page Configuring the Querier Function on page 12 10 Report Join A message sent by a host to the querier to indicate that the host wants to be or is a member of a given group indicated in the report message Leave Group A message sent by a host to the querier to indicate that the host has ceased to be a member of a specific multicast group An IP multicast...

Page 300: ... Table 12 1 Comparison of IGMP Operation With and Without IP Addressing IGMP Function Available With IP Addressing Configured on the VLAN Available Without IP Addressing Operating Differences Without an IP Address Forward multicast group traffic to any port on the VLAN that has received a join request for that multicast group Yes None Forward join requests reports to the Querier Yes None Configure...

Page 301: ...f an IGMP client connects to the port and there are no other end nodesdetected on that port In this case whenthe clientleaves a multicast group Fast Leave IGMP automatically accelerates the blocking of further unnecessary multicast traffic from that group to the former IGMP client This improves performance by reducing the amount of multicast traffic going through the port to the IGMP client after ...

Page 302: ...aveIGMPspeedsupthe processofblockingunnecessaryIGMP traffic to a switch port that is connected to multiple end nodes This feature does not activate on ports where the switch detects only one end node Instead the regular Fast Leave described in the preceding section activates For example in figure 12 3 even if you configured Forced Fast Leave on all ports in the switch the feature would activate on...

Page 303: ...tate enabled or disabled for each port and the Forced Leave Interval for all ports on the switch To List the Forced Fast Leave State for all Ports in the Switch Go to the switch s command prompt and use the walkmib command as shown below 1 From the Main Menu select 5 Diagnostics 4 Command Prompt 2 Do one of the following If VLANs are not enabled on the switch go to step 3 If VLANs are enabled on t...

Page 304: ...2 15 Go to the switch s command prompt and use the getmib command as shown below Syntax getmib hpSwitchIgmpPortForcedLeaveState vlan number port number OR getmib 1 3 6 1 4 1 11 2 14 11 5 1 7 1 15 3 1 5 vlan number port number For example the following command to list the state for port A6 which in this case belongs to the default VLAN produces the indicated listing The 2 at the end of a port listi...

Page 305: ...ote on VLAN Numbers on page 12 15 Syntax setmib hpSwitchIgmpPortForcedLeaveState vlan number port number i 1 2 OR setmib 1 3 6 1 4 1 11 2 14 11 5 1 7 1 15 3 1 5 vlan number port number i 1 2 where 1 Forced Fast Leave enabled 2 Forced Fast Leave disabled For example suppose that your switch has a six port gigabit module in slot A and port C1 is a member of the default VLAN In this case the port num...

Page 306: ...LAN you can also use the Command Prompt to disable the Querier capability for that VLAN N ot e A Querier is required for proper IGMP operation For this reason if you disable the Querier function on a switch ensure that there is an IGMP Querier and preferably a backup Querier available on the same VLAN If the switch becomes the Querier for a particular VLAN for example the DEFAULT_VLAN then subsequ...

Page 307: ... addresses in this range are termed well known addresses and are reserved for predefined host groups IGMP does not filter these addresses so any packets the switch receives for such addresses are flooded out all ports assigned to the VLAN on which they were received except the port on which the packets entered the VLAN The following table lists the 32 well known addressgroups 8192 total addresses ...

Page 308: ... If the IGMP group subsequently deactivates the switch returns filtering control to the static filter This operation applies to the HP Procurve Switch 1600M 2400M 2424M 4000M and 8000M but not to the Series 2500 switches and the Switch 4108GL which do not have static traffic security filters Reserved Addresses Excluded from IP Multicast IGMP Filtering Traffic to IP multicast groups in the IP addre...

Page 309: ...Configuring RSTP 13 9 Optimizing the RSTP Configuration 13 9 CLI Configuring RSTP 13 10 Menu Configuring RSTP 13 16 Web Enabling or Disabling RSTP 13 18 802 1p Spanning Tree Protocol STP 13 19 Menu Configuring 802 1D STP 13 19 CLI Configuring 802 1D STP 13 22 STP Fast Mode 13 26 Fast Uplink Spanning Tree Protocol STP 13 27 Terminology 13 29 Operating Rules for Fast Uplink 13 30 Menu Viewing and Co...

Page 310: ...ar priority 128 mode norm page 13 19 page 13 25 monitoring STP n a page B 17 page B 17 n a 802 1d Spanning Tree Protocol Default Menu CLI Web Viewing the RSTP STP configuration page 13 16 page 13 10 n a enable disable RSTP STP RSTP is selected as the default protocol disabled page 13 16 page 13 11 page 13 18 reconfiguring whole switch values Protocol Version RSTP Force Version RSTP operation Switc...

Page 311: ...e spanning tree operation in any switch that is part of a redundant physical link loop topology It is recommended that you do so on all switches belonging to a loop topology This topic is covered in more detail under How Spanning Tree Operates on page 13 4 As recommended in the IEEE 802 1Q VLAN standard the Series 4100GL switches use single instance STP As a result the switch generates untagged Br...

Page 312: ...mple Figure 13 1 General Example of Redundant Paths Between Two Nodes In the factory default configuration spanning tree operation is off If a redun dant link loop exists between nodes in your network you should enable the spanning tree operation of your choice N ot e Spanning tree retains its current parameter settings when disabled Thus if you disable spanning tree then later re enable it the pa...

Page 313: ...TP and VLANs For more information refer to Spanning Tree Operation with VLANs on page 11 30 Spanning Tree Options RSTP 802 1w and STP 802 1d RSTP 802 1w The IEEE 802 1d version of spanning tree STP can take a fairly long time to resolve all the possible paths and to select the most efficient path through the network The IEEE 802 1w Rapid Reconfiguration Spanning Tree RSTP significantly reduces the...

Page 314: ...s Failures If an end node is configured to automatically access a server the duration of the STP startup sequence can result in a server access failure On ports where this is a problem configuring STP Fast Mode can eliminate the failure For more information see STP Fast Mode on page 13 26 The next sections describe how to configure STP on the switch For more information on STPoperation see How Spa...

Page 315: ...s more than one physical path between any two nodes enabling spanning tree ensures a single active path between two such nodes by selecting the one most efficient path and blocking the other redun dant paths If a switch or bridge in the path becomes disables spanning tree activates the necessary blocked segments to create the next most efficient path RSTP Feature Default Menu CLI Web Viewing the R...

Page 316: ...eve the fastest possible convergence times though there are some changes that you should make to the RSTP default configuration See Opti mizing the RSTP Configuration below for more information on these changes N ot e Under some circumstances it is possible for the rapid state transitions employed by RSTP to result in an increase in the rates of frame duplication and misordering in the switched LA...

Page 317: ...ct Protocol Version RSTP 2 Set the point to point mac value to false on all ports that are connected to shared LAN segments that is to connections to hubs CLI spanning tree ethernet port list point to point mac force false Menu Main Menu 2 Switch Configuration 4 Spanning Tree Operation for each appropriate port select Point to Point Force False 3 Set the edge port value to false for all ports conn...

Page 318: ... Version Location show spanning tree config both Below on this page spanning tree both page 13 11 protocol version rstp stp both page 13 12 force version rstp operation stp compatible RSTP page 13 12 forward delay 4 30 both page 13 12 hello time 1 10 both page 13 12 maximum age 6 40 both page 13 12 priority 0 15 0 65535 RSTP STP page 13 12 ethernet port list both page 13 14 path cost 1 200 000 000...

Page 319: ... ports on the switch Disabling spanning tree removes protec tion against redundant network paths Syntax no spanning tree Abbreviation no span This command enables spanning tree with the current parameter settings or disables spanning tree using the no option without losing the most recently configured parameter settings Enabling STP Instead of RSTP If you decide for whatever reason that you would ...

Page 320: ...02 1d STP priority 32768 8 as a step value Specifies the protocol value used along with the switch MAC address to determine which device in the spanning tree is the root The lower the priority value the higher the priority The value you enter has changed from the STP value The range is 0 61440 but for RSTP the value is entered as a multiple a step of 4096 You enter a value in the range 0 15 The de...

Page 321: ...y running enabled on the switch Using this facility you can completely configure spanning tree the way you want and then enable it This method minimizes the impact on the network operation Multiple parameters can be included on the same command line For example to configure a maximum age of 30 seconds and a hello time of 3 seconds you would issue the following command HPswitch config span max 30 h...

Page 322: ...heck path cost 10 Mbps 2 000 000 100 Mbps 200 000 1 Gbps 20 000 Assigns an individual port cost that the switch uses to determine which ports are the forwarding ports The range is 1 to 200 000 000 or auto Bydefault thisparameterisautomaticallydeterminedbytheporttype asshown by the different defaultvalues Ifyouhave previously configured aspecific value for this parameter you can issue the command w...

Page 323: ...ured to match the values defined by RSTP at least for 10 Mbps and 100 Mbps ports In LANs where there is a mix of devices running 802 1d STP and RSTP you should reconfigure the devices so the path costs match for ports with the same network speeds Syntax Abbreviations spanning tree ethernet port list path cost 1 200000000 point to point mac force true force false auto priority 0 15 no spanning tree...

Page 324: ...t the Protocol Version parameter field 4 Press the Space bar to select the version of spanning tree you wish to run RSTP or STP Note Ifyou change the protocolversion youwill haveto rebootthe switch for the change to take effect See step 9 and step 10 5 Press the T ab or down arrow key to go to the STP Enabled field Note that when you do this the remaining fields on the screen will then be appro pr...

Page 325: ... press Enter to select the Actions line then press H for Help to display the online help 8 Repeat step 6 for each additional parameter you want to change Please see Optimizing the RSTP Configuration on page 13 9 for recom mendations on configuring RSTP to make it operate the most efficiently 9 When you are finished editing parameters press Enter to return to the Actions line and press S to save th...

Page 326: ...in effect such that RSTP is the selected protocol version enabling spanning tree through the web browser interface will enable RSTP with its current configuration To configure the other span ning tree features telnet to the switch console and use the CLI or menu To enable or disable spanning tree using the web browser interface 1 Click on the Configuration tab 2 Click on Device Features 3 Enable o...

Page 327: ...efault Spanning Tree Operation Screen 2 Press E for Edit to highlight the Protocol Version field In the default configuration this field is set to RSTP 3 Press the Space bar once to change the field to STP This changes the Protocol Version selection to the 802 1d Spanning Tree Protocol 4 Press v to highlight the STP Enabled field 5 Press the Space bar to select Yes Yes in this field means to enabl...

Page 328: ...arameters press Enter to select the Actions line then press H to get help 8 Repeat step 7 for each additional parameter you want to change Note For information on the Mode parameter see STP Fast Mode on page 13 26 9 When you are finished editing parameters press Enter to return to the Actions line 10 Press S to save the currently displayed STP parameter settings You will then see the Switch Config...

Page 329: ...13 7 The Configuration Menu Indicating a Reboot Is Needed to Implement a Configuration Change 11 Press 0 to return to the Main menu Figure 13 8 The Main Menu Indicating a Reboot Is Needed To Implement a Configuration Change 12 Press 6 to reboot the switch This implements the Protocol Version change steps 2 and 3 on page 13 19 ...

Page 330: ...mand displays infor mation similar to the following Figure 13 9 Example of the Default STP Configuration Listing with 802 1d STP Configured at the Protocol Version show spanning tree config Below spanning tree protocol version page 13 23 forward delay 4 30 page 13 24 hello time 1 10 page 13 24 maximum age 6 40 page 13 24 priority 0 65535 page 13 24 ethernet port list page 13 25 path cost 1 65535 p...

Page 331: ...nning tree protocol version stp write memory boot For example Figure 13 10 Steps for Changing Spanning Tree Operation to the 802 1d Protocol Enabling or Disabling Spanning Tree Operation on the Switch This command enables or disables spanning tree operation for either span ning tree version STP 802 1d or RSTP 802 1w the default Before using this command ensure that the version of spanning tree you...

Page 332: ...tings unless you have a strong understanding of how STP operates For more on STP see the IEEE 802 1d standard Reconfiguring General STP Operation on the Switch You can config ure one or more of the following parameters Table 13 3 General STP Operating Parameters Name Default Range Function priority 32768 0 65535 Specifies the priority value used along with the switch MAC address to determine which...

Page 333: ...and enables STP if not already enabled and configures the following per port parameters Table 13 4 Per Port STP Parameters You can also include STP general parameters in this command See Recon figuring General STP Operation on the Switch on page 13 24 Name Default Range Function path cost Ethernet 100 10 100Tx 10 100 Fx 10 Gigabit 5 1 65535 Assignsanindividualportcostthattheswitchuses to determine...

Page 334: ...start up sequence whenever the network con nection is established on the port This includes for example when the switch or connected device is powered up or the network cable is connected A problem can arise from this long STP start up sequence because some end nodes are configured to automatically try to access a network server when ever the end node detects a network connection Typical server ac...

Page 335: ...n page 13 19 Syntax spanning tree port list mode fast norm For example to configure Fast mode for ports C1 C3 and C5 HPswitch config spanning tree c1 c3 c5 mode fast Fast Uplink Spanning Tree Protocol STP Fast Uplink STP is an option added to the switch s 802 1d STP to improve the recovery convergence time in wiring closet switches with redundant uplinks Specifically a Series 4100GL switch having ...

Page 336: ... Professional Computing Series October 1999 N ot e When properly implemented fast uplink STP offers a method for achieving faster failover times than standard STP and is intended for this purpose for instances where 802 1d STP has been chosen over 802 1w RSTP To use fast uplink STP configure fast uplink Mode Uplink only on the switch s upsteam ports that is two or more ports forming a group of red...

Page 337: ...gure 13 11 above is a downlink port edge switch For the purposes of fast uplink STP this is a switch that has no other switches connected to its downlink ports An edge switch is sequentially further from the root device than other switches to which it is connected Also termed wiring closet switch or leaf switch For example switch 4 in figure 13 12 page 29 is an edge switch interior switch In an ST...

Page 338: ...e switch and not either an interior switch or the STP root switch Configure fast uplink on only the edge switch ports used for providing redundantSTPuplinkconnectionsina network ConfiguringFast Uplink STP on ports in interior switches can create network performance prob lems That is a port configured for STP uplink should not be connected to a switch that is sequentially further away from the STP ...

Page 339: ...tch you intend as a backup root device will in fact become the root if the primary root fails and that no ports on the backup root device are configured for fast uplink operation For example if the STP Priority is the same on all switches default 32768 then the switch with the lowest MAC address will become the root switch If that switch fails then the switch with the next lowest MAC address will ...

Page 340: ...Configuration 4 Spanning Tree Operation 2 In the default STP configuration RSTP is the selected protocol version If this is the case on your switch you must change the Protocol Version to STP in order to use Fast Uplink STP Figure 13 14 The Default STP Screen With the Protocol Version Field Set to RSTP If the Protocol Version is set to RSTP the default as shown in this example go to step 3 IfthePr...

Page 341: ...e the change and exit from the Spanning Tree Operation screen you will then see a screen with the following Figure 13 15 Changing from RSTP to STP Requires a System Reboot e Press 0 zero to return to the Main Menu then 6 to reboot the switch f After you reboot the switch enter the menu command at the CLI to return to the Main Menu then select 2 Switch Configuration 4 Spanning Tree Operation You wi...

Page 342: ...ace bar to select Yes in the Spanning Tree Enabled field b Use T ab to move to the Mode field for port A1 c Use the Space bar to select Uplink as the mode for port A1 d Use v to move to the Mode field for Trk1 e Use the Space bar to select Uplink as the Mode for Trk1 f Press Enter to return the cursor to the Actions line In this example ports 2 and 3 have already been configured as a port trunk Tr...

Page 343: ...ress S for Save to save the configuration changes to flash non volatile memory To View Fast Uplink STP Status Continuing from figures 13 16 and 13 17 in the preceding procedure this task uses the same screen that you would use to view STP status for other operating modes 1 From the Main Menu select 1 Status and Counters 7 Spanning Tree Information STP is enabled PortA1andTrk1are now configured for...

Page 344: ...P Root Device 2 Press S for Show ports to display the status of individual ports Figure 13 19 Example of STP Port Status with Two Redundant STP Links Indicates which uplink is the activepathtotheSTProotdevice Note A switch using fast uplink STP must never be the STP root device Links to PC or Workstation End Nodes Redundan t STP Link in Fast Uplink Mode Redundant STP Link in Fast Uplink Mode ...

Page 345: ...STP Using the CLI to View Fast Uplink STP You can view fast uplink STP using the same show commands that you would use for standard STP opera tion Syntax show spanning tree Lists STP status show spanning tree config Lists STP configuration for the switch and for individual ports For example figures 13 20 and 13 21 illustrate a possible topology STP status listing and STP configuration for a Series...

Page 346: ... Spanning Tree Listing for the Topology Shown in Figure 13 20 Indicates that Trk1 Trunk 1 provides the currently active path to the STP root device RedundantSTPlinkintheBlocking state Links to PC or Workstation End Nodes Redundant STP link in the Forwarding state See the Root Port field above This is the currently active path to the STP root device ...

Page 347: ...uplink operation shown in figures 13 20 13 21 and 13 22 The example assumes that ports A2 and A3 are already configured as members of the port trunk Trk1 and all other STP parameters are left in their default state Note that the default STP Protocol Version is RSTP Rapid STP or 802 1w Thus if the switch is set to the STP default you must change it to the STP 802 1d Protocol Version before you can ...

Page 348: ...y used by ports on standard 802 1D STP non fast uplink This prevents temporary loops that could otherwise result while the switch is determining the STP status for all ports That is on ports configured for fast uplink STP the first STP state transition after a reboot takes the same amount of time as for redundant ports that are not configured for fast uplink STP Using Fast Uplink with Port Trunks ...

Page 349: ...odesettingwillbeNorm regardless of whether one or more ports in the trunk are set to fast uplink Mode Uplink You must still specifically configure the trunk Mode setting to Uplink Similarly if you eliminate a trunk the Mode setting on the individual ports in the trunk will return to their previous settings For Troubleshooting Information on Fast Uplink Refer to Spanning Tree Protocol STP and Fast ...

Page 350: ...13 42 802 1w Rapid Spanning Tree Protocol RSTP and 802 1d Spanning Tree Protocol STP Web Enabling or Disabling STP ...

Page 351: ...age The Stack 14 17 Monitoring Stack Status 14 25 Using the CLI To View Stack Status and Configure Stacking 14 29 Using the CLI To View Stack Status 14 31 Using the CLI To Configure a Commander Switch 14 33 Adding to a Stack or Moving Switches Between Stacks 14 35 Using the CLI To Remove a Member from a Stack 14 40 Using the CLI To Access Member Switches for Configuration Changes and Traffic Monit...

Page 352: ... switches without the need for any specialized cabling page 14 3 For general information on how to use the switch s built in interfaces see Chapter 2 Using the Menu Interface Chapter 3 Using the Command Line Interface CLI Chapter 4 Using the HP Web Browser Interface Chapter 5 Switch Memory and Configuration ...

Page 353: ...all stacking enabled switches in the ip subnet n a page 14 32 configure stacking enable disable candidate Auto Join enabled Yes page 14 15 page 14 37 push a candidate into a stack n a page 14 15 page 14 37 configure aswitch to be a commander n a page 14 13 page 14 33 push a member into another stack n a page 14 24 page 14 39 remove a member from a stack n a page 14 21 page 14 40 or page 14 41 pull...

Page 354: ...t perform IP addressing tasks Which Devices Support Stacking As of June 2002 the following HP devices support stacking HP Procurve Switch 4104GL HP Procurve Switch 4108GL HP Procurve Switch 2512 HP Procurve Switch 2524 HP Procurve Switch 8000M HP Procurve Switch 4000M HP Procurve Switch 2424M HP Procurve Switch 2400M HP Procurve Switch 1600M Requiressoftware release C 08 03 or later which isinclud...

Page 355: ...mmander s Manager password controls access to all stack Members Stack Consists of a Commander switch and any Member switches belonging to that Commander s stack Commander A switch that has been manually configured as the controlling device for a stack When this occurs the switch s stacking configuration appears as Commander Candidate A switch that is ready to join become a Member of a stack throug...

Page 356: ...the normal operation of the switch in your network A stack requires one Commander switch Only one Commander allowed per stack All switches in a particular stack must be in the same IP subnet broadcast domain A stack cannot cross a router A stack accepts up to 16 switches numbered 0 15 including the Commander always numbered 0 There is no limit on the number of stacks in the same IP subnet broadcas...

Page 357: ...Stacking Operation with Multiple VLANs Configured on page 14 44 and The Primary VLAN on page 11 6 Stacking allows intermediate devices that do not support stacking This enables you to include switches that are distant from the Commander Figure 14 3 Example of a Non Stacking Device Used in a Stacking Environment Commander Switch Switch with Stacking Disabled or Not Available Member Switch Candidate...

Page 358: ...er and Operator passwords Ifa candidatehasapassword it cannot be automatically added to a stack In this case if you want the Candidate in a stack you must manually add it to the stack Uses standard SNMP community operation if the Candidate has its own IP addressing Member IP Addr Optional Configuring an IP address allows access via Telnet or web browser interface without going through theCommander...

Page 359: ...onfiguring Stack Management Overview of Configuring and Bringing Up a Stack This process assumes that All switches you want to include in a stack are connected to the same subnet broadcast domain IfVLANsareenabledontheswitchesyou wantto include inthestack then the ports linking the stacked switches must be on the primary VLAN in each switch which in the default configuration is the default VLAN If...

Page 360: ... IP addressing and a stack name on the Commander 3 Set the Commander s Auto Grab parameter to Yes 4 Connect Candidate switches in their factory default configuration to the network This approach automatically creates a stack of up to 16 switches including the Commander However this replaces manual control with an automatic process that may bring switches into the stack that you did not intend to i...

Page 361: ...pages 14 13 through 14 36 for the menu interface and pages 14 29 through 14 41 for the CLI 1 Determine the naming conventions for the stack You will need a stack name Also to help distinguish one switch from another in the stack you can configure a unique system name for each switch Otherwise the system name for a switch appearing in the Stacking Status screen appears as the stack name plus an aut...

Page 362: ...e Commander to assign IP addressing or make other configuration changes 4 Make a record of any Manager passwords assigned to the switches intended for your stack that are not currently members You will use these passwords to enable the protected switches to join the stack 5 If you are using VLANs in the stacking environment you must use the default VLAN for stacking links For more information see ...

Page 363: ...onfigure a Commander Switch 1 Configure an IP address and subnet mask on the Commander switch See Chapter 7 Configuring IP Addressing 2 Display the Stacking Menu by selecting Stacking in the Main Menu Figure 14 5 The Default Stacking Menu 3 Display the Stack Configuration menu by pressing 3 to select Stack Configuration Figure 14 6 The Default Stack Configuration Screen ...

Page 364: ...ing then press the downarrow key No the default prevents automatic joining of Candidates that have their Auto Join set to Yes Yes enables the Commander to automatically take a Candidate into the stack as a Member if the Candidate has Auto Join set to Yes the default Candidate setting and does not have a previously configured password 8 Accept or change the transmission interval default 60 seconds ...

Page 365: ...lowing table lists the Candidate s configuration options Table 14 4 Candidate Configuration Options in the Menu Interface Using the Menu To Push a Switch Into a Stack Modify the Switch s Configuration or Disable Stacking on the Switch Use Telnet or the web browser interface to access the Candidate if it has an IP address Other wise use a direct connection from a terminal device to the switch s con...

Page 366: ...fic Commander s stack i Use the space bar to select Member ii Press T ab once to display the Commander MAC Address parameter then enter the MAC address of the desired Commander To change Auto Join or Transmission Interval use T ab to select the desired parameter and To change Auto Join use the Space bar To change Transmission Interval type in the new value in the range of 1 to 300 seconds Note All...

Page 367: ... a Candidate to a Stack In the default configuration you must manually add stack Members from the Candidate pool Reasons for a switch remaining a Candidate instead of becoming a Member include any of the following Auto Grab in the Commander is set to No the default Auto Join in the Candidate is set to No Note When a switch leaves a stack and returns to Candidate status its Auto Join parameter rese...

Page 368: ...e displayed switch number or enter another available number The range is 0 15 with 0 reserved for the Commander 4 Use the downarrow key to move the cursor to the MAC Address field then type the MAC address of the desired Candidate from the Candidate list in the lower part of the screen 5 Do one of the following For status descriptions see the table on page 14 46 The Commander automatically selects...

Page 369: ... Member Added Using the Commander s Menu To Move a Member From One Stack to Another Where two or more stacks exist in the same subnet broadcast domain you can easily move a Member of one stack to another stack if the destination stack is not full If you are using VLANs in your stack environ ment see Stacking Operation with a Tagged VLAN on page 14 44 This procedure is nearly identical to manually ...

Page 370: ...d the Member You will then see a screen listing any available candidates See figure 14 10 on page 14 18 Note that you will not see the switch you want to add because it is a Member of another stack and not a Candidate 6 Either accept the displayed switch number or enter another available number The range is 0 15 with 0 reserved for the Commander 7 Use the downarrow key to move the cursor to the MA...

Page 371: ...mber s interface and entering the MAC address of the destination stack Commander in the Member s Commander MAC Address field Using this method moves the Member to another stack without a need for knowing the Manager password in that stack but also blocks access to the Member from the original Commander Using the Commander s Menu To Remove a Stack Member These rules affect removals from a stack Whe...

Page 372: ...of Stack Management Screen with Stack Members Listed 2 Use the downarrow key to select the Member you want to remove from the stack Figure 14 14 Example of Selecting a Member for Removal from the Stack 3 Type D for Delete to remove the selected Member from the stack You will then see the following prompt Figure 14 15 The Prompt for Completing the Deletion of a Member from the Stack Stack Member Li...

Page 373: ... to access the Member s console interface for the same configu ration and monitoring that you would do through a Telnet or direct connect access 1 From the Main Menu select 9 Stacking 5 Stack Access You will then see the Stack Access screen Figure 14 16 Example of the Stack Access Screen Use the downarrow key to select the stack Member you want to access then press X for eXecute to display the con...

Page 374: ... Logout then Y for Yes c Press Return You should now see the Commander s Stack Access screen For an example see figure 14 16 on page 14 23 Converting a Commander or Member to a Member of Another Stack When moving a commander the following procedure returns the stack mem bers to Candidate status with Auto Join set to No and converts the stack Commander to a Member of another stack When moving a mem...

Page 375: ...vironment see Stacking Operation with a Tagged VLAN on page 14 44 This can help you in such ways as determining the stacking configuration for individual switches identifying stack Members and Candidates and determining the status of individual switches in a stack See table 14 14 5 on page 14 25 Table 14 5 Stack Status Environments Screen Name Commander Member Candidate Stack Status This Switch Co...

Page 376: ...tacking and select 9 Stacking 2 Stacking Status All You will then see a Stacking Status screen similar to the following Figure 14 18 Example of Stacking Status for All Detected Switches Configured for Stacking Viewing Commander Status This procedure displays the Commander and stack configuration plus information identifying each stack member To display the status for a Commander go to the console ...

Page 377: ...mmander s status IP address and MAC address To display the status for a Member 1 Go to the console Main Menu of the Commander switch and select 9 Stacking 5 Stack Access 2 Use the downarrow key to select the Member switch whose status you want to view then press X for eXecute You will then see the Main Menu for the selected Member switch 3 In the Member s Main Menu screen select 9 Stacking 1 Stack...

Page 378: ...acking configuration To display the status for a Candidate 1 Use Telnet if the Candidate has a valid IP address for your network or a direct serial port connection to access the menu interface Main Menu for the Candidate switch and select 9 Stacking 1 Stacking Status This Switch You will then see the Candidate s Stacking Status screen Figure 14 21 Example of a Candidate s Stacking Screen ...

Page 379: ...atus all Lists all stack Commanders Members and Candidates with their individual status no stack Any Stacking Capable Switch Enables or disables stacking on the switch Default Stacking Enabled no stackcommander stackname Candidate or Commander Converts a Candidate to a Commander or changes the stack name of an existing commander No form eliminates named stack and returns Commander and stack Member...

Page 380: ...of SN assignments for a stack execute the show stack command in the Commander s CLI no stack join mac addr Candidate Causes the Candidate to join the stack whose Commander has the indicated MAC address No formis used ina Memberto remove it fromthestack of the Commander having the specified address Member Pushes the member to another stack whose Commander has the indicated MAC address no stack auto...

Page 381: ...use the CLI in a to display the stack status for that switch In this case the switch is in the default stacking configuration Syntax show stack Figure 14 22 Example of Using the Show Stack Command To List the Stacking Configuration for an Individual Switch Viewing the Status of Candidates the Commander Has Detected This example illustrates how to list stack candidates the Commander has discovered ...

Page 382: ...ck all command was executed is a candidate it is included in the Others category Syntax show stack all Figure 14 24 Result of Using the Show Stack All Command To List Discovered Switches in the IP Subnet Viewing the Status of the Commander and Current Members of the Commander s Stack The next example lists all switches in the stack of the selected switch Syntax show stack view Figure 14 25 Example...

Page 383: ...s in order for stacking to operate properly For more on the primary VLAN see The Primary VLAN on page 11 6 2 Configure a Manager password on the switch intended for commander The Commander s Manager password controls access to stack Mem bers For more on passwords see the local manager and operator pass word information in the Access Security Guide for your switch Configure the Stack Commander Assi...

Page 384: ...te the new stack If you do not know the MAC address for the Commander of the current stack use show stack to list it Syntax no stack stack commander stack name Suppose for example that an HP switch named Bering Sea is a Member of a stack named Big_Waters To use the switch s CLI to convert it from a stack Member to the Commander of a new stack named Lakes you would use the following commands The st...

Page 385: ...manual control over which switches join the stack and when they join This prevents the Commander from automatically trying to add every Candidate it finds that has Auto Join set to Yes the default for the Candidate If you want any eligible Candidate to automatically join the stack when the Commander discovers it configure Auto Grab in the Commander to Yes When you do so any Candidate discovered wi...

Page 386: ...ered Candidates with their MAC addresses execute show stack candidates from the Commander s CLI For example to list the discov ered candidates for the above Commander Figure 14 29 Example of How To Determine MAC Addresses of Discovered Candidates Knowing the available switch numbers SNs and Candidate MAC addresses you can proceed to manually assign a Candidate to be a Member of the stack Syntax st...

Page 387: ... You can disable Auto Join on a Candidate if you want to prevent automatic joining in this case There is also the instance where a Candidate s Auto Join is disabled for example when a Commander leaves a stack and its members automatically return to Candidate status or if you manually remove a Member from a stack In this case you may want to reset Auto Join to Yes Status no stack auto join HP4108 c...

Page 388: ... Candidate named North Sea with Auto Join off and a valid IP address of 10 28 227 104 is running on a network You could Telnet to the Candidate use show stack all to determine the Commander s MAC address and then push the Candidate into the desired stack Figure 14 31 Example of Pushing a Candidate Into a Stack To verify that the Candidate successfully joined the stack execute show stack all again ...

Page 389: ...config stack member 1 mac address 0060b0 df1a00 Where 1 is an unused switch number SN Since a password is not set on the Candidate a password is not needed in this example You could then use show stack all again to verify that the move took place Using a Member CLI To Push the Member into Another Stack You can use the Member s CLI to push a Series 4100GL switches stack Member into a destination st...

Page 390: ...mple of Command Sequence for Converting a Commander to a Member Using the CLI To Remove a Member from a Stack You can remove a Member from a stack using the CLI of either the Commander or the Member N ot e When you remove a Member from a stack the Member s Auto Join parameter is set to No Using the Commander CLI To Remove a Stack Member This option requires the switch number SN and the MAC address...

Page 391: ...tack HP4108 config no stack member 3 mac address 0030c1 7fc700 where 3 is the North Sea Member s switch number SN 0030c1 7fc700 is the North Sea Member s MAC address Using the Member s CLI To Remove the Member from a Stack Syntax no stack join mac addr To use this method you need the Commander s MAC address which is available using the show stack command in the Member s CLI For example Figure 14 3...

Page 392: ...r SN assigned by the Com mander to each member range 1 15 To find the switch number for the Member you want to access execute the show stack view command in the Commander s CLI For example suppose that you wanted to configure a port trunk on the switch named North Sea in the stack named Big_Waters Do do so you would go to the CLI for the Big_Waters Commander and execute show stack view to find the...

Page 393: ...gray community is only on switch 3 you could not use the Commander IP address for gray community access from the management station Instead you would access switch 3 directly using the switch s own IP address For example snmpget MIB variable 10 31 29 15 gray Commander Switch IP Addr 12 31 29 100 Community Names blue red Member Switch 2 IP Addr None Community Names none Member Switch 3 IP Addr 12 3...

Page 394: ...st re enable stacking on the switch before it can become a Candidate Member or Commander Disabling a Member Removes the Member from the stack and changes it to a stand alone nonstacking switch You must re enable stacking on the switch before it can become a Candidate Member or Commander Disabling a Candidate Changes the Candidate to a stand alone non stacking switch Syntax no stack Disables stacki...

Page 395: ...ppears as shown above The interface for Members and Candidates appears the same as for a non stacking Series 4100GL switches To view or configure stacking on the web browser interface 1 Click on the Configuration tab 2 Click on Stacking to display the stackingconfiguration for an individual switch and make any configuration changes you want for that switch 3 Click on Apply Changes to save any conf...

Page 396: ... and the Member Commander Up The Member has stacking connectivity with the Commander None required Mismatch This may be a temporary condition while a Candidate is trying to join a stack If the Candidate does not join then stack configuration is inconsistent Initially waitforanupdate Ifcondi tion persists reconfigure the Commander or the Member Member Down A Member has become detached from the stac...

Page 397: ...Download from a PC or Unix Workstation to Primary or Secondary Flash A 8 Switch to Switch Download A 9 Menu Switch to Switch Download to Primary Flash A 9 CLI Switch To Switch Downloads A 10 Using the HP TopTools for Hubs Switches Utility A 11 Troubleshooting TFTP Downloads A 12 Transferring Switch Configurations A 13 Copying Diagnostic Data to a Remote Host PC or Unix Workstation A 16 Copying Com...

Page 398: ...dates through the HP Procurve website http www hp com go hpprocurve For more informa tion see the support and warranty booklet shipped with the switch After you acquire a new OS file you can use one of the following methods for down loading the operating system OS code to the switch OS Download Features General OS Download Rules An OS image you download via the menu interface always goes to primar...

Page 399: ...OS Image from a Server This procedure assumes that An OS file for the switch has been stored on a TFTP server accessible to the switch The OS file is typically available from the HP Procurve website at http www hp com go hpprocurve The switch is properly connected to your network and has already been configured with a compatible IP address and subnet mask The TFTP server is accessible to the switc...

Page 400: ...ult Values 2 Press E for Edit 3 Ensure that the Method field is set to TFTP the default 4 In the TFTP Server field type in the IP address of the TFTP server in which the OS file has been stored 5 In the Remote File Name field type the name of the OS file If you are using a UNIX system remember that the filename is case sensitive 6 Press Enter then X for eXecute to begin the OS download The followi...

Page 401: ... in primary flash Also using the Reboot Switch command intheMainMenualwaysrebootstheswitchfromprimaryflash Rebooting the switch from the CLI gives you more options See Rebooting the Switch on page 5 17 8 After you reboot the switch confirm that the operating system down loaded correctly a From the Main Menu select 1 StatusandCounters and from the Status and Counters menu select 1 General System In...

Page 402: ...m that the operating system downloaded correctly execute show system and check the Firmware revision line If you need information on primary secondary flash memory and the boot commands see Using Primary and Secondary Flash Image Options on page 5 12 Using Xmodem to Download an OS Image From a PC or UNIX Workstation This procedure assumes that The switch is connected via the Console RS 232 port to...

Page 403: ...e terminal emulator command s to begin Xmodem binary transfer For example using HyperTerminal a Click on Transfer then Send File b Type the file path and name in the Filename field c In the Protocol field select Xmodem d Click on the Send button The download will then commence It can take several minutes depend ing on the baud rate set in the switch and in your terminal emulator 6 After the primar...

Page 404: ...egin the Xmodem transfer For example using HyperTerminal a Click on Transfer then Send File b Type the file path and name in the Filename field c In the Protocol field select Xmodem d Click on the Send button The download can take several minutes depending on the baud rate used in the transfer 3 When the download finishes you must reboot the switch to implement the newly dowloaded OS To do so use ...

Page 405: ...eter is set to TFTP the default 3 In the TFTP Server field enter the IP address of the remote Series 4100GL switches containing the OS you want to download 4 For the Remote File Name enter one of the following To download the OS in the primary flash of the source switch type flash in lowercase characters To download the OS in the secondary flash of the source switch type os secondary 5 Press Enter...

Page 406: ...s the OS flash in the source switch s primary flash to either the primary or secondary flash in the destination switch Syntax copy tftp flash ip addr flash primary secondary If you do not specify either a primary or secondary flash location for the destination the download automatically goes to primary flash For example to download an OS file from primary flash in a Series 4100GL switches with an ...

Page 407: ...he secondary flash in the destination switch you would execute the following command in the destina tion switch s CLI Figure A 5 Switch to Switch from Either Flash in Source to Either Flash in Destination Using the HP TopTools for Hubs Switches Utility HP TopTools for Hubs Switches includes a software update utility for updatingonHPProCurveswitchproductssuchastheSeries4100GLswitches For further in...

Page 408: ...oblem Sources on page C 21 Some of the causes of download failures include Incorrect or unreachable address specified for the TFTP Server parameter This may include network problems Incorrect VLAN Incorrect name specified for the Remote File Name parameter or the specified file cannot be found on the TFTP server This can also occur if the TFTP server is a Unix machine and the case upper or lower f...

Page 409: ...rom a switch TFTP Copying a Configuration from a Remote Host Syntax copy tftp startup config running config ip address remote file This command copies a configuration from a remote host to the startup config file in the switch See Chapter 5 Using Primary and Secondary Flash Image Options for information on the startup config file For example to download a configuration file named sw4100 in the con...

Page 410: ... Xmodem Copying a Configuration File from the Switch to a Serially Connected PC or Unix Workstation To use this method the switch must be connected via the serial port to a PC or Unix workstation to which you want to copy the configuration file You will need to Determine a filename to use Know the directory path you will use to store the the configuration file Syntax copy startup config running co...

Page 411: ... the file Syntax copy xmodem startup config pc unix For example to copy a configuration file from a PC serially connected to the switch 1 Execute the following command 2 After you see the above prompt press Enter 3 Execute the terminal emulator commands to begin the file transfer 4 When the download finishes you must reboot the switch to implement the newly dowloaded OS To do so use one of the fol...

Page 412: ...sh Log Processor Specific operating data useful for determining the reason for a system crash Copying Command Output to a Destination Device This command directs the displayed output of a CLI command to a file in a destination device Syntax copy command output cli command tftp ip address filepath filename copy command output cli command xmodem For example to use Xmodem to copy the output of show c...

Page 413: ... to a PC orUNIX workstationonthe network Youcancopy individualslotinformation or the master switch information If you do not specify either the command defaults to the master data Syntax copy crash data slot id master xmodem copy crash data slot id master tftp ip address filename where slot id a h and retrieves the crash log or crash data from the processor on the module in the specified slot mast...

Page 414: ...e master data Syntax copy crash log slot id master tftp ip address filepath and filename copy crash log slot id master xmodem where slot id a h and retrieves the crash log or crash data from the processor on the module in the specified slot master Retrieves crash log or crash data from the switch s chassis processor For example to copy the Crash Log for slot C to a file in a PC connected to the sw...

Page 415: ...owser Access To View Port and Trunk Group Statistics B 11 Viewing the Switch s MAC Address Tables B 12 Menu Access to the MAC Address Views and Searches B 13 CLI Access for MAC Address Views and Searches B 15 Spanning Tree Protocol STP Information B 17 Menu Access to STP Data B 17 CLI Access to STP Data B 18 Internet Group Management Protocol IGMP Status B 19 VLAN Information B 20 Web Browser Inte...

Page 416: ...ts page B 9 Event Log Lists switch operating events Using the Event Log To Identify Problem Sources on page C 21 Alert Log Lists network occurrences detected by the switch in the Status Overview screen of the web browser interface page 4 6 Configurable trap receivers Uses SNMP to enable management sta tions on your network to receive SNMP traps from the switch Trap Receivers and Authentication Tra...

Page 417: ...tion Menu CLI Lists the module type and description for each slot in which a module is installed B 7 Port Status Menu CLI Web Displays the operational status of each port B 8 Port and Trunk Statistics and Flow Control Status Menu CLI Web Summarizes port activity and lists per port flow control status B 9 VLAN Address Table Menu CLI Lists the MAC addresses of nodes the switch has detected on specif...

Page 418: ...ning at the Main Menu display the Status and Counters menu by select ing 1 Status and Counters Figure B 1 The Status and Counters Menu Each of the above menu items accesses the read only screens described on the following pages Refer to the online help for a description of the entries displayed in these screens ...

Page 419: ...Menu Access From the console Main Menu select 1 Status and Counters 1 General System Information Figure B 2 Example of General Switch Information This screen dynamically indicates how individual switch resources are being used See the online Help for details CLI Access Syntax show system information ...

Page 420: ...nters 2 Switch Management Address Information Figure B 3 Example of Management Address Information with VLANs Configured This screen displays addresses that are important for management of the switch If multiple VLANs are not configured this screen displays a single IP address for the entire switch See the online Help for details CLI Access Syntax show management ...

Page 421: ...e this feature to determine which slots have modules installed and which type s of modules are installed Menu Displaying Port Status From the Main Menu select 1 Status and Counters 3 Module Information Figure B 4 Example of Module Information in the Menu Interface CLI Access Syntax show module ...

Page 422: ...ace and the console interface show the same port status data Menu Displaying Port Status From the Main Menu select 1 Status and Counters 4 Port Status Figure B 5 Example of Port Status on the Menu Interface CLI Access Syntax show interfaces brief Web Access 1 Click on the Status tab 2 Click on Port Status ...

Page 423: ...ng the switch resets the counters to zero You can also reset the counters to zero for the current session This is useful for troubleshooting See the Note On Reset below N ot e on R es et The Reset action resets the counter display to zero for the current session but does not affect the cumulative values in the actual hardware counters In compliance with the SNMP standard the values in the hardware...

Page 424: ...mple of Port Counters on the Menu Interface To view details about the traffic on a particular port use the v key to highlight that port number then select Show Details For example selecting port A2 displays a screen similar to figure B 7 below Figure B 7 Example of the Display for Show details on a Selected Port This screen also includes the Reset action for the current session See the Note on Res...

Page 425: ... mand provides traffic details for the port s you specify Syntax show interfaces ethernet port list To Reset the Port Counters for a Specific Port This command resets the counters for the specified ports to zero for the current session See the Note on Reset on page B 9 Syntax clear statistics ethernet port list Web Browser Access To View Port and Trunk Group Statistics 1 Click on the Status tab 2 ...

Page 426: ... addresses that the switch has learned from network devices attached to the switch The port on which each MAC address was learned Feature Default Menu CLI Web viewing MAC addresses on all ports on a specific VLAN n a page B 13 page B 15 viewing MAC addresses on a specific port n a page B 14 page B 15 searching for a MAC address n a page B 14 page B 16 ...

Page 427: ...he per VLAN listing includes The MAC addresses that the switch has learned from network devices attached to the switch The port on which each MAC address was learned 1 From the Main Menu select 1 Status and Counters 5 VLAN Address Table 2 The switch then prompts you to select a VLAN 3 Use the Space bar to select the VLAN you want then press Enter The switch then displays the MAC address table for ...

Page 428: ...s Enter The address and port number are highlighted if found If the switch does not find the MAC address on the currently selected VLAN it leaves the MAC address listing empty Figure B 9 Example of Menu Indicating Located MAC Address 3 Press P for Prev page to return to the full address table listing Port Level MAC Address Viewing and Searching This feature displays and searches for MAC addresses ...

Page 429: ...rompt Enter MAC address _ 2 Type the MAC address you want to locate and press Enter The address is highlighted if found If the switch does not find the address it leaves the MAC address listing empty 3 Press P for Prev page to return to the previous per port listing CLI Access for MAC Address Views and Searches Syntax show mac address vlan vlan id ethernet port list mac addr To List All Learned MA...

Page 430: ...he MAC addresses associated with the ports for a given VLAN For example HPswitch show mac address vlan 100 N ot e The Series 4100GL switches operate with a multiple forwarding database architecture For more on this topic refer to Duplicate MAC Addresses Across VLANs on page C 19 To Find the Port On Which the Switch Learned a Specific MAC Address For example to find the port on which the switch lea...

Page 431: ...bled on the switch to display the following data Figure B 12 Example of Spanning Tree Information Use this screen to determine current switch level STP parameter settings and statistics You can use the Show ports action at the bottom of the screen to display port level information and parameter settings for each port in the switch including port type cost priority operating state and designated br...

Page 432: ...atus and Counters Data Figure B 13 Example of STP Port Information CLI Access to STP Data This option lists the STP configuration root data and per port data cost priority state and designated bridge Syntax show spanning tree HP4100 show spanning tree ...

Page 433: ... executing the following Figure B 14 Example of IGMP Group Data Show Command Output show ip igmp GlobalcommandlistingIGMPstatusforallVLANsconfigured in the switch VLAN ID VID and name Active group addresses per VLAN Number of report and query packets per group Querier access port per VLAN show ip igmp vlan id Per VLAN command listing above IGMP status for specified VLAN VID show ip igmp group ip a...

Page 434: ...e figures show how you could list data on the above VLANs Listing the VLAN ID VID and Status for ALL VLANs in the Switch Figure B 15 Example of VLAN Listing for the Entire Switch Show Command Output show vlan Lists Maximum number of VLANs to support Existing VLANs Status static or dynamic Primary VLAN show vlan vlan id For the specified VLAN lists Name VID and status static dynamic Per Port mode t...

Page 435: ...ing the VLAN ID VID and Status for Specific Ports Figure B 16 Example of VLAN Listing for Specific Ports Listing Individual VLAN Status Figure B 17 Example of Port Listing for an Individual VLAN Because ports A1 and A2 are not members of VLAN 44 itdoesnotappear in this listing ...

Page 436: ... of the status of the switch including summary graphs indicating the network utili zation on each of the switch ports symbolic port status indicators and the Alert Log which informs you of any problems that may have occurred on the switch For more information on this screen see chapter 4 Using the HP Web Browser Interface Figure B 18 Example of a Web Browser Interface Status Overview Screen Port U...

Page 437: ...nated monitoring port to which a network analyzer can be attached N ot e Port trunks cannot be used as a monitoring port It is possible when monitoring multiple interfaces in networks with high traffic levels to copy more traffic to a monitor port than the link can support In this case some packets may not be copied to the monitor port Feature Default Menu CLI Web display monitoring configuration ...

Page 438: ...ly than shown in this procedure 1 From the Console Main Menu Select 2 Switch Configuration 3 Network Monitoring Port Figure B 19 The Default Network Monitoring Configuration Screen 2 In the Actions menu press E for Edit 3 If monitoring is currently disabled the default then enable it by pressing the Space bar or Y to select Yes 4 Press the downarrow key to display a screen similar to the following...

Page 439: ...ts and position the cursor at a port you want to monitor 7 Press the Space bar to select Monitor for each port and trunk that you want monitored Use the downarrow key to move from one interface to the next in the Action column 8 When you finish selecting ports to monitor press Enter then press S for Save to save your changes and exit from the screen 9 Return to the Main Menu Move the cursor tothe ...

Page 440: ...r trunks being monitored Syntax show monitor For example if you assign port A6 as the monitoring port and configure the switch to monitor ports A1 A3 show monitor displays the following Figure B 21 Example of Monitored Port Listing Configuring the Monitor Port This command assigns or removes a mon itoring port and must be executed from the global configuration level Remov ing the monitor port disa...

Page 441: ...ort numbers and static trunk names at the same time For example with a portsuch as portA6 configuredasthe monitoring mirror port you would use either of the following commands to select these ports and static trunks for monitoring A1 through A3 and A5 Trunks 1 and 2 Figure B 22 Examples of Selecting Ports and Static Trunks as Monitoring Sources Figure B 23 Examples of Removing Ports as Monitoring ...

Page 442: ... 2 Click on Monitor Port 3 To monitor one or more ports a Click on the radio button for Monitor Selected Ports b Select the port s to monitor 4 Click on Apply Changes To remove port monitoring 1 Click on the Monitoring Off radio button 2 Click on Apply Changes For web based Help on how to use the web browser interface screen click on the button provided on the web browser screen ...

Page 443: ...k Problems C 14 SSH Related Problems C 15 Stacking Related Problems C 16 TACACS Related Problems C 16 TimeP SNTP or Gateway Problems C 18 VLAN Related Problems C 18 Using the Event Log To Identify Problem Sources C 21 Diagnostic Tools C 24 Port Auto Negotiation C 24 Ping and Link Tests C 24 Displaying the Configuration File C 29 Listing Switch Configuration and Operation Details for Help in Troubl...

Page 444: ...e problems indicated by LED behavior cabling requirements and other potential hardware related problems refer to the installation guide you received with the switch N ot e HP periodically places switch software updates on the HP Procurve website HP recommends that you check this website for software updates that may have fixed a problem you are experiencing For information on support and warranty ...

Page 445: ...ompliance to the relevant IEEE 802 3 specification See the Installation Guide shipped with the switch for correct cable types and connector pin outs Use HP TopTools for Hubs Switches if installed on your network to help isolate problems and recommend solutions HP TopTools is shipped at no extra cost with the switch Use the Port Utilization Graph and Alert Log in the web browser interface included ...

Page 446: ...witch Management Address Information also check the DHCP Bootp server configuration to verify correct IP addressing If you are using DHCP to acquire the IP address for the switch the IP address lease time may have expired so that the IP address has changed For more information on how to reserve an IP address refer to the documentation for the DHCP application that you are using If one or more IP A...

Page 447: ... selecting 2 Switch Configuration 5 IP Configuration Note If DHCP Bootp is used to configure the switch see the Note above If you are using DHCP to acquire the IP address for the switch the IP address lease time may have expired so that the IP address has changed For more information on how to reserve an IP address refer to the documentation for the DHCP application that you are using If one or mo...

Page 448: ...oadcast storms may be occurring in the network These may be due to redundant links between nodes If you are configuring a port trunk finish configuring the ports in the trunk before connecting the related cables Otherwise you may inad vertently create a number of redundant links i e topology loops that will cause broadcast storms Turn on Spanning Tree Protocol to block redundant links i e topol og...

Page 449: ...ts DHCP Bootp requests it continues to periodically send requestpackets butwithdecreasing frequency Thus if a DHCPor Bootp server is not available or accessible to the switch when DHCP Bootp is first configured the switch may not immediately receive the desired configuration After verifying that the server has become accessible to the switch reboot the switch to re start the process Prioritization...

Page 450: ... blocking in non root devices In this case the non root device shows an entry in its CDP Neighbors table for every port on which it receives a CDP packet from the root device See Effect of Spanning Tree STP On CDP Packet Transmission on page 10 24 IGMP Related Problems IP Multicast IGMP Traffic That Is Directed By IGMP Does Not Reach IGMP Hosts or a Multicast Router Connected to a Port IGMP must b...

Page 451: ...ed Access Control 802 1x Related Problems Note To list the 802 1x port access Event Log messages stored on the switch use show log 802 See also Radius Related Problems on page C 12 The switch does not receive a response to RADIUS authentication requests In this case the switch will attempt authentication using the secondary method configured for the type of acces you are using console Telnet or SS...

Page 452: ...cant but cannot gain access to the intended authenticator port on the switch to which it is connected If aaa authentication port access is configured for Local ensure that you have entered the local login operator level username and password of the authenticator switch into the identity and secret parame ters of the supplicant configuration If instead you enter the enable manager level username an...

Page 453: ...tch already has a server specific key assigned to the server s IP address then it overrides the global key and must match the server key Also ensure that the switch port used to access the RADIUS server is not blocked by an 802 1x configuration on that port For example show port access authenticator port list gives you the status for the specified ports Also ensure that other factors such as port ...

Page 454: ...is case the switch will attempt authentication using the secondary method configured for the type of acces you are using console Telnet or SSH There can be several reasons for not receiving a response to an authentication request Do the following Use ping to ensure that the switch has access to the configured RADIUS server Verify that the switch is using the correct encryption key for the desig na...

Page 455: ...C 13 Troubleshooting Unusual Network Activity Figure C 2 Examples of Global and Unique Encryption Keys Global RADIUS Encryption Key Unique RADIUS Encryption Key for the RADIUS server at 10 33 18 119 ...

Page 456: ... separate VLANs A solution is to use only one multiple VLAN tagged link between the devices Also if ports are available you can improve the bandwidth in this situation by using a port trunk See Spanning Tree Operation with VLANs on page 11 30 Fast Uplink Troubleshooting Some of the problems that can result from incorrect useage of Fast Uplink STP include temporary loops and generation of duplicate...

Page 457: ...and Private Key Pair in the Access Security Guide for your switch Switch does not detect a client s public key that does appear in the switch s public key file show ip client public key The client s public key entry in the public key file may be preceded by another entry that does not terminate with a new line CR In this case the switch interprets the next sequential key entry as simply a comment ...

Page 458: ...AN has been configured as the primary VLAN and the Commander is not on the primary VLAN then the Commander will not detect Candidates on the primary VLAN TACACS Related Problems Event Log When troubleshooting TACACS operation check the switch s Event Log for indications of problem areas All Users Are Locked Out of Access to the Switch If the switch is func tioning properly but no username password...

Page 459: ...itch s tacacs server host command may not be correct Use the switch s show tacacs server command to list the TACACS server IP address The encryption key configured in the server does not match the encryption key configured in the switch by using the tacacs server key command Verify the key in the server and compare it to the key configured in the switch Useshowtacacs serverto list theglobalkey Use...

Page 460: ...er VLAN it may be disabled or does not have ports assigned to it VLAN Related Problems Monitor Port When using the monitor port in a multiple VLAN environ ment the switch handles broadcast multicast and unicast traffic output from the monitor port as follows If the monitor port is configured for tagged VLAN operation on the same VLAN as the traffic from monitored ports the traffic output from the ...

Page 461: ...es with multiple forwarding databases Thus duplicate MAC addresses occuring on different VLANs can appear where a device having one MAC address is a member of more than one 802 1Q VLAN and the switch port to which the device is linked is using VLANs instead of STP or trunking to establish redundant links to another switch If the other device sends traffic over multiple VLANs its MAC address will c...

Page 462: ...ports You can avoid this problem by creating redundant paths using port trunks or spanning tree Figure C 4 Example of Duplicate MAC Address Server Switch 4108GL Multiple Forwarding Database Switch with Single Forwarding Database MAC Address A VLAN 1 MAC Address A VLAN 2 Problem Thisswitchdetects continual moves of MAC address A between ports VLAN 1 VLAN 2 ...

Page 463: ...try was placed in the log System Module is the internal module such as ports for port manager that generated the log entry If VLANs are configured then a VLAN name also appears for an event that is specific to an individual VLAN Table C 1 on page C 22 lists the individual modules Event Message is a brief description of the operating event The event log holds up to 1000 lines in chronological order...

Page 464: ...ootp bootp addressing snmp SNMP communications console Console interface stack Stacking dhcp DHCP addressing stp Spanning Tree download file transfer sys system Switch management FFI Find Fix and Inform available in the console event log and web browser interface alert log telnet Telnet activity garp GARP GVRP tcp Transmission control igmp IP Multicast tftp File transfer for new OS or config ip IP...

Page 465: ...ts recorded Event entries containing a specific keyword either since the last boot or all events recorded Syntax show logging a search text HPswitch show logging Lists recorded logmessages since last reboot HPswitch show logging a Lists all recorded log messages including those before the last reboot HPswitch show logging a systemLists log messages with system in the text or modulename HPswitch sh...

Page 466: ...figure the switch port to the same setting as the end node port See Chapter 9 Optimizing Traffic Flow with Port Controls Port Trunking and Port Based Priority Ping and Link Tests The Ping test and the Link test are point to point tests between your switch and another IEEE 802 3 compliant device on your network These tests can tell you whether the switch is communicating properly with another devic...

Page 467: ...vice on the same or another IP network that can respond to IP packets ICMP Echo Requests Link Test This is a test of the connection between the switch and a desig nated network device on the same LAN or VLAN if configured During the link test IEEE 802 2 test packets are sent to the designated network device in the same VLAN or broadcast domain The remote device must be able to respond with an 802 ...

Page 468: ...nks or devices DestinationIP MAC Address is the network address of the target or destination device to which you want to test a connection with the switch An IP address is in the X X X X format where X is a decimal number between 0 and 255 A MACaddressismadeupof12hexadecimaldigits forexample 0060b0 080400 4 For a Ping test enter the IP address of the target device For a Link test enter the MAC add...

Page 469: ...ick on the Stop button To reset the screen to its default settings click on the Defaults button CLI Ping or Link Tests Ping Tests You can issue single or multiple ping tests with varying repiti tions and timeout periods The defaults and ranges are Repetitions 1 1 999 Timeout 5 seconds 1 256 seconds Syntax ping ip address repetitions 1 999 timeout 1 256 Figure C 8 Examples of Ping Tests To halt a p...

Page 470: ...ods The defaults are Repetitions 1 1 999 Timeout 5 seconds 1 256 seconds Syntax link mac address repetitions 1 999 timeout 1 256 vlan vlan id Figure C 9 Example of Link Tests Basic Link Test Link Test with Repetitions Link Test with Repetitions and Timeout Link Test Over a Specific VLAN Link Test Over a Specific VLAN Test Fail ...

Page 471: ...n some troubleshooting scenarios to view the switch configuration CLI Viewing the Configuration File Using the CLI you can display either the running configuration or the startup configuration For more on these topics see appendix C Switch Memory and Configuration Syntax write terminal Displays the running config file show running config Displays the running config file show config Displays the st...

Page 472: ...d LACP Stacking status this switch Stacking status all Syntax show tech Executing show tech outputs a data listing to your terminal emulator However using your terminal emulator s text capture features you can also save show tech data to a text file for viewing printing or sending to an associate For example if your terminal emulator is the Hyperterminal application available with Microsoft Window...

Page 473: ...ck Start to create and open the text file 4 Execute show tech HPswitch show tech a Each time the resulting listing halts and displays MORE press the Space bar to resume the listing b When the CLI prompt appears the show tech listing is complete At this point click on Transfer Capture Text Stop in HyperTerminal to stop copying data into the text file created in the preceding steps N ot e Remember t...

Page 474: ... for Help in Troubleshooting Web Viewing the Configuration File To display the running configuration through the web browser interface 1 Click on the Diagnostics tab 2 Click on Configuration Report 3 Use the right side scroll bar to scroll through the configuration listing ...

Page 475: ...ine Reference CLI Syntax show version Shows the software version currently running on the switch and the flash image from which the switch booted primary or secondary show boot history Displays the switch shutdown history show history Displays the current command history no page Toggles the paging mode for display commands between continuous listing and per page listing setup Displays the Switch S...

Page 476: ...tsfactory defaultconfiguration You can also save your configuration via Xmodem to a directly connected PC CLI Resetting to the Factory Default Configuration This command operates at any level except the Operator level Syntax erase startup configuration Deletes the startup config file in flash so that the switch will reboot with its factory default configuration N ot e The erase startup config comm...

Page 477: ...capability such as the Hyper Terminal program included in Windows PC software A copy of a good OS image file for the switch N ot e The following procedure requires the use of Xmodem and copies an OS image into primary flash only This procedure assumes you are using HyperTerminal as your terminal emu lator If you use a different terminal emulator you may need to adapt this procedure to the operatio...

Page 478: ...re iv Change the baud rate to 115200 v Click on OK In the next window click on OK again vi Select Call Connect vii Press Enter one or more times to display the prompt 5 Start the Console Download utility by typing do at the prompt and pressing Enter do 6 You will then see this prompt 7 At the above prompt a Type y for Yes b Select Transfer File in HyperTerminal c Enter the appropriate filename and...

Page 479: ... a Flash Image Figure C 12 Example of Xmodem Download in Progress 8 When the download completes the switch reboots from primary flash using the OS image you downloaded in the preceding steps plus the most recent startup config file ...

Page 480: ...C 38 Troubleshooting Restoring a Flash Image ...

Page 481: ... to additional VLANs you configure in the switch For internal switch operations One MAC address per port See CLI Viewing the Port and VLAN MAC Addresses on page D 4 MAC addresses are assigned at the factory The switch automatically implements these addresses for VLANs and ports as they are added to the switch N ot e The switch s base MAC address is also printed on a label affixed to the back of th...

Page 482: ...non default VLAN you have configured on the switch N ot e The switch s base MAC address is used for the default VLAN VID 1 that is always available on the switch Use the CLI to view the switch s port MAC addresses in hexadecimal format Feature Default Menu CLI Web view switch s base default vlan MAC address and the addressing for any added VLANs n a D 3 D 4 viewportMACaddresses hexadecimalformat n...

Page 483: ...s the name has been changed by using the VLAN Names screen On the Switch 4108GL the VID VLAN identification number for the default VLAN is always 1 and cannot be changed To View the MAC Address and IP Address assignments for VLANs Configured on the Switch 1 From the Main Menu Select 1 Status and Counters 2 Switch Management Address Information If the switch has only the default VLAN the following ...

Page 484: ...ix MAC addresses in the allotment and so on The switch s base MAC address is assigned to VLAN VID 1 and appears in the walkmib listing after the MAC addresses for the ports If multiple VLANs are configured the MAC addresses assigned to these VLANs appear after the base MAC address To display the switch s MAC addresses use the walkmib command at the command prompt N ot e This procedure displays the...

Page 485: ...s ifPhysAddress 226 237 MAC Addresses for non default VLANs ifPhysAddress 1 6 Ports A1 A6 in Slot 1 Addresses 7 24 in slot 1 and 25 48 in slot 2 are unused ifPhysAddress 49 51 Ports C1 C3 in Slot 3 Addresses 52 72 in slot 3 are unused ifPhysAddress 205 Base MAC Address MAC Address for default VLAN VID 1 ...

Page 486: ...D 6 MAC Address Management Determining MAC Addresses ...

Page 487: ...nges there are five pre defined settings named Alaska Canada and Continental US Middle Europe and Portugal Southern Hemisphere Western Europe The pre defined settings follow these rules Alaska Begin DST at 2am the first Sunday on or after April 24th End DST at 2am the first Sunday on or after October 25th Canada and Continental US Begin DST at 2am the first Sunday on or after April 1st End DST at ...

Page 488: ...stern Europe Begin DST at 2am the first Sunday on or after March 23rd End DST at 2am the first Sunday on or after October 23rd A sixth option named User defined allows you to customize the DST config uration by entering the beginning month and date plus the ending month and date for the time change The menu interface screen looks like this all month date entries are at their default values Figure ...

Page 489: ...y If the configured day is a Sunday the time changes at 2am on that day If the configured day is not a Sunday the time changes at 2am on the first Sunday after the configured day This is true for both the Beginning day and the Ending day With that algorithm one should use the value 1 to represent first Sunday of the month and a value equal to number of days in the month minus 6 to represent last S...

Page 490: ......

Page 491: ...3 B bandwidth displaying utilization 4 16 blocked link from STP operation 13 5 blocked port from IGMP operation 12 5 from STP operation 13 4 boot ROM console A 3 boot ROM mode C 35 Bootp 7 3 7 10 10 2 Bootp table file 7 12 Bootptab file 7 12 effect of no reply C 6 gateway ignored 11 7 operation 7 12 using with Unix systems 7 12 Bootp DHCP differences 7 11 BPDU 11 33 13 3 13 5 bridge protocol data ...

Page 492: ...ving from menu interface 2 10 serial link 6 3 SNMP 10 3 10 4 spanning tree protocol 13 4 startup 2 10 system 6 9 Telnet access configuration 6 3 transferring A 13 trap receivers 10 8 viewing 5 5 VLAN 11 3 web browser access 6 3 configuration file browsing for troubleshooting C 29 configuring RSTP 13 9 console C 6 configuring 6 3 ending a session 2 5 features 1 3 Main menu 2 7 navigation 2 9 2 10 o...

Page 493: ...3 forbid See GVRP format date C 21 format time C 21 forwarding port IGMP 12 5 friendly port names See port names friendly G GARP See GVRP gateway 7 3 7 5 gateway IP address 7 4 7 6 gateway manual config 11 7 global config level 7 8 GVRP advertisement 11 47 advertisement defined 11 33 advertisement responses to 11 35 advertisements generating 11 40 auto 11 39 benefit 11 33 block 11 37 CLI configuri...

Page 494: ...ity timeout 6 4 Inbound Telnet Enabled parameter C 5 interfaces listed 1 2 invalid input 3 13 IP CLI access 7 7 configuration 7 3 DHCP Bootp 7 3 duplicate address C 6 duplicate address DHCP network C 6 effect when address not used 7 9 gateway 7 3 11 7 gateway IP address 7 4 global assignment 7 18 globally assigned addressing 7 18 menu access 7 5 stacking 7 5 subnet mask 7 3 7 6 using for web brows...

Page 495: ...iguration 2 10 menu interface configuration changes saving 2 10 configuring RSTP 13 16 message VLAN already exists 11 21 MIB 10 3 MIB listing 10 3 MIB HP proprietary 10 3 MIB standard 10 3 Microsoft Internet Explorer 4 4 mirroring See port monitoring monitoring traffic B 23 monitoring traffic 10 2 multicast group See IGMP multimedia See IGMP multiple VLAN 10 2 multi port bridge 7 2 N navigation co...

Page 496: ...displaying 6 18 summary 6 15 port security port trunk restriction 9 11 trunk restriction 9 15 port trunk 9 10 caution 9 11 9 16 9 24 CLI access 9 18 default trunk type 9 17 enabling dynamic LACP 9 23 FEC 9 13 9 30 IGMP 9 15 LACP 9 4 LACP full duplex required 9 11 limit 9 10 link requirements 9 11 logical port 9 15 media requirements 9 14 media type 9 11 menu access to static trunk 9 16 monitor por...

Page 497: ...1 gateway 7 6 router release A 09 70 11 32 RS 232 1 3 RSTP configuring 13 9 configuring per port parameters 13 14 configuring whole switch parameters 13 12 configuring with the CLI 13 10 configuring with the menu 13 16 edge port parameter 13 14 enabling from CLI 13 11 enabling from the menu 13 16 enabling with the web browser 13 18 mcheck parameter 13 14 optimizing the configuration 13 9 path cost...

Page 498: ...ing C 14 fast uplink viewing status CLI 13 37 fast uplink viewing status menu 13 35 fast uplink with port trunks 13 40 global information B 17 information screen B 17 link priority 13 6 loop network 13 3 problems related to C 14 redundant path 13 3 RSTP edge port parameter 13 14 RSTP mcheck parameter 13 14 RSTP path cost parameter 13 14 RSTP point to point mac parameter 13 14 RSTP priority paramet...

Page 499: ... traffic monitoring B 23 traffic port B 9 transceiver fiber optic 9 4 transceiver speed change 9 4 trap 4 24 authentication 10 8 authentication trap 10 11 CLI access 10 8 configuring 10 10 event levels 10 10 limit 10 8 receiver 10 8 SNMP 10 3 10 8 Trap Receivers Configuration screen 10 8 troubleshooting approaches C 3 browsing the configuration file C 29 console access problems C 4 diagnosing unus...

Page 500: ...iguration 11 25 C 19 port monitoring 11 31 port restriction 11 31 port trunk 11 31 primary 7 3 11 7 14 9 14 33 14 45 primary VLAN 11 6 primary CLI command 11 16 11 18 primary select in menu 11 11 primary web configure 11 21 primary with DHCP 11 9 reboot required 2 8 restrictions 11 31 spanning tree operation 13 4 stacking primary VLAN 11 7 static 11 3 11 7 11 10 11 15 support enable disable 2 8 sw...

Page 501: ...ilization 4 16 port utilization and status displays 4 16 screen elements 4 15 security 4 2 4 8 standalone 4 4 status bar 4 22 status indicators 4 22 status overview screen 4 6 system requirements 4 4 troubleshooting access problems C 4 URL default 4 14 URL management server 4 14 URL support 4 14 web browser interface for configuring IGMP 12 10 STP 13 41 web site HP 10 3 world wide web site HP See ...

Page 502: ...12 Index ...

Page 503: ......

Page 504: ...tice Copyright Hewlett Packard Company 2002 All right reserved Reproduction adaptation or translation without prior written permission is prohibited except as allowed under the copyright laws Produced in Singapore Edition 2 May 2002 Manual Part Number 5990 3007 5990 3007 ...

Reviews: