Page 1 HP Switch Software Advanced Traffic Management Guide 3500 switches 3500yl switches 5400zl switches 6200yl switches 6600 switches 8200zl switches Software version K.15.06 September 201 1...
Page 3 HP Networking 3500 Switches 3500yl Switches 5400zl Switches 6200yl Switch 6600 Switches 8200zl Switches September 2011 K.15.06 Advanced Traffic Management Guide...
Page 4 Publication Number performance, or use of this material. 5998-2699 The only warranties for HP products and services are set September 2011 forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty.
Page 5: Table Of Contents
Contents Product Documentation About Your Switch Manual Set ......xiii Electronic Publications ........xiii Software Feature Index .
Page 6 Adding or Editing VLAN Names ......1-23 Adding or Changing a VLAN Port Assignment ....1-25 CLI: Configuring Port-Based and Protocol-Based VLAN Parameters .
Page 7 Handling Incoming and Outgoing VLAN Traffic ....1-64 Sending Heartbeat Packets with a Configured MAC Address ..1-65 Configuring a VLAN MAC Address with Heartbeat Interval ..1-66 Operating Notes .
Page 8 Operating Rules ..........3-13 MSTP Compatibility with RSTP or STP .
Page 9 Loop Protection in Port Mode ......3-75 Loop Protection in VLAN Mode ......3-75 Changing Modes .
Page 10 5 Quality of Service: Managing Bandwidth More Effectively Using Quality of Service Policies ....... 5-1 QoS Terminology .
Page 11 Global Layer-3 Protocol Classifier ......5-53 Assigning a Priority for a Global Layer-3 Protocol Classifier . . . 5-53 Global VLAN-ID Classifier .
Page 12 3500, 3500yl, 6200yl and 6600 Switches ..... 6-1 Components of HP Stack Management ......6-3 General Stacking Operation .
Page 13 7 QinQ (Provider Bridging) Overview ........... . . 7-1 Introduction .
Page 14 Traffic Class-Based Configuration Model ..... . . 8-2 Creating a Traffic Class ........8-4 Using Match Criteria .
Page 15: Product Documentation
Electronic Publications The latest version of each of the publications listed below is available in PDF format on the HP Networking web site, as described in the Note at the top of this page. ■ Installation and Getting Started Guide—Explains how to prepare for and perform the physical installation and connect the switch to your network.
Page 16: Software Feature Index
Intelligent Edge Software Features. These features are automatically included on all switches. Premium License Software Features. For the HP 3500, 3500yl, 5400zl, 6600, and 8200zl switches, Premium License features can be acquired by purchasing the optional Premium License and installing it on the Intelligent Edge version of these switches.
Page 17 Intelligent Edge Manual Software Features Management Advanced Multicast and Access IPv6 Basic Traffic Routing Security Configura- Operation Configura- Management Guide tion Guide Guide tion Access Control Lists (ACLs) Access Control Lists (ACLs) (IPv6) AAA Authentication Authorized IP Managers Authorized IP Managers (IPv6) Authorized Manager List (Web, Telnet, TFTP)
Page 18 Intelligent Edge Manual Software Features Management Advanced Multicast and Access IPv6 Basic Traffic Routing Security Configura- Operation Configura- Management Guide tion Guide Guide tion Dynamic ARP Protection Dynamic Configuration Arbiter Dynamic IP Lockdown Eavesdrop Protection PCM/PCM+ Equal Cost Multi-Path (ECMP) Event Log Factory Default Settings Flow Control (802.3x)
Page 19 Intelligent Edge Manual Software Features Management Advanced Multicast and Access IPv6 Basic Traffic Routing Security Configura- Operation Configura- Management Guide tion Guide Guide tion Key Management System (KMS) LACP LLDP LLDP-MED Loop Protection MAC Address Management MAC Lockdown MAC Lockout MAC-based Authentication Management VLAN Management Security (IPv6)
Page 20 Intelligent Edge Manual Software Features Management Advanced Multicast and Access IPv6 Basic Traffic Routing Security Configura- Operation Configura- Management Guide tion Guide Guide tion Ping Policy-based Routing (PBR) Port Configuration Port Monitoring Port Security Port Status Port Trunking (LACP) Port-Based Access Control (802.1X) Power over Ethernet (PoE and PoE+)
Page 21 Intelligent Edge Manual Software Features Management Advanced Multicast and Access IPv6 Basic Traffic Routing Security Configura- Operation Configura- Management Guide tion Guide Guide tion Secure FTP (IPv6) sFlow SFTP SNMPv3 SNMP (IPv6) Software Downloads (SCP/ SFTP, TFPT, Xmodem) Source-Port Filters Spanning Tree (STP, RSTP, MSTP) SSHv2 (Secure Shell)
Page 22 Intelligent Edge Manual Software Features Management Advanced Multicast and Access IPv6 Basic Traffic Routing Security Configura- Operation Configura- Management Guide tion Guide Guide tion Tunneling (6in4) Uni-Directional Link Detection (UDLD) UDP Forwarder USB Device Support Virus Throttling (Connection-Rate Filtering) VLANs VLAN Mirroring (1 static VLAN) Voice VLAN...
Page 23: Static Virtual Lans (Vlans)
Static Virtual LANs (VLANs) Overview This chapter describes how to configure and use static, port-based and protocol-based VLANs on the switches covered in this guide.
Page 24: Introduction
Static Virtual LANs (VLANs) Introduction Introduction VLAN Features Feature Default Menu WebAgent view existing VLANs n/a page 1-22 page 1-28 page 1-43 thru 1-27 configuring static default VLAN with page 1-22 page 1-27 page 1-43 VLANs VID = 1 thru 1-27 VLANs enable you to group users by logical function instead of physical location.
Page 25: Types Of Static Vlans Available In The Switch
■ The Secure Management VLAN: This optional, port-based VLAN estab- lishes an isolated network for managing the HP switches that support this feature. Access to this VLAN and to the switch’s management functions are available only through ports configured as members (page 1-50).
Page 26: Terminology
Static Virtual LANs (VLANs) Terminology N o t e In a multiple-VLAN environment that includes some older switch models there may be problems related to the same MAC address appearing on different ports and VLANs on the same switch. In such cases the solution is to impose some cabling and VLAN restrictions.
Page 27: Static Vlan Operation
Static Virtual LANs (VLANs) Static VLAN Operation Static VLAN Operation A group of networked ports assigned to a VLAN form a broadcast domain that is separate from other VLANs that may be configured on the switch. On a given switch, packets are bridged between source and destination ports that belong to the same VLAN.
Page 28: Vlan Environments
Static Virtual LANs (VLANs) Static VLAN Operation Port-Based VLANs Protocol-Based VLANs Untagged A port can be a member of one untagged, port- A port can be an untagged member of one protocol VLAN based VLAN. All other port-based VLAN VLAN of a specific protocol type (such as IPX or IPv6). Membership assignments for that port must be tagged.
Page 29: Vlan Operation
Static Virtual LANs (VLANs) Static VLAN Operation Table 1-2. VLAN Environments VLAN Environment Elements The default VLAN (port-based; In the default VLAN configuration, all ports belong to VLAN VID of “1”) Only 1 as untagged members. VLAN 1 is a port-based VLAN, for IPv4 traffic. Multiple VLAN Environment In addition to the default VLAN, the configuration can include one or more other port-based VLANs and one or more...
Page 30: Routing Options For Vlans
Static Virtual LANs (VLANs) Static VLAN Operation on the switch, then the external router is not needed for traffic to move between port-based VLANs. Switch with Multiple VLANs Configured and Internal Routing External Disabled Router VLAN W VLAN X VLAN Y VLAN Z Figure 1-2.
Page 31: Overlapping (Tagged) Vlans
Static Virtual LANs (VLANs) Static VLAN Operation Port- IPX IPv4 IPv6 ARP Apple Netbeui Based -Talk — — — — — — — — NETbeui — — — — — — — — Requires an external router to route between VLANs. Not a routable protocol type.
Page 32 Static Virtual LANs (VLANs) Static VLAN Operation The same link carries Red Red Server Blue Server VLAN and Blue VLAN traffic. HP Switch VLAN VLAN Switch Blue Blue VLAN VLAN VLAN Figure 1-4. Example of Connecting Multiple VLANs Through the Same Link Introducing Tagged VLAN Technology into Networks Running Legacy (Untagged) VLANs.
Page 33: Per-Port Static Vlan Configuration Options
Static Virtual LANs (VLANs) Static VLAN Operation “CLI: Configuring VLAN Parameters” (page 1-21) ■ ■ “WebAgent: Viewing and Configuring VLAN Parameters” (page 1-43) ■ “VLAN Tagging Information” (page 1-44) “Effect of VLANs on Other Switch Features” (page 1-60) ■ ■ “VLAN Restrictions”...
Page 34: Vlan Operating Rules
Static Virtual LANs (VLANs) VLAN Operating Rules Parameter Effect on Port Participation in Designated VLAN : Appears when the switch is not GVRP-enabled; prevents the port from joining that VLAN. - or - Auto Auto : Appears when GVRP is enabled on the switch; allows the port to dynamically join any advertised VLAN that has the same VID Forbid Prevents the port from joining the VLAN, even if GVRP is enabled on the...
Page 35 Static Virtual LANs (VLANs) VLAN Operating Rules HP Switch(config)# vlan 97 protocol ipv4 IPv4 assigned without ARP, this may result in undeliverable IP packets. Indicates a protocol VLAN configured with IPv4, but not ARP. ■ Deleting Static VLANs: On the switches covered in this guide you can delete a VLAN regardless of whether there are currently any ports belong- ing to that VLAN.
Page 36 Static Virtual LANs (VLANs) VLAN Operating Rules Port “X” receives an inbound, untagged Packet. Is the Drop the port an untagged packet. member of any VLANs? Does the packet’s protocol Forward the match the protocol of packet on that an untagged VLAN protocol VLAN.
Page 37 Rate-limiting may behave unpredictably on a VLAN if the VLAN spans multiple modules or port-banks. This also applies if a port on a different module or port-bank is added to an existing VLAN. HP does not recommend configuring rate-limiting on VLANs that include ports spanning modules or port-banks.
Page 38: General Steps For Using Vlans
Static Virtual LANs (VLANs) General Steps for Using VLANs Port-bank 1-24 Port-bank 25-48 VLAN B VLAN A Figure 1-9. Example of VLANs Using Ports from the Same Port-Bank for Each VLAN General Steps for Using VLANs Plan your VLAN strategy and create a map of the logical topology that will result from configuring VLANs.
Page 39: Multiple Vlan Considerations
MAC entry, it just adds a new instance of that it replaces the existing MAC instance with MAC to the table. a new instance showing the new destination. Table 1-6 lists the database structure of current HP switch models. 1-17...
Page 40: Single Forwarding Database Operation
Static Virtual LANs (VLANs) Multiple VLAN Considerations Table 1-6. Forwarding Database Structure for Managed HP Switches Multiple Forwarding Databases* Single Forwarding Database* Series E8200zl switches Switch E1600M/E2400M/ E2424M Switch E6600 Switch E4000M/E8000M Series E6400cl switches Series E2500 switches Switch E6200yl...
Page 41: Example Of An Unsupported Configuration And How To Correct It
Static Virtual LANs (VLANs) Multiple VLAN Considerations connected multiple-forwarding-database switch can frequently change. This causes poor performance and the appearance of an intermittent or broken connection. Example of an Unsupported Configuration and How To Correct It The Problem. In figure 1-10, the MAC address table for Switch 8000M will sometimes record the switch as accessed on port A1 (VLAN 1), and other times as accessed on port B1 (VLAN 2): Switch 8000M...
Page 42: Multiple Forwarding Database Operation
Static Virtual LANs (VLANs) Multiple VLAN Considerations Later, the 8212zl switch transmits a packet to the 8000M through the VLAN 1 link, and the 8000M updates its address table to indicate that the 8212zl switch is on port A1 (VLAN 1) instead of port B1 (VLAN 2). Thus, the 8000M’s information on the location of the 8212zl switch changes over time.
Page 43: Configuring Vlans
Static Virtual LANs (VLANs) Configuring VLANs The same port or port trunk interface for multiple (tagged) VLANs. This ■ results in a forwarding database having multiple instances of the same MAC address with different VLAN IDs, but the same port number. Allowing multiple entries of the same MAC address on different VLANs enables topologies such as the following: 4108gl Switch...
Page 44: To Change Vlan Support Settings
Static Virtual LANs (VLANs) Configuring VLANs creates if you enable GVRP—page 2-1.) Note that each port can be assigned to multiple VLANs by using VLAN tagging. (See “802.1Q VLAN Tagging” on page 1-44.) To Change VLAN Support Settings This section describes: ■...
Page 45: Adding Or Editing Vlan Names
Static Virtual LANs (VLANs) Configuring VLANs N o t e For optimal switch memory utilization, set the number of VLANs at the number you will likely be using or a few more. If you need more VLANs later, you can increase this number, but a switch reboot will be required at that time. Press [Enter] and then [S] to save the VLAN support configuration and return to the VLAN Menu screen.
Page 46 Static Virtual LANs (VLANs) Configuring VLANs Default VLAN and VLAN ID Figure 1-15. The Default VLAN Names Screen (for Add). You will then be prompted for a new VLAN name and Press VLAN ID: 802.1Q VLAN ID : 1 Name : _ Type in a VID (VLAN ID number).
Page 47: Adding Or Changing A Vlan Port Assignment
Static Virtual LANs (VLANs) Configuring VLANs Example of a New VLAN and ID Figure 1-16. Example of VLAN Names Screen with a New VLAN Added Repeat steps 2 through 5 to add more VLANs. Remember that you can add VLANs until you reach the number specified in the Maximum VLANs to support field on the VLAN Support screen (see figure 1-13 on page 1-22).
Page 48 Static Virtual LANs (VLANs) Configuring VLANs Default: In this example, the “VLAN-22” has been defined, but no ports have yet been assigned to it. (“No” means the port is not assigned to that VLAN.) Using GVRP? If you plan on using GVRP, any ports you don’t want to join should be changed to “Forbid”.
Page 49: Cli: Configuring Port-Based And Protocol-Based Vlan Parameters
Static Virtual LANs (VLANs) Configuring VLANs Ports A4 and A5 are assigned to both VLANs. Ports A6 and A7 are assigned only to VLAN-22. All other ports are assigned only to the Default VLAN. Figure 1-18. Example of Port-Based VLAN Assignments for Specific Ports For information on VLAN tags (“Untagged”...
Page 50 Static Virtual LANs (VLANs) Configuring VLANs VLAN Commands Page show vlans below show vlans < vid > 1-32 show vlans ports <port-list> max-vlans <1-2048> 1-37 primary-vlan < vid > 1-37 [no] vlan < vid > 1-39 auto < port-list > 1-41 (Available if GVRP enabled.) forbid 1-41...
Page 51 For more on jumbos, refer to the chapter titled “Port Traffic Controls” in the Management and Configuration Guide for your switch. For example: HP Switch# show vlans When GVRP is disabled (the default), Dynamic Status and Counters - VLAN Information...
Page 52 Mode: Indicates whether a VLAN is tagged or untagged. Figure 1-20 is an example of the output when the detail option is not used. HP Switch (config)# show vlan ports a1-a24 Status and Counters - VLAN Information - for ports A1-A24...
Page 53 Static Virtual LANs (VLANs) Configuring VLANs Figure 1-21 is an example of the output when the detail option is used. HP Switch (config)# show vlan ports a1-a3 detail Status and Counters - VLAN Information - for ports A1 VLAN ID Name...
Page 54 Static Virtual LANs (VLANs) Configuring VLANs Displaying the Configuration for a Particular VLAN . This command uses the VID to identify and display the data for a specific static or dynamic VLAN. show vlans < vlan-id > Syntax: 802.1Q VLAN ID: The VLAN identification number, or VID. Refer to “Terminology”...
Page 55 Static Virtual LANs (VLANs) Configuring VLANs HP Switch(config)# show vlans 22 Status and Counters - VLAN Information - VLAN 22 VLAN ID : 22 Name : VLAN22 Status : Port-based Voice : Yes Jumbo : No Port Information Mode Unknown VLAN Status...
Page 56: Customizing The Show Vlans Output
Static Virtual LANs (VLANs) Configuring VLANs Customizing the Show VLANs Output The show vlans custom command allows you to customize the information displayed when executing the show vlans command. Syntax: show vlans custom [port <port-list>] column-list Select the information that you want to display in the order you want to display it for the show vlans command.
Page 57 Static Virtual LANs (VLANs) Configuring VLANs HP Switch (config)# show vlan custom A1-A3 id name:20 ipaddr state Status and Counters - VLAN Information - Custom view VLANID VLAN name IP Addr State ------ -------------------- --------------------------------- ----- DEFAULT_VLAN 15.255.134.74 Vlan33 10.10.10.01 Vlan44 15.255.164.13...
Page 58: Creating An Alias For Show Vlan Commands
For example, if you enter a command that produces an error (vlan is misspelled) with the pattern matching include option: HP Switch(config)# show vlans custom 1-3 name vlun | include vlan1 the output may be empty. It is advisable to try the show vlans custom command first to ensure there is output, and then enter the command again with the pattern matching option.
Page 59: Changing The Number Of Vlans Allowed On The Switch
VLANs to a value smaller than the current number of VLANs. For example, to reconfigure the switch to allow 10 VLANs: HP Switch[config)# max-vlans 10 Note that you This command will take effect after saving the configuration and can execute rebooting the system.
Page 60 Configuring VLANs Reassigns the Primary VLAN to VLAN 22. HP Switch(config)# primary-vlan 22 HP Switch(config)# vlan 22 name 22-Primary HP Switch(config)# show vlans Renames VLAN 22 to “22-Primary”. Status and Counters - VLAN Information Maximum VLANs to support : 8...
Page 61 Static Virtual LANs (VLANs) Configuring VLANs Creating a New Static VLAN (Port-Based or Protocol-Based) Changing the VLAN Context Level. The vlan < vid > command operates in the global configuration context to either configure a static VLAN and/or take the CLI to the specified VLAN’s context. Syntax: vlan <...
Page 62 Designates a VLAN for VoIP use. For more on this topic, refer to “Voice VLANs” on page 1-58. For example, to create a new, port-based, static VLAN with a VID of 100: HP Switch(config)# vlan 100 Creates the new VLAN. HP Switch(config)# show vlans...
Page 63 Static Virtual LANs (VLANs) Configuring VLANs HP Switch(config)# no vlan 3 The following ports will be moved to the default VLAN: B6-B10 Do you want to continue? [y/n] y HP Switch(config)# Converting a Dynamic VLAN to a Static VLAN. Use this feature if you want to convert a dynamic, port-based VLAN membership to a static, port- based VLAN membership.
Page 64 Similarly, to change the tagged ports in the above examples to No (or Auto, if GVRP is enabled), you could use either of the following commands. At the global config level, use: HP Switch(config)# no vlan 100 tagged a1-a5 - or - At the VLAN 100 context level, use:...
Page 65: Webagent: Viewing And Configuring Vlan Parameters
Static Virtual LANs (VLANs) Configuring VLANs N o t e You cannot use these commands with dynamic VLANs. Attempting to do so results in the message “VLAN already exists.” and no change occurs. WebAgent: Viewing and Configuring VLAN Parameters In the WebAgent you can do the following: Add VLANs ■...
Page 66: 802.1Q Vlan Tagging
Static Virtual LANs (VLANs) 802.1Q VLAN Tagging 802.1Q VLAN Tagging General Applications: ■ The switch requires VLAN tagging on a given port if more than one VLAN of the same type uses the port. When a port belongs to two or more VLANs of the same type, they remain as separate broadcast domains and cannot receive traffic from each other without routing.
Page 67 Static Virtual LANs (VLANs) 802.1Q VLAN Tagging White Blue White Blue Server Server VLAN VLAN VLAN Red VLAN: Untagged Green VLAN: Tagged Switch Switch “X” “Y” Server Green Green Green VLAN Server VLAN VLAN Ports 1 - 4: Untagged Ports 1 - 6: Untagged Port 5: Red VLAN Untagged Port 7: Red VLAN Untagged Green VLAN Tagged...
Page 68 Static Virtual LANs (VLANs) 802.1Q VLAN Tagging N o t e Each 802.1Q-compliant VLAN must have its own unique VID number, and that VLAN must be given the same VID in every device in which it is configured. That is, if the Red VLAN has a VID of 10 in switch X, then 10 must also be used for the Red VID in switch Y.
Page 69 Static Virtual LANs (VLANs) 802.1Q VLAN Tagging If all end nodes on a port comply with the 802.1Q standard and are ■ configured to use the correct VID, then, you can configure all VLAN assignments on a port as “Tagged” if doing so either makes it easier to manage your VLAN assignments, or if the authorized, inbound traffic for all VLANs on the port will be tagged.
Page 70 Static Virtual LANs (VLANs) 802.1Q VLAN Tagging The VLANs assigned to ports X4 - X6, Y2 - Y5 can all be untagged because ■ there is only one VLAN assigned per port. ■ Port X1 has two AppleTalk VLANs assigned, which means that one VLAN assigned to this port can be untagged and the other must be tagged.
Page 71: Special Vlan Types
Static Virtual LANs (VLANs) Special VLAN Types Special VLAN Types VLAN Support and the Default VLAN In the factory default configuration, VLAN support is enabled and all ports on the switch belong to the port-based, default VLAN (named DEFAULT_VLAN). This places all ports in the switch into one physical broadcast domain. In the factory-default state, the default VLAN is also the Primary VLAN.
Page 72: The Secure Management Vlan
The Secure Management VLAN Configuring a secure Management VLAN creates an isolated network for managing the HP switches that support this feature. If you configure a secure Management VLAN, access to the VLAN and to the switch’s management functions (Menu, CLI, and WebAgent) is available only through ports config- ured as members.
Page 73 Static Virtual LANs (VLANs) Special VLAN Types • Switches “A”, “B”, and “C” are connected by ports belonging to the Server management VLAN. Switch B Switch A • Hub “X” is connected to a switch port that belongs to the Hub X management VLAN.
Page 74: Preparation
• Ports on one switch that you will use to extend the Management VLAN to ports on other HP switches (such as ports A1 and B2 or B4 and C2 in figure 1-34 on page 1-52.). Hubs dedicated to connecting management stations to the Management VLAN can also be included in the above topology.
Page 75: Configuration
802.1Q tagged VLAN capability.) Use port A2 to extend the Management VLAN to port B1 (which is already ■ configured as a tagged member of My_VLAN) on an adjacent HP switch that supports the Management VLAN feature. Switch Switch “A”...
Page 76: Using Dhcp To Obtain An Ip Address
Static Virtual LANs (VLANs) Special VLAN Types Using DHCP to Obtain an IP Address You can use DHCP to obtain an IPv4 address for your Management VLAN or a client on that VLAN. The following examples illustrate when an IP address will be received from the DHCP server.
Page 77 Static Virtual LANs (VLANs) Special VLAN Types If Red_VLAN is configured as the Management VLAN and the DHCP server is on Blue_VLAN, Blue_VLAN receives an IP address but Red_VLAN does not. See figure 1-37. Red_VLAN is Management VLAN - does not receive IP address DHCP Server...
Page 78 Static Virtual LANs (VLANs) Special VLAN Types If Red_VLAN is configured as the Management VLAN and the client is on Red_VLAN, but the DHCP server is on Blue_VLAN, the client will not receive an IP address. See figure 1-39. Red_VLAN is the Management VLAN and the client is on Red_VLAN.
Page 79: Deleting The Management Vlan
You can disable the Secure Management feature without deleting the VLAN itself. For example, either of the following commands disables the Secure Management feature in the above example: HP Switch(config)# no management-vlan 100 HP Switch(config)# no management-vlan my_vlan Operating Notes for Management VLANs Use only a static, port-based VLAN for the Management VLAN.
Page 80: Voice Vlans
Static Virtual LANs (VLANs) Special VLAN Types Monitoring Shared Resources: The Management VLAN feature shares ■ internal switch resources with several other features. The switch provides ample resources for all features. However, if the internal resources become fully subscribed, the Management VLAN feature cannot be con- figured until the necessary resources are released from other uses.
Page 81: Components Of Voice Vlan Operation
For example, if you configured a voice VLAN with a VID of 10, and wanted the highest priority for all traffic on this VLAN, you would execute the following command: HP Switch(config) # vlan 10 qos priority 7 HP Switch(config) # write memory 1-59...
Page 82: Voice Vlan Access Security
. Note that Spanning Tree operates differently in different devices. For example, in the (obsolete, non-802.1Q) HP Switch 2000 and the HP Switch 800T, Span- ning Tree operates on a per-VLAN basis, allowing redundant physical links as long as they are in separate VLANs.
Page 83: Ip Interfaces
Static Virtual LANs (VLANs) Effect of VLANs on Other Switch Features IP Interfaces There is a one-to-one relationship between a VLAN and an IP network inter- face. Since the VLAN is defined by a group of ports, the state (up/down) of those ports determines the state of the IP network interface associated with that VLAN.
Page 84: Vlan Restrictions
Static Virtual LANs (VLANs) VLAN Restrictions VLAN Restrictions ■ A port must be a member of at least one VLAN. In the factory default configuration, all ports are assigned to the default VLAN (DEFAULT_VLAN; VID = 1). ■ A port can be a member of one untagged, port-based VLAN. All other port- based VLAN assignments for that port must be tagged.
Page 85: Migrating Layer 3 Vlans Using Vlan Mac Configuration
By configuring the MAC address of the previously installed router as the MAC address of each VLAN interface on an HP switch, you can swap the physical port of a router to the HP switch after the switch has been properly configured in the network.
Page 86: Handling Incoming And Outgoing Vlan Traffic
MAC address of the previously installed router that is configured for each VLAN interface. Outgoing VLAN traffic uses the MAC address of the HP switch as the source MAC address in packet headers. The MAC address configured on VLAN interfaces is not used on outbound VLAN traffic.
Page 87: Sending Heartbeat Packets With A Configured Mac Address
Heartbeat packets are sent at periodic intervals with a specific HP unicast MAC address in destination field. This MAC address is assigned to HP and is not used by other non-HP routers. Because the heartbeat packet contains a unicast MAC address, it does not interrupt host operation.
Page 88: Configuring A Vlan Mac Address With Heartbeat Interval
Configuring a VLAN MAC Address with Heartbeat Interval When installing HP routing switches in the place of existing routers in a network configuration, you can achieve Layer 3 VLAN migration by using the ip-recv-mac-address command at the VLAN configuration level to: Configure the MAC address of the previously installed router on each ■...
Page 89: Example
VRRP is not supported on a VLAN interface with a user-configured MAC address. Example The following example shows how to configure a MAC address on VLAN 101. HP Switch# configure terminal HP Switch(config)# vlan 101 HP Switch(vlan-101)# ip-recv-mac-address 0060b0-e9a200 interval 100...
Page 90 Static Virtual LANs (VLANs) Migrating Layer 3 VLANs Using VLAN MAC Configuration 1-68...
Page 91: Gvrp
GVRP Overview This chapter describes GVRP and how to configure it with the switch’s built- in interfaces, and assumes an understanding of VLANs, which are described in chapter 1, “Static Virtual LANs (VLANs)” .
Page 92: Introduction
GVRP Introduction Introduction Feature Default Menu view GVRP configuration page 2-12 page 2-13 page 2-17 list static and dynamic VLANs — page 2-15 page 2-17 on a GVRP-enabled switch enable or disable GVRP disabled page 2-12 page 2-14 page 2-17 enable or disable GVRP on enabled page 2-12...
Page 93: General Operation
GVRP General Operation dynamic VLAN, you can optionally use the CLI static <vlan-id> command to convert it to a static VLAN or allow it to continue as a dynamic VLAN for as long as needed. You can also use GVRP to dynamically enable port member- ship in static VLANs configured on a switch.
Page 94 GVRP General Operation Operating Note: When a GVRP-aware port on a switch learns a VID through GVRP from another device, the switch begins advertising that VID out all of its ports except the port on which the VID was learned. Core switch with static Port 1 receives advertise- Port 4 receives advertise-...
Page 95 GVRP General Operation Switch “C” Switch “A” Switch “C”: GVRP On GVRP On Port 5 dynamically joins VLAN 22. Ports 11 and 12 belong to Tagged VLAN 33. Tagged VLAN 22 Tagged Switch “E” VLAN 33 GVRP On Switch “B” Switch “D”...
Page 96: Per-Port Options For Handling Gvrp "Unknown Vlans
GVRP Per-Port Options for Handling GVRP “Unknown VLANs” Send VLAN advertisements, and also receive advertisements for VLANs ■ on other ports and dynamically join those VLANs. ■ Send VLAN advertisements, but ignore advertisements received from other ports. Avoid GVRP participation by not sending advertisements and dropping ■...
Page 97 GVRP advertisements. The CLI show gvrp command and the menu interface VLAN Support screen show a switch’s current GVRP configuration, including the Unknown VLAN settings. HP Switch(config)# show gvrp GVRP support Maximum VLANs to support [256] : 256 GVRP Enabled...
Page 98: Per-Port Options For Dynamic Vlan Advertising And Joining
GVRP Per-Port Options for Dynamic VLAN Advertising and Joining Per-Port Options for Dynamic VLAN Advertising and Joining Initiating Advertisements. As described in the preceding section, to enable dynamic joins, GVRP must be enabled and a port must be configured to Learn (the default). However, to send advertisements in your network, one or more static (Tagged, Untagged, or Auto) VLANs must be configured on one or more switches (with GVRP enabled), depending on your topology.
Page 99 GVRP Per-Port Options for Dynamic VLAN Advertising and Joining Table 2-2. Controlling VLAN Behavior on Ports with Static VLANs Per-Port Static VLAN Options—Per VLAN Specified on Each Port “Unknown VLAN” Port Activity: Port Activity: Port Activity: Forbid (Per VLAN) (GVRP) Auto (Per VLAN) Tagged or Untagged (Per VLAN)
Page 100: Gvrp And Vlan Access Control
Because dynamic VLANs operate as Tagged VLANs, and because a tagged port on one device cannot communicate with an untagged port on another device, HP recommends that you use Tagged VLANs for the static VLANs you will use to generate advertisements.
Page 101: Planning For Gvrp Operation
GVRP Planning for GVRP Operation Disable GVRP ■ ■ Reboot the switch The time-to-live for dynamic VLANs is 10 seconds. That is, if a port has not received an advertisement for an existing dynamic VLAN during the last 10 seconds, the port removes itself from that dynamic VLAN. Planning for GVRP Operation These steps outline the procedure for setting up dynamic VLANs for a seg- ment.
Page 102: Configuring Gvrp On A Switch
GVRP Configuring GVRP On a Switch Configuring GVRP On a Switch The procedures in this section describe how to: ■ View the GVRP configuration on a switch Enable and disable GVRP on a switch ■ ■ Specify how individual ports will handle advertisements To view or configure static VLANs for GVRP operation, refer to “Per-Port Static VLAN Configuration Options”...
Page 103: Cli: Viewing And Configuring Gvrp
GVRP Configuring GVRP On a Switch The Unknown VLAN fields enable you to configure each port to: – Learn - Dynamically join any advertised VLAN and advertise all VLANs learned through other ports. – Block - Do not dynamically join any VLAN, but still advertise all VLANs learned through other...
Page 104 GVRP Configuring GVRP On a Switch HP Switch(config)# show gvrp GVRP support Maximum VLANs to support [256] : 256 Primary VLAN : DEFAULT_VLAN GVRP Enabled [No] : No Figure 2-6. Example of “Show GVRP” Listing with GVRP Disabled HP Switch(config)# show gvrp...
Page 105 Changes the Unknown VLAN field setting for the specified port(s). For example, to change and view the configuration for ports A1-A2 to Block: HP Switch(config)# interface 1-2 unknown-vlans block Switch(config)# show gvrp GVRP support Maximum VLANs to support [256] : 256...
Page 106 – VLAN-333 The show vlans command lists the dynamic (and static) VLANs in switch “B” after it has learned and joined VLAN-222 and VLAN-333. HP Switch(config)# show vlans Status and Counters - VLAN Information Maximum VLANs to support : 256...
Page 107: Web: Viewing And Configuring Gvrp
GVRP GVRP Operating Notes Web: Viewing and Configuring GVRP To view, enable, disable, or reconfigure GVRP: Click on the Configuration tab. Click on and do the following: [VLAN Configuration] To enable or disable GVRP, click on GVRP Enabled. • • To change the Unknown VLAN field for any port: Click on and make the desired changes.
Page 108 GVRP GVRP Operating Notes Rebooting a switch on which a dynamic VLAN exists deletes that VLAN. ■ However, the dynamic VLAN re-appears after the reboot if GVRP is enabled and the switch again receives advertisements for that VLAN through a port configured to add dynamic VLANs. ■...
Page 109: Multiple Instance Spanning-Tree Operation
Multiple Instance Spanning-Tree Operation Overview The switches covered in this guide, use the IEEE 802.1s Multiple Spanning Tree Protocol (MSTP) standard. MSTP Features 802.1s Spanning Tree Protocol Default Setting Page Ref Viewing MSTP Status and Configuration page 3-51 Configuring MSTP Operation Mode and Disabled page 3-19 Global Parameters...
Page 110 Multiple Instance Spanning-Tree Operation Overview N o t e MSTP cannot protect against loops when there is an unmanaged device on the network that drops spanning tree packets, or may fail to detect loops where this is an edge port configured with client authentication (802.1X, Web and MAC authentication).
Page 111 Multiple Instance Spanning-Tree Operation Overview The logical and physical topologies resulting from these VLAN/Instance groupings result in blocking on different links for different VLANs: Region “A”: Logical Topology Path blocked for VLANs in instance 2. Switch “A” Switch “A” Instance 2 Root for Instance 1 VLANs: 20, 21, 22 VLANs: 10, 11, 12...
Page 112: Multiple Spanning Tree Protocol (Mstp)
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) 802.1s Multiple Spanning Tree Protocol (MSTP) The 802.1D and 802.1w spanning tree protocols operate without regard to a network’s VLAN configuration, and maintain one common spanning tree throughout a bridged network. Thus, these protocols map one loop-free, logical topology on a given physical topology.
Page 113: Mstp Structure
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) In a mesh environment, the default MSTP timer settings (Hello Time and Forward Delay) are usually adequate for MSTP operation. Because a packet crossing a mesh may traverse several links within the mesh, using smaller- than-default settings for the MSTP Hello Time and Forward Delay timers can cause unnecessary topology changes and end-node connectivity problems.
Page 114 Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Common and Internal Spanning Tree (CIST): The CIST identifies the regions in a network and administers the CIST root bridge for the network, the root bridge for each region, and the root bridge for each spanning-tree instance in each region.
Page 115: How Mstp Operates
The switch automatically senses port identity and type, and automatically defines spanning-tree parameters for each type, as well as parameters that apply across the switch. Although these parameters can be adjusted, HP strongly recommends leaving these settings in their default configurations unless the proposed changes have been supplied by an experienced network administrator who has a strong understanding of the IEEE 802.1D/w/s...
Page 116 Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Between regions there is a single, active spanning-tree topology. How Separate Instances Affect MSTP Operation. Assigning different groups of VLANs to different instances ensures that those VLAN groups use independent forwarding paths. For example, in figure 3-3 each instance has a different forwarding path.
Page 117: Regions, Legacy Stp And Rstp Switches, And The Common Spanning Tree (Cst)
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Within a region, traffic routed between VLANs in separate instances can take only one physical path. To ensure that traffic in all VLANs within a region can travel between regions, all of the boundary ports for each region should belong to all VLANs configured in the region.
Page 118: Mstp Operation With 802.1Q Vlans
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) MSTP Operation with 802.1Q VLANs As indicated in the preceding sections, within a given MST instance, a single spanning tree is configured for all VLANs included in that instance. This means that if redundant physical links exist in separate VLANs within the same instance, MSTP blocks all but one of those links.
Page 119: Terminology
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Terminology BPDU — Acronym for bridge protocol data unit. BPDUs are data messages that are exchanged between the switches within an extended LAN that use a spanning tree protocol topology. BPDU packets contain information on ports, addresses, priorities and costs and ensure that the data ends up where it was intended to go.
Page 120 Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) MSTP BPDU (MSTP Bridge Protocol Data Unit): These BPDUs carry region-specific information, such as the region identifier (region name and revision number). If a switch receives an MSTP BPDU with a region identifier that differs from its own, then the port on which that BPDU was received is on the boundary of the region in which the switch resides.
Page 121: Operating Rules
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Operating Rules All switches in a region must be configured with the same set of VLANs, ■ as well as the same MST configuration name and MST configuration number. ■ Within a region, a VLAN can be allocated to either a single MSTI or to the region’s IST instance.
Page 122: Mstp Compatibility With Rstp Or Stp
Multiple Instance Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) If a port on a switch configured for MSTP receives a legacy (STP/802.1D ■ or RSTP/802.1w) BPDU, it automatically operates as a legacy port. In this case, the MSTP switch interoperates with the connected STP or RSTP switch as a separate MST region.
Page 123: Configuring Mstp
Multiple Instance Spanning-Tree Operation Configuring MSTP Note on Path Cost RSTP and MSTP implement a greater range of path costs than 802.1D STP, and use different default path cost values to account for higher network speeds. These values are shown below. Port Type 802.1D STP Path Cost RSTP and MSTP Path Cost...
Page 124 Multiple Instance Spanning-Tree Operation Configuring MSTP Plan individual regions based on VLAN groupings. That is, plan on all ■ MSTP switches in a given region supporting the same set of VLANs. Within each region, determine the VLAN membership for each spanning-tree instance.
Page 125: Mstp Configuration Overview
2. Configure per port parameters. HP recommends that you use the default settings for these parameters and apply changes on a per-port basis only where a non-default setting is clearly indicated by the circumstances of individual links. Other features you might consider include BPDU Filtering or BPDU Protection—these...
Page 126 < n > priority < n > 5. Configure MST instance port parameters. HP recommends that you apply changes on a per-port basis only where a non-default setting is clearly indicated by the circumstances of individual links. For example, you might want to set the path cost value for the port(s) used by a specific MST instance.
Page 127: Configuring Mstp Operation Mode And Global Settings
Multiple Instance Spanning-Tree Operation Configuring MSTP Configuring MSTP Operation Mode and Global Settings The commands in this section apply at the switch (global) level. For details of how to configure spanning tree settings on individual ports, see “Configuring MSTP Per-Port Parameters” on page 3-24. MSTP Global Command Page spanning-tree...
Page 128 Multiple Instance Spanning-Tree Operation Configuring MSTP The no form of the command overwrites the currently configured name with the default name. Note: This option is available only when the switch is configured for MSTP operation. Also, there is no defined limit on the number of regions you can configure.
Page 129 Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: spanning-tree force-version < stp-compatible | rstp-operation | mstp-operation > Sets the spanning-tree compatibility mode. This command forces the switch to emulate behavior of earlier versions of spanning tree protocol, or return to MSTP behavior. The command is useful in test or debug applications, and removes the need to reconfigure the switch for temporary changes in spanning-tree operation.
Page 130 Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: spanning-tree hello-time < 1..10 > If MSTP is running and the switch is operating as the CIST root for your network, this command specifies the time in seconds between transmissions of BPDUs for all ports on the switch configured with the Global option.
Page 131 Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: spanning-tree priority < priority-multiplier > Every switch running an instance of MSTP has a Bridge Identifier, which is a unique identifier that helps distinguish this switch from all others. The switch with the lowest Bridge Identifier is elected as the root for the tree.
Page 132: Configuring Mstp Per-Port Parameters
In an MSTP topology, you configure per-port parameters in the global config- uration context. In most cases, HP recommends that you use the default settings for these parameters and apply changes on a per-port basis only where a non-default setting is clearly indicated by the circumstances of individual links. Some port parameters (such as admin-edge-port) affect all MSTI instances that consist of VLANs configured on the port;...
Page 133: Configuring Per Port Parameters
Multiple Instance Spanning-Tree Operation Configuring MSTP Configuring Per Port Parameters Syntax: [no] spanning-tree <port-list> admin-edge-port Enable admin-edge-port on ports connected to end nodes. During spanning tree establishment, ports with admin- edge-port enabled transition immediately to the forwarding state. If a bridge or switch is detected on the segment, the port automatically operates as non-edge, not enabled.
Page 134 Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: spanning-tree < port-list > mcheck Forces a port to send RST/MST BPDUs for 3 seconds. This tests whether all STP bridges on the attached LAN have been removed and the port can migrate to native MSTP mode and use RST/MST BPDUs for transmission.
Page 135 Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: spanning-tree < port-list > priority < priority-multiplier > MSTP uses this parameter to determine the port(s) to use for forwarding. The port with the lowest priority number has the highest priority for use. The range is 0 to 240, and is configured by specifying a multiplier from 0 - 15.
Page 136: Configuring Bpdu Filtering
Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: spanning-tree < port-list > tcn-guard When tcn-guard is enabled for a port, it causes the port to stop propagating received topology change notifications and topology changes to other ports. (Default: No - disabled) Configuring BPDU Filtering The STP BPDU filter feature allows control of spanning-tree participation on a per-port basis.
Page 137: Configuring Bpdu Protection
For example, to configure BPDU filtering on port a9, enter: HP Switch(config)# spanning-tree a9 bpdu-filter Viewing BPDU Filtering. The spanning-tree show < port> configuration command displays the BPDU’s filter state. HP Switch(config)# show spanning-tree a9 config Column showing BPDU filter status | Path Prio...
Page 138 Multiple Instance Spanning-Tree Operation Configuring MSTP STP Domain SNMP Trap Management Station SNMP Trap SNMP Trap Switch Event Log: port X is disable by STP BPDU protection Fake STP BPDU End User Figure 3-7. Example of BPDU Protection Enabled at the Network Edge The following commands allow you to configure BPDU protection.
Page 139 Configuring MSTP Example. To configure BPDU protection on ports 1 to 10 with SNMP traps enabled, enter: HP Switch(config)# spanning-tree 1-10 bpdu protection HP Switch(config)# spanning-tree trap errant-bpdu The following steps will then be set in process: When an STP BPDU packet is received on ports 1-10, STP treats it as an unauthorized transmission attempt and shuts down the port that the BPDU came in on.
Page 140: Pvst Protection And Filtering
They are not supported for switches running RSTP. PVST Protection If an HP switch in the core of a network receives Per Vlan Spanning Tree (PVST) BPDUs and forwards the unrecognized PVST BPDUs on to MSTP-only switches, those switches then disconnect themselves from the network. This can create instability in the network infrastructure.
Page 141 For example, to enable the PVST protection feature on ports 4 through 8, enter this command: HP Switch(config)# spanning-tree 4-8 pvst-protection To disable the PVST protection feature on a port, for example, port 4, use this command: HP Switch(config)# no spanning-tree 4 pvst-protection 3-33...
Page 142 The command indicates which ports are not expected to receive any PVST BPDUs. Default: Disabled on all ports HP Switch(config)# spanning-tree 8 pvst-filter Warning: The BPDU filter allows the port to go into a continuous forwarding mode and spanning-tree will not interfere, even if the port would cause a loop to form in the network topology.
Page 143 Showing Ports Configured with PVST Protection and Filtering To show which ports are configured for PVST protection, enter this command: HP Switch(config)# show spanning-tree pvst-protection HP Switch(config)# show spanning-tree pvst-protection Status and Counters - PVST Port(s) BPDU Protection Information...
Page 144 Multiple Instance Spanning-Tree Operation Configuring MSTP The show spanning-tree <port-list> detail command indicates which ports have PVST protection and/or PVST Filtering enabled. HP Switch(config)# show spanning-tree 7 detail Port Status : Down BPDU Protection : Yes BPDU Filtering : No...
Page 145: Configuring Mst Instance Parameters
Multiple Instance Spanning-Tree Operation Configuring MSTP Configuring MST Instance Parameters When you enable MSTP on the switch, a spanning tree instance is enabled automatically. The switch supports up to sixteen configurable MST instances for each VLAN group that you want to operate as an active topology within the region to which the switch belongs.
Page 146 Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: [no] spanning-tree instance < 1..16 > vlan < vid [ vid..vid ] > no spanning-tree instance < 1..16 > — Continued — Note: The valid VLAN IDs that you can map to a specified MSTI are from 1 to 4094.
Page 147: Configuring Mst Instance Per-Port Parameters
Multiple Instance Spanning-Tree Operation Configuring MSTP Configuring MST Instance Per-Port Parameters Command Page spanning-tree instance < 1..16 > < port-list > path-cost 3-39 < auto | 1..200000000 > spanning-tree instance < 1..16 > < port-list > priority < priority-multiplier > 3-40 spanning-tree <...
Page 148 Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: spanning-tree instance < 1..16 >< port-list > priority <priority-multiplier> This command sets the priority for the specified port(s) in the specified MST instance. (For a given port, the priority setting can be different for different MST instances to which the port may belong.) The priority range for a port in a given MST instance is 0-255.
Page 149 Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: spanning-tree < port-list > priority < priority-multiplier > This command sets the priority for the specified port(s) for the IST (that is, Instance 0) of the region in which the switch resides. The “priority” component of the port’s “Port Identifier” is set.
Page 150: Enabling Or Disabling Spanning Tree Operation
Multiple Instance Spanning-Tree Operation Configuring MSTP Enabling or Disabling Spanning Tree Operation This command enables or disables spanning tree operation for any spanning tree protocol enabled on the switch. Before using this command to enable spanning tree, ensure that the version you want to use is active on the switch. Syntax: [no] spanning-tree Enabling spanning tree with MSTP configured implements MSTP for all physical ports on the switch, according to the...
Page 151 Multiple Instance Spanning-Tree Operation Configuring MSTP Syntax: [no] spanning-tree pending < apply | config-name | config-revision | instance | reset > This command exchanges the currently active MSTP configuration with the current pending MSTP configuration. Options are as follows: apply: Exchanges the currently active MSTP configuration with the pending MSTP configuration.
Page 152: Mstp Vlan Configuration Enhancement
Multiple Instance Spanning-Tree Operation Configuring MSTP To review your pending configuration, use the show spanning-tree pending command (see page 3-59). To exchange the currently active MSTP configuration with the pending MSTP configuration, use the spanning-tree pending apply command. MSTP VLAN Configuration Enhancement Starting in software release 13.x.x, the MSTP VLAN configuration enhance- ment allows you to preconfigure an MSTP regional topology and ensure that the same VLAN ID-to-MSTI assignments exist on each MSTP switch in the...
Page 153: Preconfiguring Vlans In An Mst Instance
Multiple Instance Spanning-Tree Operation Configuring MSTP All switches in a region must be configured with the same VLAN ID-to- MSTI mappings and the same MSTP configuration identifiers (region name and revision number). ■ Flexibility: By preconfiguring identical VLAN ID-to-MSTI mappings on all switches in an MST region, you can combine switches that support different maximum numbers of VLANs.
Page 154: Configuring Mstp Instances With The Vlan Range Option
For example, if VLANs 1, 5, and 7 are currently present and you enter this command: HP Switch(config)# spanning-tree instance 1 vlan 1-10 then all the VLANs from 1 through 10 are included, even those VLANs that are not present.
Page 155 Multiple Instance Spanning-Tree Operation Configuring MSTP On other HP switches, only the VLANs that are present will be included, that is, only VLANs 1, 5, and 7 would be included. The switch will map these VLANs to MSTP Instance 1, which results in a Configuration Digest that is not the same as the Configuration Digest for the switches running this enhancement.
Page 156: Operating Notes For The Vlan Configuration Enhancement
Multiple Instance Spanning-Tree Operation Configuring MSTP Operating Notes for the VLAN Configuration Enhancement Configuring MSTP on the switch automatically configures the ■ Internal Spanning Tree (IST) instance and places all statically and dynamically configured VLANs on the switch into the IST instance. The spanning-tree instance vlan command creates a new MST instance and moves the VLANs you specify from the IST to the MSTI.
Page 157: How To Save Your Current Configuration
Figure 3-17. An Example of the show config files Command Output To save a configuration file for software version K.12.43, enter this command: HP Switch(config)# copy config config1 config configK1243.cfg You can choose any name for the saved configuration file that you prefer.
Page 158 Software (K.12.51) If you want to run the prior software version, K.12.43 in this example, enter this command: HP Switch(config)# boot system flash secondary config configK1243.cfg After rebooting, the switch is running software version K.12.43 and is using the configuration file that you saved for this software version, configK1243.cfg.
Page 159: Displaying Mstp Statistics And Configuration
Multiple Instance Spanning-Tree Operation Displaying MSTP Statistics and Configuration Displaying MSTP Statistics and Configuration Command Page MSTP Statistics: show spanning-tree [< port-list >] below show spanning-tree [< port-list >] detail 3-54 show spanning-tree instance < ist | 1..16 > 3-55 MSTP Configuration show spanning-tree [ port-list ] config 3-56...
Page 160: Displaying Global Mstp Status
Multiple Instance Spanning-Tree Operation Displaying MSTP Statistics and Configuration Displaying Global MSTP Status The following commands display the MSTP statistics for the connections between MST regions in a network. Syntax: show spanning-tree This command displays the switch’s global and regional spanning-tree status, plus the per-port spanning-tree operation at the regional level.
Page 161 Multiple Instance Spanning-Tree Operation Displaying MSTP Statistics and Configuration HP Switch(config)# show spanning-tree Multiple Spanning Tree (MST) Information Switch’s Spanning Tree Configuration and Identity of VLANs Configured in the Switch for the IST Instance STP Enabled : Yes Force Version : MSTP-operation...
Page 162: Displaying Detailed Port Information
(CST) ports. Syntax: show spanning-tree < port-list > detail This command displays detailed spanning-tree status for the designated port(s). HP Switch# show spanning-tree a9 detail Status and Counters - CST Port(s) Detailed Information Port : A9...
Page 163: Displaying Status For A Specific Mst Instance
Syntax: show spanning-tree < port-list > instance < ist | 1..16 > detail This command displays detailed status for the designated port(s) for a specific instance of MSTP. HP Switch(config)# show spanning-tree instance 11 MST Instance Information Instance ID : 11...
Page 164: Displaying The Mstp Configuration
For example, to display data for port A20-A24 and trk1, use this command: show spanning-tree a20-a24,trk1 config HP Switch(config)# show spanning-tree config Multiple Spanning Tree (MST) Configuration Information STP Enabled [No] : Yes Force Version [MSTP-operation] : MSTP-operation Default Path Costs [802.1t] : 802.1t...
Page 165 For example, to display data for port A20-A24 and trk1, use this command: show spanning-tree a20-a24,trk1 config instance 1 HP Switch(config)# show spanning-tree config instance 11 MST Instance Configuration Information Instance ID : 11 Instance-Specific Data...
Page 166 When comparing two MSTP switches, if their Digest identifiers do not match, then they cannot be members of the same region. HP Switch(config)# show spanning-tree mst-config MST Configuration Identifier Information MST Configuration Name : 1cc1decfbc80...
Page 167 Lists region, IST instance VLAN(s), numbered instances, and assigned VLAN information for the pending MSTP configuration. HP Switch(config)# show spanning-tree pending instance 3 Pending MST Instance Configuration Information MST Configuration Name : New-Version_01 MST Configuration Revision : 1 Instance ID : 3...
Page 168: Troubleshooting An Mstp Configuration
Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration Troubleshooting an MSTP Configuration Command Page show spanning-tree root-history 3-60 show spanning-tree debug counters 3-63 show spanning-tree debug-counters instance < instance-id > 3-64 show spanning-tree debug-counters instance < instance-id > 3-66 ports <port-list> This section describes the show spanning-tree commands that you can use to monitor, troubleshoot, and debug the operation of a multiple-instance span- ning-tree configuration in your network.
Page 169 Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration MST Instance (mst): Connects all static and (starting from release 13.x.x) ■ dynamic VLANs assigned to a multiple spanning-tree instance. Syntax: show spanning-tree root-history <cst | ist | mst <instance-id>> This command displays the change history for the root bridge in the specified MSTP topology.
Page 170 ------------------- -------- -------- 32768:000883-024500 02/09/07 17:40:59 36864:001279-886300 02/09/07 17:40:22 Figure 3-28. Example of show spanning-tree root-history ist Command Output HP Switch(config)# show spanning-tree root-history mst 2 Status and Counters - MST Instance Regional Root Changes History MST Instance ID Root Changes Counter...
Page 171: Displaying Debug Counters For All Mst Instances
The following example shows sample output of the show spanning-tree debug- counters command for all ports. For a description of each counter, refer to Table 3-1 on page 3-68. HP Switch(config)# show spanning-tree debug-counters Status and Counters - MSTP Bridge Common Debug Counters Information Counter Name...
Page 172: Displaying Debug Counters For One Mst Instance
Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration Displaying Debug Counters for One MST Instance The show spanning-tree debug-counters instance command allows you to dis- play the aggregate values of all MSTP debug counters maintained on a switch for a specified spanning-tree instance. These aggregate values are a summary of information collected from all ports that have VLANs assigned to the specified instance.
Page 173 Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration HP Switch(config)# show spanning-tree debug-counters instance 0 Status and Counters - CIST Common Debug Counters Information MST Instance ID : 0 Counter Name Aggregated Value Collected From --------------------------------- ---------------- -------------- Invalid BPDUs...
Page 174: Displaying Debug Counters For Ports In An Mst Instance
Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration Displaying Debug Counters for Ports in an MST Instance The show spanning-tree debug-counters instance ports command allows you to display the aggregate values of all MSTP debug counters maintained on one or more ports used by a specified spanning-tree instance. These aggregate values are a summary of information collected from the specified ports that have VLANs assigned to the specified instance.
Page 175 Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration HP Switch(config)# show spanning-tree debug-counters instance 0 ports a15 Status and Counters - CIST Port(s) Debug Counters Information MST Instance ID : 0 Port : A15 Counter Name Value Last Updated --------------------------- ---------- -----------------...
Page 176: Field Descriptions In Mstp Debug Command Output
Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration HP Switch(config)# show spanning-tree debug-counters instance 2 ports a15 Status and Counters - MSTI Port(s) Debug Counters Information MST Instance ID : 2 Port : A15 Counter Name Value Last Updated --------------------------- ---------- -----------------...
Page 177 Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration Field Description MST Config Error BPDUs Number of BPDUs received from a neighbor bridge with inconsistent MST configuration information. For example, BPDUs from a transmitting bridge may contain the same MST configuration identifiers (region name and revision number) and format selector as the receiving bridge, but the value of the Configuration Digest field (VLAN ID assignments to regional IST and MST instances) is different.
Page 178 Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration Field Description Exceeded Max Hops Number of times that an MSTI MSG packet is received from a bridge internal to the MST MSTI MSGs region with an MSTI Remaining Hops value less than or equal to 1. This may occur if the receiving bridge is located too far from the MSTI regional root bridge (beyond the configured size of the MST region on the MSTI regional root bridge) or if a BPDU packet with invalid MSTI regional root bridge information is continuously circulating between...
Page 179: Troubleshooting Mstp Operation
Multiple Instance Spanning-Tree Operation Troubleshooting an MSTP Configuration Field Description RST BPDUs Tx Number of (802.1w) RST BPDUs that are transmitted through the port. This counter is maintained by the CIST (default MST instance 0) on a per-port basis. RST BPDUs Rx Number of (802.1w) RST BPDUs that are received on the port.
Page 180: Loop Protection
Multiple Instance Spanning-Tree Operation Loop Protection Loop Protection In cases where spanning tree cannot be used to prevent loops at the edge of the network, loop protection may provide a suitable alternative. Loop protection operates in two modes: ■ Untagged—The default mode. This mode can be used to find loops in untagged downlinks.
Page 181 Multiple Instance Spanning-Tree Operation Loop Protection Figure 3-34 shows examples where loop protection can be used. STP Domain Switch Spanning tree enabled ports Unmanaged switch (does not support STP) Loop protection enabled ‘edge’ ports that connect to unmanaged switches and/or authenticated clients Web authentication clients 802.1X authentication clients...
Page 182: Configuring Loop Protection
Multiple Instance Spanning-Tree Operation Loop Protection Configuring Loop Protection Loop protection provides protection against loops by transmitting loop protocol packets out of ports on which loop protection has been enabled. When the switch sends out a loop protocol packet and then receives the same packet on a port that has a receiver-action of send-disable configured, it shuts down the port from which the packet was sent.
Page 183: Loop Protection In Port Mode
Loop Protection in Port Mode To enable loop protection in port mode, follow these steps. Configure port mode with this command: HP Switch(config)# loop-protect mode port Enter the loop-protect command and specify the port(s) on which loop protection should be enabled. For example:...
Page 184: Operating Notes
Multiple Instance Spanning-Tree Operation Loop Protection HP Switch(config)# loop-protect mode port Any Loop Protect enabled VLAN will be deleted. Do you want to continue [Y/N]? n Figure 3-35. Example of Changing Modes for Loop Protection Operating Notes The receiver-action option can be configured on a per-port basis and can ■...
Page 185: Displaying Loop Protection Status In Vlan Mode
Multiple Instance Spanning-Tree Operation Loop Protection HP Switch(config)# show loop-protect 1-2 Status and Counters - Loop Protection Information Transmit Interval (sec) Port Disable Timer (sec) Loop Detected Trap : Enabled Loop Protect Mode : Port Loop Protect Enabled VLANs :...
Page 186: Stp Loop Guard
Multiple Instance Spanning-Tree Operation STP Loop Guard HP Switch(config)# show loop-protect 1-2 Status and Counters - Loop Protection Information Transmit Interval (sec) Port Disable Timer (sec) Loop Detected Trap : Enabled Loop Protect Mode : Vlan Loop Protect Enabled VLANs : 20,30...
Page 187 Enables STP Loop Guard on a particular port or ports. The no form of the command disables STP Loop Guard. Default: Disabled HP Switch(config)# spanning-tree 2 loop-guard Figure 3-39. Example of Enabling Spanning-Tree Loop Guard Figure 3-40 shows Spanning Tree information for the entire switch.
Page 188 Multiple Instance Spanning-Tree Operation STP Loop Guard HP Switch(config)# show spanning-tree Multiple Spanning Tree (MST) Information STP Enabled : Yes Force Version : MSTP-operation IST Mapped VLANs : 1-4094 Switch MAC Address : 0024a8-d13a40 Switch Priority : 32768 Max Age...
Page 189 Multiple Instance Spanning-Tree Operation STP Loop Guard HP Switch(config)# show spanning-tree config Multiple Spanning Tree (MST) Configuration Information STP Enabled [No] : Yes Force Version [MSTP-operation] : MSTP-operation Default Path Costs [802.1t] : 802.1t MST Configuration Name : 0024a8d13a40 MST Configuration Revision : 0...
Page 190 Multiple Instance Spanning-Tree Operation STP Loop Guard HP Switch(config)# show spanning-tree detail Status and Counters - CST Port(s) Detailed Information Port Status : Up Port Status : Up BPDU Protection : No BPDU Filtering : No PVST Protection : No...
Page 191 Multiple Instance Spanning-Tree Operation STP Loop Guard HP Switch(config)# show spanning-tree 2 Multiple Spanning Tree (MST) Information STP Enabled : Yes Force Version : MSTP-operation IST Mapped VLANs : 1-4094 Switch MAC Address : 0024a8-d13a40 Switch Priority : 32768 Max Age...
Page 192 Multiple Instance Spanning-Tree Operation STP Loop Guard 3-84...
Page 193: Switch Meshing
Switch Meshing Introduction Switch meshing is a load-balancing technology that enhances reliability and performance in these ways: ■ Provides significantly better bandwidth utilization than either Spanning Tree Protocol (MSTP) or standard port trunking. ■ Uses redundant links that remain open to carry traffic, removing any single point of failure for disabling the network, and allowing quick responses to individual link failures.
Page 194 Switch Meshing Introduction Finding the Fastest Path. Using multiple switches redundantly linked together to form a meshed switch domain, switch meshing dynamically distributes traffic across load-balanced switch paths by seeking the fastest paths for new traffic between nodes. In actual operation, the switch mesh periodically determines the best (lowest latency) paths, then assigns these paths as the need arises.
Page 195: Switch Meshing Fundamentals
Switch Meshing Switch Meshing Fundamentals Switch Meshing Fundamentals Terminology Switch Mesh Domain. This is a group of meshed switch ports exchanging meshing protocol packets. Paths between these ports can have multiple redundant links without creating broadcast storms. Switch 1 Switch Switch Switch 2 Switch 3...
Page 196: Operating Rules
For example, if you update the software version on one 8212zl switch, then you must update the software version on any other 8212zl switch in the mesh. HP Networking recommends that you always use the most recent software version available for the switches in your network.
Page 197 Switch Meshing Switch Meshing Fundamentals If a switch in the mesh has GVRP enabled, then all switches in the mesh ■ must have GVRP enabled. Otherwise, traffic on a dynamic VLAN may not pass through the mesh. ■ If a switch in the mesh has a particular static vlan configured, then all switches in the mesh must have that static vlan configured.
Page 198: Using A Heterogeneous Switch Mesh
Linking a non-mesh device or port into the mesh causes the meshed switch port(s) connected to that device to shut down. Using a Heterogeneous Switch Mesh You can use the switches covered in this guide with the HP Series 5300xl switches in normal mode.
Page 199: Bringing Up A Switch Mesh Domain
Switch Meshing Switch Meshing Fundamentals Creating the mesh with only one 8212zl switch connected to the host, Untagged VLAN 1 and using tagged Switch VLANs for multiple 8212zl Host 5300xl connections between Switch (Both links the host and the meshed use the switch allows normal same MAC...
Page 200: Configuring Switch Meshing
Switch Meshing Configuring Switch Meshing Configuring Switch Meshing Preparation Before configuring switch meshing: ■ Review the Operating Rules (page 4-4), and particularly the restrictions and requirements for using switch meshing in environments that include static trunks, multiple static VLANs, GVRP, IGMP, and MSTP. To avoid unnecessary system disruption, plan the mesh bring-up to mini- ■...
Page 201 Switch Meshing Configuring Switch Meshing In the Group column, move the cursor to the port you want to assign to the switch mesh. Press [M] to choose Mesh for the selected port. Use the up-arrow or down-arrow key to select the next port you want to include in your mesh domain, then press again.
Page 202 Switch Meshing Configuring Switch Meshing The asterisk indicates that you must reboot the switch to cause the Mesh configuration change to take effect. Figure 4-8. After Saving a Mesh Configuration Change, Reboot the Switch Press [0] to return to the Main menu. To activate the mesh assignment(s) from the Main menu, reboot the switch by pressing the following keys: [6] (for Reboot Switch)
Page 203: Cli: To Configure And View Switch Meshing
8200zl switches, you must reboot both management modules. Use the boot system … command. For example, to configure meshing on ports A1-A4, B3, C1, and D1-D3: HP Switch(config)# mesh a1-a4, b3, c1, d1-d3 Command will take effect after saving configurationg and reboot. HP Switch(config)# write memory...
Page 204: Viewing Switch Mesh Status
Switch Meshing Configuring Switch Meshing Viewing Switch Mesh Status There are three commands for viewing mesh status on a switch: show mesh show mesh mac-address show mesh traceroute mac-address < MAC-addr > vlan < vid > Syntax: show mesh Lists the switch ports configured for meshing, along with the State of each mesh-configured connection, the hostname and MAC address of the switch on the opposite end of the link (Adjacent Switch), the MAC address of the port on the opposite...
Page 205 Switch Meshing Configuring Switch Meshing Error — Indicates a multiple MAC-address error. This occurs when you have two or more mesh ports from the same switch linked together through a hub. Topology Error — Two meshed switches are connected via a hub, and traffic from other, non-meshed devices, is flowing into the hub.
Page 206 Switch Meshing Configuring Switch Meshing Example. For the topology with a four-switch mesh shown in Figure 4-11, a show mesh command issued on the North switch would produce the following output: North# show mesh Adjacent Hosts Port State | Hostname Address Peer Port Mesh Warning ------ --------------- + -------- ------------- ------------- ------------...
Page 207 Switch Meshing Configuring Switch Meshing Syntax: show mesh mac-address Lists information about devices connected to the switch mesh. The switch presents show mesh mac-address output in this format: MAC Address VLAN Port Owner Switch Hostname ------------ ---- ---- ------------- ---------- MAC Address is the MAC address of the device connected to the switch mesh.
Page 208 Switch Meshing Configuring Switch Meshing Syntax: show mesh traceroute mac-address < MAC-addr > vlan < vid > Traces the route from a source switch in a mesh to a device connected to the mesh. < MAC-addr > is the MAC address of the target device. <...
Page 209: Operating Notes For Switch Meshing
Switch Meshing Operating Notes for Switch Meshing Operating Notes for Switch Meshing In a switch mesh domain traffic is distributed across the available paths with an effort to keep latency the same from path to path. The path selected at any time for a connection between a source node and a destination node is based on these latency and throughput cost factors: Outbound queue depth, or the current outbound load factor for any given...
Page 210: Unicast Packets With Unknown Destinations
Also, in an IP environment, HP Networking recommends that you configure IP addresses on meshed switches. This makes the discovery mechanism more robust, which contributes to decreased latency.
Page 211: Spanning Tree Operation With Switch Meshing
Switch Meshing Operating Notes for Switch Meshing Spanning Tree Operation with Switch Meshing Using MSTP with several switches and no switch meshing configured can result in unnecessarily blocking links and reducing available bandwidth. For example: Solution: Problem: Enabling meshing on links between MSTP enabled and switch ports removes MSTP blocks creating traffic...
Page 212 Switch Meshing Operating Notes for Switch Meshing = Non-mesh Switch Ports Figure 4-14. Connecting a Switch Mesh Domain to Non-Meshed Devices Note on the Edge- When using MSTP and interconnecting switches covered in this guide in a Port Mode in MSTP mesh with switches that are not in the mesh, all the non-mesh switch ports (as indicated in the figure above) should have the edge-port parameter dis- abled.
Page 213: Filtering/Security In Meshed Switches
Switch Meshing Operating Notes for Switch Meshing ically increase the cost on the external (non-meshed) link to the point where spanning tree will block the external link and unblock the meshed link. This process typically resolves itself in approximately 30 seconds. C a u t i o n Spanning tree interprets a switch mesh as a single link.
Page 214: Dynamic Vlans
Switch Meshing Operating Notes for Switch Meshing When static VLANs are configured, the mesh is seen as a single entity by each VLAN. All ports in the mesh domain are members of all VLANs and can be used to forward traffic for any VLAN. However, the non-mesh ports on edge switches that allow traffic to move between the mesh and non-meshed devices belong to specific VLANs and do not allow packets originating in a specific VLAN to enter non-meshed devices that do not belong to that same VLAN.
Page 215: Mesh Design Optimization
Switch Meshing Operating Notes for Switch Meshing devices. In this regard, if a mesh domain includes any HP E8212zl switches, 6200yl switches, Series 5400zl switches, Series 3500yl switches, Series 3400cl or Series 6400cl switches that are configured to support jumbo traffic, only these switches can transmit and receive jumbo packets.
Page 216: Other Requirements And Restrictions
Other Requirements and Restrictions Mesh Support Within the Domain: All switches in the mesh domain, ■ including edge switches, must support the HP switch meshing protocol. Switch Hop Count in the Mesh Domain: A maximum of five (meshed) ■ switch hops is allowed in the path connecting two nodes in a switch mesh domain.
Page 217 Switch Meshing Operating Notes for Switch Meshing Multiple Links Between Meshed Switches: Multiple mesh ports can ■ be connected between the same two switches, to provide higher band- width. Each port that you want in the mesh domain should be configured as Mesh (and not as a trunk—Trk).
Page 218 Switch Meshing Operating Notes for Switch Meshing 4-26...
Page 219: Quality Of Service: Managing Bandwidth More Effectively
Quality of Service: Managing Bandwidth More Effectively Using Quality of Service Policies A Quality of Service (QoS) network policy refers to the network-wide controls you can implement to: ■ Ensure uniform and efficient traffic-handling throughout your network, while keeping the most important traffic moving at an acceptable speed, regardless of current bandwidth usage.
Page 220 Quality of Service: Managing Bandwidth More Effectively Using Quality of Service Policies Control the priority of traffic from dedicated VLANs or applications. ■ ■ Change the priorities of traffic from various segments of your network as your business needs change. Set priority policies in edge switches in your network to enable traffic- ■...
Page 221 Starting in software release K.14.01, HP QoS configuration supports a classi- fier-based model that provides added functionality to create and manage QoS policies across a network consisting of HP switches as well as OEM and legacy devices. The classifier-based configuration model is a single, simplified procedure and...
Page 222: Qos Terminology
Quality of Service: Managing Bandwidth More Effectively QoS Terminology Classifier-based QoS policies provide greater control for managing network traffic. Using multiple match criteria, you can finely select and define the classes of traffic that you want to manage. QoS-specific actions determine how you can handle the selected traffic.
Page 223 Quality of Service: Managing Bandwidth More Effectively QoS Terminology Term Use in This Document DSCP Differentiated Services Codepoint. (Also known as codepoint.) A DSCP consists of the upper six bits of the: • Type of Service (ToS) byte in an IPv4 packet •...
Page 224: Qos Operation
Quality of Service: Managing Bandwidth More Effectively QoS Operation Term Use in This Document re-marking Assigns a new QoS policy to an outbound packet by changing the: • Class-of-Service (CoS) 802.1p bit setting in Layer 2 VLAN headers • DSCP bit setting in the Layer 3 IPv4 ToS byte (or IPv6 Traffic Class byte). tagged port Identifies a port as belonging to a specific VLAN and enables VLAN-tagged packets to carry an 802.1p membership...
Page 225: Globally-Configured Qos
Quality of Service: Managing Bandwidth More Effectively QoS Operation N o t e While providing greater control for implementing QoS policies, classifier- based QoS policies may override globally-configured QoS settings. For more information, see “Override of Global QoS Settings” on page 5-82. Be sure to carefully plan your QoS strategies in advance, identifying the network traffic that you can globally configure and the traffic on which you want to execute customized, classifier-based QoS actions.
Page 226: Classifier-Based Qos
Quality of Service: Managing Bandwidth More Effectively QoS Operation Traffic marking options are as follows: ■ • Setting the Layer 2 802.1p priority value in VLAN-tagged and untagged packet headers • Setting the Layer 3 Differentiated Services Codepoint (DSCP) bits in the ToS byte of IPv4 packet headers and Traffic Class byte of IPv6 headers.
Page 227: Qos Packet Classification
Globally-Configured Packet Classification N o t e O n U s i n g HP recommends that you configure a minimum number of global QoS classi- M u l t i p l e fiers to prioritize a specific packet type. Increasing the number of enabled...
Page 228: Classifier-Based Match Criteria
Quality of Service: Managing Bandwidth More Effectively QoS Packet Classification Table 5-1. Globally-Configured Packet Classification: Search Order and Precedence Search Precedence Global QoS Classifier Order 1 (highest) UDP/TCP application type (port) Device priority (destination or source IP address) IP type of service: precedence and DSCP bit sets (IP packets only) IP protocol (IP, IPX, ARP, AppleTalk, SNA, and NetBeui) VLAN ID Incoming source-port on the switch...
Page 229: Qos Traffic Marking
Quality of Service: Managing Bandwidth More Effectively QoS Traffic Marking For information on how to use match criteria to configure a traffic class, refer to “Classifier-Based Software Configuration” on page 8-1. QoS Traffic Marking As described in “QoS Operation” on page 5-6, when you apply or reconfigure QoS actions for selected packets, QoS supports different types of traffic marking in globally-configured QoS settings and classifier-based per-port or per-VLAN QoS policies.
Page 230 Quality of Service: Managing Bandwidth More Effectively QoS Traffic Marking Configuring a new 802.1p priority value allows you to set the outbound priority queue to which a packet is sent. For example, you can configure an 802.1p priority of 0 through 7 for an outbound packet. When the packet is sent to a port, the QoS priority determines the outbound queue to which the packet is assigned as shown in Table 5-2.
Page 231: Layer 3 Dscp Marking
Quality of Service: Managing Bandwidth More Effectively QoS Traffic Marking Configured Outbound Port 802.1p Priority Added to Queue Assignment in Downstream Devices 802.1p Priority Queue in the Tagged VLAN Packets With: Switch Exiting the Switch 8 Queues 4 Queues 2 Queues Queue 4 Queue 4 Queue 5...
Page 232: Vlan And Untagged Vlan Environments
Quality of Service: Managing Bandwidth More Effectively QoS Traffic Marking If you configure a different 802.1p priority for a DSCP codepoint, the new DSCP policy overrides the 802.1p priority value in packets which enter the switch with the specified codepoint. The Layer 2 802.1p priority setting (0 through 7) determines the outbound port queue to which a packet is sent (as shown in Table 5-2).
Page 233: Classifier-Based Traffic Marking
Quality of Service: Managing Bandwidth More Effectively QoS Traffic Marking Classifier-Based Traffic Marking Classifier-based per-port or per-VLAN QoS policies support the following traffic-marking actions. Note that in addition to globally-configured QoS traffic marking (802.1p and DSCP prioritization), classifier-based QoS policies also support IP precedence and rate-limiting.
Page 234: Globally-Configured Qos
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Globally-Configured QoS QoS Feature Default Reference UDP/TCP Priority Disabled page 5-21 IP-Device Priority Disabled page 5-32 IP Type-of-Service Priority Disabled page 5-40 Layer-3 Protocol Priority Disabled page 5-53 VLAN-ID Priority Disabled page 5-55 Source-Port Priority Disabled...
Page 235 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Default: In a tagged VLAN environment, the incoming 802.1p priority is used as the default QoS classifier if no global QoS classifier with a higher precedence matches (see Table ). Select the global QoS classifier that you want to use. Table 5-5 shows the types of QoS marking (802.1p priority and/or DSCP codepoint) supported by each global QoS classifier.
Page 236: Viewing A Global Qos Configuration
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Viewing a Global QoS Configuration To display the existing switch-wide configurations for a global QoS classifier, use one of the following show qos commands. Syntax: show qos < global-classifier > tcp-udp-port-priority Displays the current TCP/UDP port priority configura- tion.
Page 237: Global Qos Restrictions
802.1p priorities have been configured for VLAN IDs 22 and 33; packets received on VLAN 1 are managed with the default settings, as described in the two bulleted items above. HP Switch(config)# show qos vlan-priority This output shows that VLAN priorities...
Page 238 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS All Switches: For explicit QoS support of IP subnets, HP recommends ■ forcing IP subnets onto separate VLANs and then configuring VLAN-based classifiers for those VLANs. ■ For Devices that Do Not Support 802.1Q VLAN-Tagged Ports:...
Page 239: Global Tcp/Udp Classifier
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Fragmented Packets & TCP/UDP: QoS is not performed on fragmented ■ packets under TCP/UDP ■ Monitoring Shared Resources: The QoS feature shares internal switch resources with several other features. The switch provides ample resources for all features.
Page 240: Assigning An 802.1P Priority For A Global Tcp/Udp Classifier
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS For more information, including a listing of UDP/TCP port numbers, go to the Internet Assigned Numbers Authority (IANA) website at: www.iana.org Then click on: Protocol Number Assignment Services P (Under “Directory of General Assigned Numbers” heading) Port Numbers Assigning an 802.1p Priority for a Global TCP/UDP Classifier To mark matching TCP or UDP packets with an 802.1p priority, enter the...
Page 241: Operating Notes On Using Tcp/Udp Port Ranges
You must specify the entire range of configured port numbers when using ■ the no form of the command, for example: HP Switch(config)# qos udp-port range 1300 1399 dscp 001110 HP Switch(config)# no qos udp-port range 1300 1399 Example. The following example displays the following configuration for...
Page 242: Assigning A Dscp Policy For A Global Tcp/Udp Classifier
HP Switch(config)# qos tcp-port 80 priority 2 HP Switch(config)# qos udp-port 23 priority 7 HP Switch(config)# qos udp-port 80 priority 1 HP Switch(config)# qos udp-port range 100 199 priority 3 HP Switch(config)# show qos tcp-udp-port-priority TCP/UDP port based priorities | IP Packet Application...
Page 243 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Identify the TCP or UDP port-number classifier you want to use for assigning a DSCP policy. Determine the DSCP policy for packets carrying the selected TCP or UDP port number or range of port numbers. Determine the DSCP you want to assign to the selected packets.
Page 244 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS qos dscp-map command), you must first configure a priority for the codepoint before proceeding (qos dscp-map priority command). See “Differentiated Ser- vices Codepoint (DSCP) Mapping” on page 5-90 for more information. Syntax: qos dscp-map <...
Page 245 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Configure the switch to assign the DSCP policy to packets with the specified TCP or UDP port number or range of port numbers. Syntax: [no] qos <udp-port | tcp-port> [ ipv4 | ipv6 | ip-all ] <port-number | range start end >...
Page 246 (show qos dscp-map command). Note that a DSCP codepoint must also have a priority configured before you can use it to mark matching packets. HP Switch(config)# show qos dscp-map DSCP -> 802.p priority mappings NOTE: ‘qos type-of-service diff-services’ must be configured before DSCP is honored on inbound trafic.
Page 247 HP Switch(config)# qos udp-port 23 dscp 000111 HP Switch(config)# qos tcp-port 80 dscp 000101 HP Switch(config)# qos tcp-port 914 dscp 000010 HP Switch(config)# qos udp-port range 1001 2000 dscp 000010 TCP/UDP port based priorities | IP Packet Application Protocol | Type...
Page 248: Displaying Resource Usage For Qos Policies
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Overwrites the original DSCPs in the selected packets with the new ■ DSCPs specified in the above policies. ■ Assigns the 802.1p priorities in the above policies to the selected packets. Displaying Resource Usage for QoS Policies When you configure global QoS classifiers using TCP/UDP and a Layer 4 Application port number or port range, the switch automatically assigns two...
Page 249 Globally-Configured QoS The show qos resources command displays the number of hardware resources currently in use by QoS policies as well as other software features. HP Switch# show qos resources Incldues the hardware resources used by currently applied QoS policies.
Page 250: Global Ip-Device Classifier
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS column remains unchanged. Likewise, if an ACL is configured for a port range on which a QoS policy is already applied, the ACL column increases by 1, while the “Available” column remains unchanged. Similarly, when you remove a port range, the “Application Port Ranges Avail- able”...
Page 251: Assigning A Priority For A Global Ip-Device Classifier
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Assigning a Priority for a Global IP-Device Classifier This global QoS packet-marking option assigns an 802.1p priority to all IP packets that have the specified IP address as either a source or destination. If both the source and destination addresses match, the priority configured for the IP destination address has precedence.
Page 252 2001:db8:3:3::/64 HP Switch(config)# qos device-priority 10.28.31.1 priority 7 HP Switch(config)# qos device-priority 10.28.31.130 priority 5 HP Switch(config)# qos device-priority ipv4 10.28.32.100/24 priority 1 HP Switch(config)# qos device-priority 2001:db8:2:1:212:79ff:fe88:a100 priority HP Switch(config)# qos device-priority ipv6 2001:db8:3:3::/64 priority 1 HP Switch(config)# show qos device-priority...
Page 253: Assigning A Dscp Policy For A Global Ip-Device Classifier
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Assigning a DSCP Policy For a Global IP-Device Classifier This global QoS packet-marking option assigns a previously configured DSCP policy (codepoint and 802.1p priority) to outbound IP packets having the specified IP address or subnet mask in the source or destination field of their packet header.
Page 254 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Syntax: qos dscp-map < codepoint > priority <0 - 7>> (Optional) This command is required only if an 802.1p priority is not already assigned to the specified <codepoint > in the DSCP Policy table (see Table 5-11 on page 5-91). When the switch applies this policy to a packet, the priority determines the packet’s queue in the outbound port to which it is sent.
Page 255 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS • dscp codepoint overwrites the DSCP codepoint in the IPv4 ToS byte or IPv6 Traffic Class byte of matching packets with the specified value. Valid values for the DSCP codepoint are as follows: - A binary value for the six-bit codepoint from 000000 to 111111.
Page 256 Figure 5-10. Display the Current DSCP-Map Configuration Configure the priorities for the DSCPs you want to use to mark packets. HP Switch(config)# qos dscp-map 000111 priority 7 HP Switch(config)# qos dscp-map 000101 priority 5 HP Switch(config)# qos dscp-map 000010 priority 1 HP Switch(config)# show qos dscp-map DSCP ->...
Page 257 HP Switch(config)# qos device-priority 10.28.31.1 dscp 000111 HP Switch(config)# qos device-priority 10.28.31.130 dscp 000101 HP Switch(config)# qos device-priority ipv4 10.28.32.100/24 dscp 000010 HP Switch(config)# qos device-priority 2001:db8:2:1:212:79ff:fe88:a100 dscp 000 HP Switch(config)# qos device-priority ipv6 2001:db8:3:3/64 dscp 000010 HP Switch(config)# show qos device-priority...
Page 258: Global Ip Type-Of-Service Classifier
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Global IP Type-of-Service Classifier Global QoS Classifier Precedence: 3 The global IP Type-of-Service classifier enables you to classify and mark IP packets according to the following modes: ■ IP-Precedence Mode: All IP packets generated by upstream devices and applications include a precedence bit set in the ToS/Traffic Class byte.
Page 259: Ipv4 Tos/Ipv6 Traffic Class Byte
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS IPv4 ToS/IPv6 Traffic Class Byte IPv4 packet headers contain a Type of Service (ToS) byte; IPv6 packet headers contain a Traffic Class byte. In an IPv6 packet, the Traffic Class byte is used in the same way as the ToS byte in an IPv4 packet.
Page 260 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Table 5-8. IP Precedence-to-802.1p Priority Mapping ToS/Traffic Class Byte: Corresponding Service Priority Level IP Precedence Bits 802.1p Priority Lowest Normal Highest N o t e Using a global IP-Precedence classifier to prioritize IP packets relies on priorities set in upstream devices and applications.
Page 261: Assigning An 802.1P Priority For A Global Ip-Precedence Classifier
Using the IP-precedence classifier, prioritization of outbound packets relies on the IP-Precedence bit setting that IP packets carry with them from upstream devices and applications. To configure and verify this option: HP Switch(config)# qos type-of-service ip-precedence HP Switch(config)# show qos type-of-service Type of Service [Disabled] : IP Precedence...
Page 262: Assigning An 802.1P Priority For A Global Ip-Diffserv Classifier
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Assigning an 802.1p Priority for a Global IP-Diffserv Classifier One of the best uses for this global QoS packet-marking option is on an interior switch where you want to honor (continue) a policy set on an edge switch. The IP-diffserv classifier enables you to select incoming packets having a specific DSCP and forward these packets with the desired 802.1p priority.
Page 263 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Configuration Notes Different applications may use the same DSCP in their IP packets. Also, the same application may use multiple DSCPs if the application originates on different clients, servers, or other devices. Using an edge switch enables you to select the desired packets and mark them with predictable DSCPs that can be used by downstream switches to honor policies set in the edge switch.
Page 264 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Syntax: qos type-of-service diff-services < codepoint > Causes the switch to read the < codepoint > (DSCP) of an incoming IP packet and, when a match occurs, assign the associated 802.1p priority in the DSCP Policy table (see Table 5-11).
Page 265 Policy” entry are available for direct 001001 802.1p priority assignment. Figure 5-16. Displaying the Codepoints Available for 802.1p Priority Assignments HP Switch(config)# qos dscp-map 000110 priority 7 HP Switch(config)# show qos type-of-service Type of Service : Differentiated Services Codepoint DSCP Policy | Priority...
Page 266: Assigning A Dscp Policy For A Global Ip-Diffserv Classifier
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Assigning a DSCP Policy for a Global IP-Diffserv Classifier The preceding section describes how to forward an 802.1p priority level set by an edge (or upstream) switch. This section describes how to use a global IP-Diffserv classifier to mark matching packets with a new DSCP policy.
Page 267 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Syntax: qos type-of-service diff-services Enables ToS diff-services. Syntax: qos type-of-service diff-services < current-codepoint > dscp < new-codepoint > Configures the switch to select an incoming IP packet carry- ing the <current-codepoint > and then use the <new-codepoint> to assign a new, previously configured DSCP policy to the packet.
Page 268 (qos dscp-map priority command). See “Differentiated Services Codepoint (DSCP) Map- ping” on page 5-90 for more information. HP Switch(config)# show qos dscp-map DSCP -> 802.p priority mappings DSCP CodePoint DSCP Value 802.1p tag...
Page 269 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS HP Switch(config)# qos dscp-map 000010 priority 6 name 'Level 6' HP Switch(config)# qos dscp-map 000101 priority 4 name 'Level 4' HP Switch(config)# show qos dscp-map DSCP -> 802.p priority mappings DSCP CodePoint DSCP Value 802.1p tag...
Page 270: Comparison Of Global Ip Type-Of-Service Classifiers
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Comparison of Global IP Type-of-Service Classifiers Table 5-9 shows the difference in how global IP-Precedence and IP-Diffserv classifiers are implemented in the switch. Table 5-9. IP Type-of-Service Classifiers IP Type-of-Service Classifiers Outbound Port IP-Precedence Mode IP Differentiated Services Mode...
Page 271: Global Layer-3 Protocol Classifier
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Global Layer-3 Protocol Classifier Global QoS Classifier Precedence: 4 When a global Layer-3 Protocol classifier is configured as the highest-prece- dence classifier and the switch receives traffic carrying the specified protocol, matching packets are assigned the priority configured for the classifier.
Page 272 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS HP Switch(config)# qos protocol ip priority 0 Configures IP, Appletalk, and HP Switch(config)# qos protocol appletalk priority 7 ARP as QoS classifiers. HP Switch(config)# qos protocol arp priority 5 HP Switch(config)# show qos protocol-priority...
Page 273: Global Vlan-Id Classifier
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Global VLAN-ID Classifier Global QoS Classifier Precedence: 5 The global VLAN-ID (VID) classifier allows you to use up to 4094 VLAN IDs to match packets. When a particular VLAN-ID classifier has the highest prece- dence in the switch, traffic received in the VLAN is marked with the configured priority level.
Page 274 Example. In this example, 802.1p priorities are assigned to packets received in VLANs 1, 20, 30, and 40. HP Switch(config)# show vlans Status and Counters - VLAN Information Maximum VLANs to support : 256...
Page 275: Assigning A Dscp Policy For A Global Vlan-Id Classifier
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS HP Switch(config)# vlan 1 qos priority 2 HP Switch(config)# vlan 20 qos priority 5 HP Switch(config)# vlan 30 qos priority 5 HP Switch(config)# vlan 40 qos priority 7 HP Switch(config)# show qos vlan-priority...
Page 276 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Creating a Policy Based on VLAN-ID Classifier. Determine the VLAN-ID classifier to which you want to assign a DSCP policy. Determine the DSCP policy for packets carrying the selected VLAN-ID: Determine the DSCP you want to assign to the selected packets. (This codepoint will be used to overwrite the DSCP carried in packets received from upstream devices.) b.
Page 277 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Syntax: vlan < vid > qos dscp < codepoint > Assigns a DSCP policy to IP packets carrying the specified VLAN ID, and overwrites the DSCP in these packets with the assigned <...
Page 278 Figure 5-25. Displaying the Current DSCP-Priority Mapping in the DSCP Policy Table Configure the priorities for the DSCPs you want to use. HP Switch(config)# qos dscp-map 000110 priority 7 HP Switch(config)# qos dscp-map 000101 priority 5 HP Switch(config)# qos dscp-map 000010 priority 1...
Page 279 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS HP Switch(config)# vlan 1 qos dscp 000010 HP Switch(config)# vlan 20 qos dscp 000010 HP Switch(config)# vlan 30 qos dscp 000101 HP Switch(config)# vlan 40 qos dscp 000111 HP Switch(config)# show qos vlan-priority...
Page 280: Global Source-Port Classifier
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Global Source-Port Classifier Global QoS Classifier Precedence: 6 The global QoS source-port classifier allows you to use a packet’s source-port on the switch to mark packets. When a global source-port classifier has the highest precedence in the switch for traffic entering through a port, traffic received on the port is marked with the configured priority level.
Page 281 C1-C3 Enter the following commands to prioritize packets received from the speci- fied source ports: HP Switch(config)# interface 1-3 qos priority 6 HP Switch(config)# interface 4-5 qos priority 5 HP Switch(config)# interface 6-7 qos priority 3 Switch(config)# show qos port-priority...
Page 282: Assigning A Dscp Policy For A Global Source-Port Classifier
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS HP Switch(config)# no interface 1 qos In this instance, No-override indicates HP Switch(config)# show qos port-priority that port 1 is not prioritized by QoS. Port priorities Port Apply rule | DSCP...
Page 283 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS b. Determine the 802.1p priority you want to assign to the DSCP. If necessary, use the qos dscp-map < codepoint > priority < 0 - 7 > command to configure the DSCP policy (codepoint and associated 802.1p priority) that you want to use to mark matching packets.
Page 284 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Syntax: interface < port-list > qos dscp < codepoint > The DSCP policy includes an 802.1p priority and determines the packet’s queue in the outbound port to which it is sent. If the packet leaves the switch on a tagged port, it carries the 802.1p priority with it to the next downstream device.
Page 285 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS HP Switch(config)# show qos dscp-map DSCP -> 802.p priority mappings NOTE: ‘qos type-of-service diff-services’ must be configured before DSCP is honored on inbound trafic. DSCP CodePoint DSCP Value 802.1p tag DSCP Policy name...
Page 286 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS HP Switch(config)# qos dscp-map 2 priority 7 HP Switch(config)# qos dscp-map 3 priority 5 HP Switch(config)# show qos dscp-map DSCP -> 802.p priority mappings NOTE: 'qos type-of-service diff-services' must be configured before DSCP is honored on inbound traffic.
Page 287 Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS Switch(eth-A2)# int e b4,c2 Switch(eth-B4,C2)# qos dscp 000010 Switch(eth-B4,C2)# int e b1-b3 Switch(eth-B1-B3)# qos dscp 000101 Switch(eth-B1-B3)# int e a2 Switch(eth-A2)# qos dscp 000111 Switch(eth-A2)# show qos port-priority Port priorities Port Apply rule | DSCP Priority Radius Override...
Page 288: Ip Multicast (Igmp) Interaction With Qos
Quality of Service: Managing Bandwidth More Effectively Globally-Configured QoS IP Multicast (IGMP) Interaction with QoS IGMP high-priority-forward causes the switch to service the subscribed IP multicast group traffic at high priority, even if QoS on the switch has relegated the traffic to a lower priority. This does not affect any QoS priority settings, so the QoS priority is honored by downstream devices.
Page 289: Advanced Classifier-Based Qos
Quality of Service: Managing Bandwidth More Effectively Advanced Classifier-Based QoS Advanced Classifier-Based QoS Starting in software release K.14.01, in addition to the packet classification and prioritization methods described in “Globally-Configured QoS” on page 5-16, QoS configuration also supports advanced classifier-based functions. Advanced classifier-based QoS introduces: A finer granularity than globally-configured QoS for classifying IPv4 and ■...
Page 290: Classifier-Based Qos Model
Quality of Service: Managing Bandwidth More Effectively Advanced Classifier-Based QoS Classifier-Based QoS Model Classifier-based QoS configuration consists of the following general steps: Classify the traffic that you want to manage by configuring a class. Configure a QoS policy in which you specify the QoS actions to execute on each class of traffic.
Page 291 Quality of Service: Managing Bandwidth More Effectively Advanced Classifier-Based QoS Create an IPv4 or IPv6 traffic class using the class command to select the packets you want to manage. Context: Global configuration Syntax: [no] class < ipv4 | ipv6 > <classname > Defines the name of a traffic class and specifies whether a policy is to be applied to IPv4 or IPv6 packets, where <...
Page 292 Quality of Service: Managing Bandwidth More Effectively Advanced Classifier-Based QoS Context: Class configuration Syntax: [no] [seq-number ] < match | ignore > < ip-protocol > < source-address > < destination-address > [ dscp codepoint ] [ precedence precedence-value ] [ tos tos-value ] [ vlan vlan-id ] For detailed information about how to enter match and ignore commands to configure a traffic class, refer to the “Creating a Traffic Class”...
Page 293 Quality of Service: Managing Bandwidth More Effectively Advanced Classifier-Based QoS [no] [seq-number] class < ipv4 | ipv6 > <classname > seq-number — The (optional) seq-number parameter • [ sequentially orders the QoS actions that you enter in a policy configuration. Actions are executed on matching packets in numerical order.
Page 294 Quality of Service: Managing Bandwidth More Effectively Advanced Classifier-Based QoS (Optional) To configure a default class in a policy, enter the default-class command at the end of a policy configuration and specify one or more QoS actions to be executed on packets that are not matched and not ignored.
Page 295: Configuring Qos Actions In A Policy
Quality of Service: Managing Bandwidth More Effectively Advanced Classifier-Based QoS Syntax: vlan <vlan-id > service-policy <policy-name > in Configures a QoS policy on the specified VLAN that is applied to inbound traffic on the VLAN interface. Valid VLAN ID numbers range from 1 to 4094. The QoS policy name you enter must be the same as the policy name you configured with the policy command in Step 2.
Page 296 – Configuring a rate limit of 0 (zero) kilobits on a port blocks all traffic on the port. If blocking all traffic is the desired behavior, HP recommends that you configure a deny ACL instead configuring a rate- limit of 0.
Page 297 Quality of Service: Managing Bandwidth More Effectively Advanced Classifier-Based QoS action <qos-action > [action <qos-action > ...] —Continued— For information on globally-configured ICMP, refer to the “Configuring ICMP” section in the “Configuring IP Parameters for Routing Switches” chapter in the Multicast and Routing Guide. •...
Page 298 Quality of Service: Managing Bandwidth More Effectively Advanced Classifier-Based QoS action <qos-action > [action <qos-action > ...] —Continued— Table 5-2 shows how the Layer 2 802.1p priority value determines to which outbound port queue a packet is sent. Table 5-8 shows the 802.1p priority value (0 to 7) associated, by default, with each IP Precedence three-bit setting and automatically assigned by the switch to the Layer 2 header of matching packets.
Page 299 VLAN. HP Switch(config)# qos dscp-map af43 priority 5 HP Switch(config)# class ipv4 dscp5 HP Switch(config-class)# match ip any any dscp af11 HP Switch(config-class)# exit HP Switch(config)# policy qos dscp-remap HP Switch(config-policy)# class ipv4 dscp5 action dscp af43...
Page 300: Override Of Global Qos Settings
Quality of Service: Managing Bandwidth More Effectively Advanced Classifier-Based QoS Override of Global QoS Settings After you apply a QoS policy to an interface, the classifier-based settings configured by QoS actions in the policy override any 802.1p CoS or DSCP codepoint values that were globally-configured on the switch to mark packets using the QoS commands described in “Globally-Configured QoS”...
Page 301: Viewing A Classifier-Based Qos Configuration
Additional variants of the show class … command provide information on classes that are members of policies that have been applied to ports or VLANs. HP Switch(config)# show class ipv4 gnutella Statements for Class ipv4 "gnutella" 10 match tcp 0.0.0.0 255.255.255.255 range 6346 6347 0.0.0.0 255.255.255.255 20 match tcp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 range 6346 6347...
Page 302 Additional variants of the show policy… command provide information on policies that have been applied to ports or VLANs. HP Switch(config)# show policy suspect-traffic Statements for Policy "suspect-traffic" 10 class ipv4 "http" action rate-limit kbps 2000 action priority 3 20 class ipv4 "kazaa" action rate-limit kbps 1000 action priority 2 30 class ipv4 "gnutella"...
Page 303 Quality of Service: Managing Bandwidth More Effectively Advanced Classifier-Based QoS HP Switch# show statistics policy suspect-traffic vlan 300 in HitCounts for Policy suspect-traffic 10 class ipv4 "http" action rate-limit kbps 2000 action priority 3 [ Meter 975000 kilo bits] (150) 10 match tcp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 eq 80...
Page 304 Quality of Service: Managing Bandwidth More Effectively Advanced Classifier-Based QoS HP Switch# show policy resources Includes the hardware resources used by classifier-based QoS policies that are currently Resource usage in Policy Enforcement Engine applied to inerfaces on the switch. Rules...
Page 305: Classifier-Based Qos Restrictions
Quality of Service: Managing Bandwidth More Effectively Advanced Classifier-Based QoS Classifier-Based QoS Restrictions The following restrictions apply to QoS policies configured with the classifier- based model: ■ You cannot apply a classifier-based QoS policy on a port or VLAN interface on which a classifier-based QoS policy is already configured.
Page 306: Classifier-Based Qos Configuration Examples
The following QoS configuration creates and assigns a QoS policy to VLAN 1 that prioritizes VoIP and data traffic in this way: HP Switch(config)# class ipv4 DataTraffic HP Switch(config-class)# match ip any any dscp 0 HP Switch(config-class)# exit HP Switch(config)# class ipv4 softphoneTraffic HP Switch(config-class)# match tcp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255...
Page 307: Qos Policy For Layer 4 Tcp/Udp Traffic
HP Switch(config)# class ipv4 adminTraffic HP Switch(config-class)# match ip 15.29.16.1/10 any HP Switch(config-class)# match ip any 15.29.16.1/10 HP Switch(config-class)# match tcp ::/0 ::/0 range 100 200 ip-dscp 46 HP Switch(config-class)# exit Match statement with IPv6 source HP Switch(config)# policy prioritizeAdminTraffic and destination addresses.
Page 308: Differentiated Services Codepoint (Dscp) Mapping
Quality of Service: Managing Bandwidth More Effectively Differentiated Services Codepoint (DSCP) Mapping Differentiated Services Codepoint (DSCP) Mapping The DSCP Policy Table associates an 802.1p priority with a DSCP codepoint in an IPv4/IPv6 packet. Using DSCP codepoints in your network allows you to set a LAN policy that operates independently of 802.1Q VLAN-tagging.
Page 309: Default Priority Settings For Selected Codepoints
Quality of Service: Managing Bandwidth More Effectively Differentiated Services Codepoint (DSCP) Mapping Table 5-11. The Default DSCP Policy Table DSCP Policy 802.1p Priority DSCP Policy 802.1p Priority DSCP Policy 802.1p Priority 000000 No-override 010110 101011 No-override 000001 No-override 010111 No-override 101100 No-override No-override...
Page 310: Displaying Non-Default Codepoint Settings
If you reconfigure these three codepoints to a priority of 3 and then enter the write memory command, the switch displays the changes in the show config listing: HP Switch(config)# qos dscp-map 001100 priority 3 HP Switch(config)# qos dscp-map 001101 priority 3 HP Switch(config)# qos dscp-map 001110 priority 3...
Page 311: Notes On Changing A Priority Setting
Quality of Service: Managing Bandwidth More Effectively Differentiated Services Codepoint (DSCP) Mapping In this case, the packets are handled as follows (as long as no other QoS classifier marks a new 802.1p priority on the matching packets): Outbound 802.1p 802.1Q Status Priority Received and forwarded on a tagged-port member of a VLAN Unchanged...
Page 312: Error Messages For Dscp Policy Changes
Quality of Service: Managing Bandwidth More Effectively Differentiated Services Codepoint (DSCP) Mapping Do one of the following: Reconfigure each QoS policy by re-entering a different DSCP code- point or a different 802.1p priority associated with the codepoint. b. Enter the no qos < classifier > or no policy < qos-policy > command to remove the current DSCP policy with codepoint 000001 and reset the priority to No-override.
Page 313: Example Of Changing The Priority Setting On A Policy When One Or More Classifiers Are Currently Using The Policy
If you try to modify the priority currently associated with the code- point, an error message similar to the following is displayed: HP Switch(config)# qos dscp-map 1 priority 2 Cannot modify DSCP Policy 1 - in use by other qos rules.
Page 314 Assign the global QoS policy that matches udp-port 1260 packets to a different 802.1p priority. a) HP Switch(config)# no qos device-priority 10.26.50.104 b) HP Switch(config)# qos dscp-map 000100 priority 6 c) HP Switch(config)# int 3 qos dscp 000100 d) HP Switch(config)# qos udp-port 1260 priority 2 Reconfigure the desired priority for the 000001 codepoint.
Page 315: Qos Queue Configuration
Quality of Service: Managing Bandwidth More Effectively QoS Queue Configuration QoS Queue Configuration QoS queue configuration allows you to reduce the number of outbound queues that all switch ports use to buffer packets for 802.1p user priorities. By default the switches covered in this guide use eight queues. You can change the default QoS queue configuration to four-queue mode or two-queue mode to increase the available bandwidth per queue.
Page 316: Mapping Of Outbound Port Queues
Quality of Service: Managing Bandwidth More Effectively QoS Queue Configuration Mapping of Outbound Port Queues The mapping of 802.1p priorities to outbound port queues is shown in Table 5-13. Table 5-13. Mapping of 802.1p Priorities to Outbound Port Queues 802.1p 8 Queues 4 Queues 2 Queues...
Page 317: Minimum Guaranteed Bandwidth With 8 Queues
5 Mbps or less for a given queue, then packets in the lower-priority queues may be discarded on ports that are oversubscribed for extended periods of time. If the oversubscription cannot be corrected, HP recommends reconfiguring the switch to operate with four outbound queues. The command...
Page 318: Configuring The Number Of Priority Queues
(the default) to four: Configure the number of outbound priority queues by using the qos queue- config command. HP Switch(config)# qos queue-config 4-queues A caution message is displayed (see the Caution note above) concluding with the following prompt.
Page 319: Viewing The Qos Queue Configuration
Quality of Service: Managing Bandwidth More Effectively QoS Queue Configuration Viewing the QoS Queue Configuration To display the current priority queue configuration and memory allocations per queue, enter the show qos queue-config command. #: show qos queue-config HP Switch 802.1p Queue Priority Memory % -----...
Page 320 Quality of Service: Managing Bandwidth More Effectively QoS Queue Configuration 5-102...
Page 321: Stack Management For The 3500, 3500Yl, 6200Yl And 6600 Switches
This feature is available on the 3500, 3500yl, 6200yl and 6600 switches, but not on the 5400zl and 8200zl switches. HP Stack Management (stacking) enables you to use a single IP address and standard network cabling to manage a group of up to 16 total switches in the same IP subnet (broadcast domain).
Page 322 Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Introduction to Stack Management on the 3500, 3500yl, 6200yl and 6600 Switches Summary of Stacking Features Feature Default Menu WebAgent view stack status view status of a single switch page 6-24 page 6-29 Refer to thru Online...
Page 323: Components Of Hp Stack Management
Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Introduction to Stack Management on the 3500, 3500yl, 6200yl and 6600 Switches Components of HP Stack Management Table 6-1. Stacking Definitions Stack Consists of a Commander switch and any Member switches belonging to that Commander’s stack.
Page 324 Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Introduction to Stack Management on the 3500, 3500yl, 6200yl and 6600 Switches Use the Commander’s console or Wiring Closet "A" WebAgent to access the user Member Switch 1 Candidate Switch interface on any Member switch in IP Address: None Assigned IP Address: None Assigned...
Page 325: Operating Rules For Stacking
Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Introduction to Stack Management on the 3500, 3500yl, 6200yl and 6600 Switches Operating Rules for Stacking General Rules ■ Stacking is an optional feature (enabled in the default configuration) and can easily be disabled. Stacking has no effect on the normal operation of the switch in your network.
Page 326: Specific Rules
Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Introduction to Stack Management on the 3500, 3500yl, 6200yl and 6600 Switches Specific Rules Table 6-2. Specific Rules for Commander, Candidate, and Member Switch IP Addressing and Number Allowed Passwords SNMP Communities Stack Name Per Stack...
Page 327: Configuring Stack Management
(if more than one stack Commander is configured in a subnet or broadcast domain). If you plan to install more than one stack in a subnet, HP recommends that you leave Auto Grab disabled on all Commander switches and manually add Members to their stacks.
Page 328 Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management Options for Configuring a Commander and Candidates. Depending on how Commander and Candidate switches are configured, Candidates can join a stack either automatically or by a Commander manually adding (“pulling”) them into the stack.
Page 329: General Steps For Creating A Stack
Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management Default stacking configuration (Stack State set to Candidate, and Auto ■ Join set to Yes) Same subnet (broadcast domain) and default VLAN as the ■ Commander (If VLANs are used in the stack environment, see “Stacking Operation with a Tagged VLAN”...
Page 330 Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management Configure the Commander switch. Doing this first helps to establish consistency in your stack configuration, which can help prevent startup problems. • A stack requires one Commander switch. If you plan to implement more than one stack in a subnet (broadcast domain), the easiest way to avoid unintentionally adding a Candidate to the wrong stack is to manually control the joining process by leaving the...
Page 331: Using The Menu Interface To View Stack Status And Configure Stacking
Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management Using the Menu Interface To View Stack Status and Configure Stacking Using the Menu Interface To View and Configure a Commander Switch Configure an IP address and subnet mask on the Commander switch. (Refer to the Management and Configuration Guide for your switch.) Display the Stacking Menu by selecting Stacking in the Main Menu.
Page 332 Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management Move the cursor to the Stack State field by pressing (for Edit). Then use the Space bar to select the Commander option. Press the downarrow key to display the Commander configuration fields in the Stack Configuration screen.
Page 333: Using The Menu To Manage A Candidate Switch
Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management Using the Menu To Manage a Candidate Switch Using the menu interface, you can perform these actions on a Candidate switch: ■ Add (“push”) the Candidate into an existing stack ■...
Page 334 1 to 300 seconds. Note: All switches in the stack must be set to the same transmis- sion interval to help ensure proper stacking operation. HP recom- mends that you leave this parameter set to the default 60 seconds.
Page 335: Using The Commander To Manage The Stack
Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management press to return the cursor to the Actions line. [Enter] (for Save) to save your configuration changes and return to the Press Stacking menu. Using the Commander To Manage The Stack The Commander normally operates as your stack manager and point of entry into other switches in the stack.
Page 336 Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management For status descriptions, see the table on page 6-44. Figure 6-9. Example of the Stack Management Screen (for Add) to add a Candidate. You will then see this screen listing Press the available Candidates: The Commander automatically selects an...
Page 337 Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management • If the desired Candidate has a Manager password, press the downarrow key to move the cursor to the Candidate Password field, then type the password. • If the desired Candidate does not have a password, go to step 6.
Page 338 Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management 2. Stacking Status (All) You will then see the Stacking Status (All) screen: For status descriptions, see the table on page 6-44. This column lists the MAC Addresses for switches Using the MAC addresses for these discovered (in the local...
Page 339 Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management Do one of the following: • If the stack containing the Member you are moving has a Manager password, press the downarrow key to select the Candidate Password field, then type the password.
Page 340 Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management To remove a Member from a stack, use the Stack Management screen. From the Main Menu, select: 9. Stacking... 4. Stack Management You will then see the Stack Management screen: For status descriptions, see the table on page 6-44.
Page 341: Using The Commander To Access Member Switches For Configuration Changes And Monitoring Traffic
Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management To continue deleting the selected Member, press the Space bar once to select Yes for the prompt, then press to complete the deletion. The [Enter] Stack Management screen updates to show the new stack Member list. Using the Commander To Access Member Switches for Configuration Changes and Monitoring Traffic After a Candidate becomes a stack Member, you can use that stack’s...
Page 342: Converting A Commander Or Member To A Member Of Another Stack
Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management Main Menu for stack Member named “Coral Sea” (SN = 1 from figure 6-16) Figure 6-17. The eXecute Command Displays the Console Main Menu for the Selected Stack Member You can now make configuration changes and/or view status data for the selected Member in the same way that you would if you were directly connected or telnetted into the switch.
Page 343: Monitoring Stack Status
Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management Press (for Back) to return to the Stacking Menu. To display Stack Configuration menu for the switch you are moving, select 3. Stack Configuration Press (for Edit) to select the Stack State parameter. Use the Space bar to select Member, then press [v] to move to the Com- mander MAC Address field.
Page 344 Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management Using Any Stacked Switch To View the Status for All Switches with Stacking Enabled. This procedure displays the general status of all switches in the IP subnet (broadcast domain) that have stacking enabled. Go to the console Main Menu for any switch configured for stacking and select: 9.
Page 345 Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management You will then see the Commander’s Stacking Status screen: Figure 6-19. Example of the Commander’s Stacking Status Screen Viewing Member Status. This procedure displays the Member’s stacking information plus the Commander’s status, IP address, and MAC address.
Page 346 Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management Figure 6-20. Example of a Member’s Stacking Status Screen Viewing Candidate Status. This procedure displays the Candidate’s stacking configuration. To display the status for a Candidate: Use Telnet (if the Candidate has a valid IP address for your network) or a direct serial port connection to access the menu interface Main Menu for the Candidate switch and select 9.
Page 347: Using The Cli To View Stack Status And Configure Stacking
Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management Using the CLI To View Stack Status and Configure Stacking The CLI enables you to do all of the stacking tasks available through the menu interface.) Table 6-6. CLI Commands for Configuring Stacking on a Switch CLI Command Operation show stack...
Page 348 Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management CLI Command Operation [no] stack member Commander: Adds a Candidate to stack membership. “No” form removes a Member from stack membership. To easily determine the MAC address of a <switch-num>...
Page 349: Using The Cli To View Stack Status
Viewing the Status of Candidates the Commander Has Detected. This example illustrates how to list stack candidates the Commander has discovered in the ip subnet (broadcast domain). Syntax: show stack candidates HP Switch(config)# show stack candidates Stack Candidates Candidate MAC System Name Device Type ------------- ---------------------- ---------------------...
Page 350 IP subnet. Because the switch on which the show stack all command was executed is a candidate, it is included in the “Others” category. Syntax: show stack all HP Switch(config)# show stack all Stacking - Stacking Status (All) Stack Name MAC Address...
Page 351: Using The Cli To Configure A Commander Switch
Big_Waters (Note that if stacking was previously disabled on the switch, this command also enables stacking.) (config)# stack commander Big_Waters HP Switch As the following display shows, the Commander switch is now ready show stack to add members to the stack.
Page 352 < stack name > Suppose, for example, that an HP switch named “Bering Sea” is a Member of a stack named “Big_Waters”. To use the switch’s CLI to convert it from a stack Member to the Commander of a new stack named “Lakes”, you would use the...
Page 353: Adding To A Stack Or Moving Switches Between Stacks
Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management The output from this command tells you the MAC address of the current stack Commander. Bering Sea(config)# show stack Stacking - Stacking Status (This Switch) Stack State : Member Transmission Interval : 60...
Page 354 The MAC address of the discovered Candidate you are adding to the stack. ■ To see this data, use the show stack candidates listing . For example: HP Switch# show stack view Stack Members SN MAC Address System Name Device Type...
Page 355 (config)# stack member 2 mac-address 000883- HP Switch 08f234 The show stack view command then lists the Member added by the above command: HP Switch# show stack view Stack Members SN MAC Address System Name Device Type Status...
Page 356 1. Telnet to the Candidate named “North Sea”. 2. Use show stack all to display the Commander’s MAC address. HP Switch# telnet 10.28.227.104 HP Switch# show stack all MAC Address for Stack Commander Stacking - Stacking Status (All) Stack Name...
Page 357 Figure 6-32. Example of Stack Listing with Two Stacks in the Subnet You would then execute the following command to pull the desired switch into the new stack: HP Switch(config)# stack member 1 mac-address 000883- e9cfc0 is an unused switch number (...
Page 358: Using The Cli To Remove A Member From A Stack
“Big_Waters”, you would execute the following commands in the switch’s CLI: Eliminates the “Test” stack and converts the Commander to a Candidate. HP Switch(config)# no stack name Test Helps you to identify the MAC address of the HP Switch(config)# show stack all Commander for the “Big_Waters”...
Page 359 Member Up Figure 6-34. Example of a Commander and Three Switches in a Stack You would then execute this command to remove the “North Sea” switch from the stack: HP Switch(config)# no stack member 3 mac-address 0001e6- 0421c0 where: •...
Page 360: Using The Cli To Access Member Switches For Configuration Changes And Traffic Monitoring
Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management North Sea(config)# show stack CLI for “North Sea” Stack Member Stacking - Stacking Status (This Switch) Stack State : Member Transmission Interval : 60 Switch Number MAC Address of the Stack Name : Big_Waters Commander for the...
Page 361 Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management HP Switch(config)# show stack view switch Stack Members number (SN) for SN MAC Address System Name Device Type Status -- ------------- ------------- -------------------- ------------ “North Sea” 1cc1de-cfbc80 Big_Waters-0...
Page 362: Snmp Community Operation In A Stack
Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management SNMP Community Operation in a Stack Community Membership In the default stacking configuration, when a Candidate joins a stack, it automatically becomes a Member of any SNMP community to which the Commander belongs, even though any community names configured in the Commander are not propagated to the Member’s SNMP Communities listing.
Page 363: Using The Cli To Disable Or Re-Enable Stacking
(Enables stacking on the switch.) Transmission Interval All switches in the stack must be set to the same transmission interval to help ensure proper stacking operation. HP recommends that you leave this param- eter set to the default 60 seconds. Syntax: stack transmission-interval <...
Page 364: Status Messages
Stack Management for the 3500, 3500yl, 6200yl and 6600 Switches Configuring Stack Management Stacking uses only the primary VLAN on each switch in a stack. ■ The primary VLAN can be tagged or untagged as needed in the ■ stacking path from switch to switch. ■...
Page 365: Qinq (Provider Bridging)
QinQ (Provider Bridging) Overview QinQ (Provider Bridging) Overview This chapter describes how to enable QinQ operations on the switch and how to configure provider bridge S-VLANs and port assignments. For information on how to configure and use static, port-based and proto- col-based VLANs, refer to chapter 1, “Static Virtual LANs (VLANs)”.
Page 366: Introduction
QinQ (Provider Bridging) Introduction Introduction The IEEE 802.1ad specification, commonly known as QinQ or provider bridg- ing, extends the IEEE 802.1Q standard by providing for a second tier of VLANs in a bridged network. The general purpose of QinQ is to allow frames from multiple customers to be forwarded (or tunneled) through another topology (provider network) using service VLANs or S-VLANs.
Page 367: How Qinq Works
QinQ (Provider Bridging) Introduction How QinQ Works Under QinQ, the provider network operates on a different VLAN space, independent of the VLANs that are used in the customer network as shown in Figure 7-2. Service Provider Network Customer A Customer A VLAN 1 Service VLAN 100 VLAN 1...
Page 368: Terminology
QinQ (Provider Bridging) Introduction Terminology C-VLANs. Customer network VLANs that can exist across multiple locations. These are assigned and managed by each customer and are local to the customer space. C-VLAN bridge. A customer-owned device operating regular 802.1Q VLANs. Customer. The consumer of network services delivered by a service provider. Customer-network port.
Page 369: Operating Rules And Guidelines
QinQ (Provider Bridging) Introduction S-VLAN bridge. Provider-owned device configured in qinq svlan mode that uses S-VLANs only to forward frames in the provider network. This bridge can be further sub-classified as: • Provider edge bridge. An svlan bridge that has customer network ports configured on the device.
Page 370: Qinq Mixed Vlan Mode
Regular ports Normal VLAN switching Figure 7-3. HP Switch in Mixed-VLAN mode Configuring VLANs ■ A VLAN created on a QinQ mixed vlan mode device can be either a regular VLAN (C-VLAN) or a tunnel VLAN (S-VLAN). C-VLANs have no mapping/ relation whatsoever to the S-VLANs on the device.
Page 371 QinQ (Provider Bridging) Introduction QinQ and Duplicate VIDs. Duplicate VID’s for c-tagged and s-tagged VLANs (for example, C-VID=100; S-VID=100) are allowed in certain cases and disallowed in others. Customer-network ports are essentially S-VLAN ports: they simply read the C-tags in the customer frame to insert them into the appropriate untagged S-VLAN for that port.
Page 372: Operating Notes And Restrictions
QinQ (Provider Bridging) Introduction Assigning Ports to VLANs. In mixed vlan mode, a port can be a member of a C-VLAN or of an S-VLAN but not both. For details, on assigning member- ship to provider-based VLANs, see “Configuring Per-Port S-VLAN Member- ship”...
Page 373 VLAN tag and customer VLAN tag in each QinQ frame, the size of each ‘double-tagged’ frame increases by 4 bytes. To accommodate the frame size increase, HP recommends that you configure all port-based S-VLANs to accept jumbo frames. See the section on “Jumbo Frames” in the Management and Configuration Guide for details.
Page 374 QinQ (Provider Bridging) Introduction • In QinQ mixed vlan mode, only ports that are members of S-VLANs can be configured as customer network or provider network ports; ports that are members of C-VLANs cannot be configured to any port-type. • QinQ mixed vlan mode devices cannot be connected in an S-VLAN mesh topology.
Page 375: Configuring Qinq
QinQ (Provider Bridging) Configuring QinQ Configuring QinQ QinQ must be configured on all the devices and ports participating in the provider bridge. Typically, customer facing ports are configured as untagged members of S-VLANs and provider facing ports are configured as tagged members of S-VLANs.
Page 376: Enabling Qinq
QinQ (Provider Bridging) Configuring QinQ Enabling QinQ By default, QinQ is disabled on the switch. To enable QinQ, the switch must be put into either QinQ mixed vlan mode or QinQ svlan mode by issuing one of the following commands from configuration mode on the CLI. Syntax: qinq mixedvlan <tag-type[tpid]>...
Page 377: Configuring Per-Port S-Vlan Membership
S-VLAN, the CLI will issue a message disallowing the configuration. For example: HP Switch<config #> svlan 200 tagged a1,a2 GVRP enabled ports cannot be members of svlans. Disable the interface level gvrp configuration.
Page 378: Configuring Port-Types
QinQ (Provider Bridging) Configuring QinQ Now when you configure the port, the CLI will issue a warning prompt: HP Switch<config #> svlan 200 tagged a1,a2 Ports a1, a2 will lose their cvlan memberships if any. Do you want to continue? [y/n] y Press [Y] to continue and automatically configure both ports as port-type ‘provider-network’...
Page 379: Configuration Example
QinQ (Provider Bridging) Configuration Example Configuration Example Figure 7-6 shows a configuration example that uses four HP switches to establish a QinQ tunnel through the provider network. Service Provider Network Customer VLANs S-VLANs 100 ( 1 – 10 Customer A 100 ( 1 –...
Page 380 QinQ (Provider Bridging) Configuration Example The relationship between S-VLANs and C-VIDs is typically one to many. ■ An alternative configuration might associate a single customer’s C-VIDs with more than one S-VLAN. Such a configuration would most likely be used to tunnel distinct C-VIDs through various S-VLANs, but seldom be used to send the same C-VID through multiple S-VLANs.
Page 381 As recommended by IEEE 802.1ad specification, uplink ports should generally be configured as tagged ports for S-VLANs that are used to carry customer traffic. However, this is not a mandatory requirement on HP switches—S-VLANs that are used for internal provider network use (not carrying customer traffic but for management of the provider network devices) can have untagged port memberships.
Page 382 QinQ (Provider Bridging) Configuration Example Reboot the box with the configuration saved to transfer into svlan bridge mode. Configure S-VLANs and customer ports connected to the customer net- work. Edge2(config)# svlan 100 Edge2(svlan-100)# untagged A1 Edge2(svlan-100)# exit Edge2(config)# int A1 qinq port-type customer-network Edge2(config)# svlan 200 Edge2(svlan-200)# untagged A2 Edge2(svlan-200)# exit...
Page 383 QinQ (Provider Bridging) Configuration Example Reboot the box with the configuration saved to transfer into svlan bridge mode. Configure S-VLANs and port assignments. Core 1(config)# svlan 100 Core 1(svlan-100)# tagged A1, A2 Core 1(svlan-100)# exit Core 1(config)# svlan 200 Core 1(svlan-200)# tagged A1, A2 Core 1(svlan-200)# exit Core 1(config)# interface A1,A2 qinq port-type provider-network...
Page 384: Updating Qinq Configurations
QinQ (Provider Bridging) Updating QinQ Configurations Updating QinQ Configurations This section considers the impacts of updating QinQ modes and configuration settings on the switch. Changing QinQ Modes Changing QinQ modes (and/or disabling QinQ operations) will result in the current configuration being erased. See the following Caution for details. C a u t i o n Configuring the switch to operate in a different bridge mode requires a reboot to take effect.
Page 385: Moving Ports Between C-Vlans And S-Vlans (Mixed Vlan Mode)
CLI issues a warning and prompt if any of the ports listed already belong to a regular VLAN. For example: HP Switch<config #> svlan 200 tagged a1,a2 Ports a1, a2 will lose their cvlan memberships if any. Do you want to continue: y/n?
Page 386: Displaying Qinq Config And Status
Tag-id: Displayed only if QinQ is enabled on the switch. Port Type: Displayed only if QinQ is enabled on the switch. On a mixed mode device, port type is only shown for svlan ports. For example: HP Switch(config)# show qinq QinQ Global Configuration: ----------------------------------------------- Bridge-mode...
Page 387: Show Commands For Vlans
VLAN CVLAN, or it can be a tunnel VLAN in the provider network SVLAN. For example: HP Switch(config)# show vlans Status and Counters - VLAN Information When QinQ is disabled Maximum VLANs to support : 256...
Page 388 VLAN CVLAN, or it can be a tunnel VLAN in the provider network SVLAN. For example: HP Switch(config)# show vlan 10 Status and Counters - VLAN Information - Ports - VLAN 10 VLAN ID : 10...
Page 389: Displaying Spanning Tree Status
VLAN in the provider network SVLAN. For example: When QinQ is enabled, the VLAN Type is displayed. HP Switch(config)# show vlans ports 1 detail Status and Counters - VLAN Information - for ports 1 VLAN ID Name Type | Status...
Page 390: Effects Of Qinq On Other Switch Features
The IEEE standards group are devising new addressing schemes that may support additional QinQ tunneling operations. Check the latest product release notes for implementation updates as they apply to HP switches. When QinQ is not enabled (the default setting), there are no impacts to the switch’s normal operations.
Page 391 QinQ (Provider Bridging) Effects of QinQ on Other Switch Features In QinQ mixed vlan or svlan modes: • CDP frames are consumed at customer network ports, if CDP is enabled on the device port, and the customer device shows up as a CDP neighbor on the customer-network port.
Page 392 QinQ (Provider Bridging) Effects of QinQ on Other Switch Features In QinQ mixed vlan or svlan modes: • CDP frames are consumed at customer network ports, if CDP is enabled on the device port, and the customer device shows up as a CDP neighbor on the customer-network port.
Page 393 QinQ (Provider Bridging) Effects of QinQ on Other Switch Features In QinQ mixed vlan or svlan modes: • CDP frames are consumed at customer network ports, if CDP is enabled on the device port, and the customer device shows up as a CDP neighbor on the customer-network port.
Page 394 QinQ (Provider Bridging) Effects of QinQ on Other Switch Features LACP/ In QinQ mixed vlan mode: Port Trunks • Dynamic-LACP is not supported on S-VLAN ports: LACP manual trunks alone are supported. The new trunk will be a member of C-VLANs (port types are not applicable).
Page 395 QinQ (Provider Bridging) Effects of QinQ on Other Switch Features Mirroring/ In QinQ mixed vlan mode: Monitoring • Remote mirroring is not supported on S-VLANs. • Cannot monitor a VLAN with mirror ports in the other VLAN domain. That is, an S-VLAN or an S-VLAN port cannot be monitored using a C-VLAN port as its mirror, and vice-versa.
Page 396: Event Log Messages
QinQ (Provider Bridging) Event Log Messages Stacking In QinQ mixed vlan mode: • Stacking is only supported on C-VLANs. The device does not advertise itself (using the stack discovery protocol) in the S-VLAN space. In QinQ svlan mode: • Stacking discovery protocol frames will not be sent out of customer-network ports;...
Page 397: Classifier-Based Software Configuration
Classes can be based on IPv4 or IPv6 addresses (which you specify in the policy). For information about traffic classes, see “Traffic Classes” on page 8-2. When you are using an HP AllianceONE Extended Services zl Module that supports Transparent Mode, you can also classify traffic based on zones. For...
Page 398: Traffic Classes
Classifier-Based Software Configuration Traffic Classes Traffic Classes The Classifier feature introduces: ■ A finer granularity than globally configured features for placing network traffic (IPv4 or IPv6) into classes that can be used in cross-feature software configurations Additional policy actions, such as rate-limiting and IP precedence mark- ■...
Page 399 Classifier-Based Software Configuration Traffic Classes • Quality of Service (policy qos command) Port and VLAN mirroring (policy mirror command) • Policy Based Routing (policy pbr command) • Assign the policy to an inbound port or VLAN interface using the interface service-policy in or vlan service-policy in command.
Page 400: Creating A Traffic Class
Classifier-Based Software Configuration Traffic Classes Creating a Traffic Class In the traffic class-based configuration model, you use match criteria to create a class of IPv4 or IPv6 traffic and select the packets you want to manage. In a traffic class configuration, match criteria consist of match and ignore com- mands.
Page 401: Traffic Class Configuration Procedure
Classifier-Based Software Configuration Traffic Classes If a default class is configured in the policy, the actions specified in the ■ default-class command are performed on packets that do not match the criteria in preceding classes in the policy (see Step 3 in “Creating a Service Policy”...
Page 402 Classifier-Based Software Configuration Traffic Classes Enter one or more match or ignore commands from the traffic class configuration context to filter traffic and determine the packets on which policy actions will be performed. Context: Class configuration Syntax: [no] [seq-number ] < match | ignore > < ip-protocol > <...
Page 403 Classifier-Based Software Configuration Traffic Classes When entering a match/ignore command in an IPv4 or IPv6 class, type ? to display a list of valid ip- protocol entries. • In an IPv4 class, you can enter any of the following IPv4 protocol match criteria: ahesp icmp* igmp*...
Page 404 Classifier-Based Software Configuration Traffic Classes < source-address > < destination-address > Define the source IP address (SA) and destination IP address (DA) that a packet must contain to match a match/ignore statement in an IPv4 or IPv6 traffic class. Note that both the source and destination address parameters are required entries in a match/ ignore statement.
Page 405 Classifier-Based Software Configuration Traffic Classes • SAv4/mask-length | DAv4/mask-length — Matches packets received from, or destined to, an IPv4 subnet or a group of IPv4 addresses defined by the mask length. Enter the mask length for an IPv4 SA or DA mask in CIDR format by using the number of significant bits.
Page 406 Classifier-Based Software Configuration Traffic Classes • SAv6/prefix-length | DAv6/prefix-length — Matches packets received from, or destined to, an IPv6 subnet or a group of IPv6 addresses defined by the prefix length. Enter the prefix length for an IPv6 SA/DA in CIDR format by using the number of significant bits;...
Page 407 Classifier-Based Software Configuration Traffic Classes To display a list of valid codepoint entries when you enter ip-dscp in a match/ignore statement, type ?. The DSCP codepoints are the leftmost six bits of the ToS/Traffic Class byte (see Figure 8-2). [ precedence precedence-value ] (Optional) Matches the three-bit IP precedence value in IPv4 or IPv6 packets to further define match criteria.
Page 408 Classifier-Based Software Configuration Traffic Classes Valid values are the numeric value or corresponding name of the DTR bit set. Some useful values are as follows: normal max-reliability max-throughput minimize-delay Default: 0 or normal. To display a list of valid tos-value entries when you enter tos in a match/ignore statement, type ?.
Page 409 Classifier-Based Software Configuration Traffic Classes Figure 8-2 uses a sample ToS/Traffic Class field of 10101000 to show the differences between the IP precedence (101), DSCP (101010), and ToS/Traffic Class (10101000) bits. Note that the rightmost two bits are reserved as 00. Type-of-Service Byte (in IPv4 Header) Traffic Class Byte (in IPv6 Header) Differentiated Services Codepoint...
Page 410: Optional Icmp Match Criteria
HP Switch(config-class)# match ip any 15.29.16.1/10 HP Switch(config-class)# exit HP Switch(config)# class ipv4 http HP Switch(config-class)# match tcp any any eq 80 HP Switch(config-class)# match tcp any any eq 443 HP Switch(config-class)# match tcp any any eq 8080 HP Switch(config-class)# ignore tcp any eq 1214 any...
Page 411 Classifier-Based Software Configuration Traffic Classes [ icmp-type-number ] Configures an ICMP packet type as match criteria in a class configuration by entering its numeric identifier. Valid values are from 0 to 255. For information on ICMP packet-type names and numeric identifiers, go to the Internet Assigned Numbers Authority (IANA) website at www.iana.com, click on “Protocol Num- ber Assignment Services”, and then go to the selections...
Page 412 Classifier-Based Software Configuration Traffic Classes [ icmpv6-type-name ] You can also enter any of the following ICMPv6 packet-type names to configure more precise match criteria for ICMP packets in an IPv6 class configuration. To display a list of valid icmpv6-type-name entries when you enter icmp as the IP protocol type in a match/ignore state- ment, type ?.
Page 413: Optional Igmp Match Criteria
Enter the optional IGMP match criteria immediately after the destination IP address (DA) value in the command syntax; for example: HP Switch(config-class)# match igmp any any host- query [ igmp-type ] Configures an IGMP packet type as match criteria in a class configuration.
Page 414: Optional Tcp And Udp Match Criteria
Enter the optional TCP/UDP match criteria immediately after the source and/or destination address in the command syntax; for exam- ple: HP Switch(config-class)# match tcp host 10.20.10.17 eq 23 host 10.20.10.155 established HP Switch(config-class)# match tcp host 10.10.10.100 host 10.20.10.17 eq telnet HP Switch(config-class)# ignore udp 10.30.10.1/24...
Page 415 Classifier-Based Software Configuration Traffic Classes neq < tcp/udp-port-number> • — “Not Equal” matches any packet with a TCP or UDP source port number that is not equal to < tcp/udp-port-number >. range < start-port-number > < end-port-number > • — Matches any packet with a TCP or UDP source port number in the range <start-port-number >...
Page 416: Using Cidr Notation For Ipv4/Ipv6 Addresses
Classifier-Based Software Configuration Traffic Classes For example, a Telnet connection requires TCP traffic to move both ways between a host and the target device. If you configure a match statement for inbound Telnet traffic, policy actions are normally applied to Telnet traffic in both directions because responses to outbound requests are also matched.
Page 417 Classifier-Based Software Configuration Traffic Classes Table 9-1.How CIDR Notation is Used with IPv4 SA/DA Match Criteria IPv4 Source/Destination Resulting Mask Range of IPv4 Addresses Selected Address Used with CIDR by the Match Criteria Notation in a Match/Ignore Statement 10.38.240.125/15 0.1.255.255 The leftmost 15 bits must match;...
Page 418 Classifier-Based Software Configuration Traffic Classes N o t e Although IPv4 and IPv6 masks are applied in opposite directions: ■ An IPv4 mask-length is applied from right to left, starting from the right- most bits. ■ An IPv6 prefix-length is applied from left to right, starting from the leftmost bits.
Page 419 Classifier-Based Software Configuration Traffic Classes Example of How IPv6 Mask Bit Settings Define a Match. Figure 8-4 shows an example in which an IPv6 prefix-length of 126 is used to select four IPv6 addresses in a match statement. The specified source IPv6 address is: 2001:DB8:0000:0000:244:17FF:FEB6:D37D.
Page 420: Resequencing Match/Ignore Statements
Classifier-Based Software Configuration Traffic Classes Figure 8-6 shows how the binary equivalent (1100) of the “C” value in the last block of the resulting IPv6 mask supports four possible combinations (D37C, D37D, D37E, and D37F) in the last block of a matching IPv6 address. There- fore, the IPv6 mask that results from a /126 prefix-length matches inbound traffic from four IPv6-based devices.
Page 421: Creating A Service Policy
4 match ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 exit . . . HP Switch(config)# class resequence ipv4 My-devices 10 10 HP Switch(config)# class ipv4 My-devices HP Switch(config-class)# 15 match ip 10.10.10.2 0.0.0.255 any HP Switch(config-class)# 25 ignore ip 10.20.10.1 0.0.0.255 any...
Page 422 Classifier-Based Software Configuration Traffic Classes For example, QoS policies support QoS-specific actions, such as rate-limiting, 802.1p-priority, IP-precedence, and DSCP-codepoint assignment. Port and VLAN mirroring policies support mirror-destination assignment for matching packets. PBR policies support specifying the IP next-hop and IP default next- hop, tunnel ID, or null for matching packets.
Page 423 For information on the exact actions supported by QOS or mirroring classifier-based software features, refer to the appropriate chapter in the HP documentation set, as described in “Where to Go From Here” on page 8-38. Be sure to enter a class and its associated actions in the precise order in which you want packets to be checked and handled by class action commands.
Page 424 HP Switch(config-class)# match tcp any any eq 8080 HP Switch(config-class)# exit HP Switch(config)# policy qos RateLimitPrioritizeSuspectTraffic HP Switch(policy-qos)# class ipv4 http action rate-limit kbps 10000 HP Switch(policy-qos)# default-class action priority 4 action dscp 5 HP Switch(policy-qos)# exit Figure 8-8. Example of a Policy Configuration...
Page 425: Creating A Pbr Policy
Classifier-Based Software Configuration Traffic Classes Creating a PBR Policy PBR provides the ability to manipulate a packet’s path based on attributes of the packet. Traffic with the same destination can be routed over different paths, so that different types of traffic, such as VOIP or traffic with special security requirements, can be better managed.
Page 426 First the traffic classes are created, then the PBR policy is created, and lastly the PBR policy is applied to an interface. HP Switch(config)# class ipv4 TCP HP Switch(config-class)# match tcp 10.0.8.1/24 15.29.16.104/24 eq 80 HP Switch(config-class)# match tcp 10.0.8.1/24 15.29.16.104/24 eq 22 HP Switch(config-class)# match tcp 10.0.8.1/24 15.29.16.104/24 eq 23...
Page 427: Troubleshooting Pbr
Use the show statistics policy command to display information about which PBR action for an applied policy is active. Hitcounts for each entry in the class and policy with the active action are displayed. HP Switch(vlan-111)# show statistics policy TCP_UDP vlan 111 in HitCounts for Policy TCP_UDP Total 100 class ipv4 TCP action 10 match tcp 10.0.8.1 0.0.0.255 15.29.16.104 0.0.0.255 eq 80...
Page 428 Classifier-Based Software Configuration Traffic Classes To modify the class-action statements in a policy, enter the policy-config- ■ uration context with the policy <feature-name > <policy-name > command. (To display a policy configuration, enter the show policy < feature-name > < policy-name > command as shown in Figure 8-11.) Then do one of the following: •...
Page 429: Resequencing Classes In A Policy
Classifier-Based Software Configuration Traffic Classes Resequencing Classes in a Policy You can use the policy command with the resequence option to reconfigure the number at which the first class-action statement starts, and reset the interval used to number other class-actions. Resequencing class-actions is useful when you want to insert a new class- action between two numbered entries.
Page 430: Applying A Service Policy To An Interface
1. HP Switch(config)# policy resequence RatelimitPrioritizeSuspectTraffic 100 100 HP Switch(config)# )# policy qos RateLimitPrioritizeSuspectTraffic HP Switch(policy-qos)# 200 class ipv4 voice action priority 3 HP Switch(policy-qos)# exit HP Switch(config)# show policy RateLimitPrioritizeSuspectTraffic Statements for Policy policy qos "RateLimitPrioritizeSuspectTraffic"...
Page 431 Classifier-Based Software Configuration Traffic Classes N o t e If ICMP rate-limiting is already configured on a port, a service policy cannot be applied to the port until you disable the ICMP rate-limiting configuration. If you want to apply a service policy to the port, you can maintain ICMP rate- limiting by configuring a QoS policy in which you add the necessary match statements for ICMP packets to a class configuration and configure a rate-limit action for the class in the policy configuration.
Page 432 HP Switch(config)# interface a4 service-policy RateLimitPrioritizeSuspectTraf- fic in HP Switch(config)# vlan 10 service-policy RateLimitPrioritizeSuspectTraffic in Figure 8-12. Example of How to Configure an Interface with a Service Policy Checking Resource Usage. After you apply a service policy to an interface,...
Page 433: Displaying Statistics For A Policy
Classifier-Based Software Configuration Traffic Classes HP Switch(config)# show policy resources Includes hardware resources used by classifier- based QoS, mirroring, and PBR policies that are Resource usage in Policy Enforcement Engine currently applied to interfaces on the switch. Rules Rules Used...
Page 434: Where To Go From Here
Classifier-Based Software Configuration Traffic Classes HP Switch(vlan-111)# show statistics policy TCP_UDP vlan 111 in HitCounts for Policy TCP_UDP Total 100 class ipv4 TCP action 10 match tcp 10.0.8.1 0.0.0.255 15.29.16.104 0.0.0.255 eq 80 20 match tcp 10.0.8.1 0.0.0.255 15.29.16.104 0.0.0.255 eq 22 30 match tcp 10.0.8.1 0.0.0.255 15.29.16.104 0.0.0.255 eq 23...
Page 435: Zone Classes
Zone Classes Zone Classes Zone classes are used in conjunction with a technology called Transparent Mode. Both zone classes and Transparent Mode are supported on the HP 5400zl and 8200zl Switch Series when: ■ The switch is running software version K.14.58 and above An HP AllianceONE Extended Services zl Module is installed in the switch ■...
Page 436: Zone Class-Based Configuration
Associate the zone policy with the ONE application page 8-46 Zone class-based software configuration consists of the following general steps: Identify the traffic that you want the HP 8200zl or 5400zl switch to intercept and forward to the ONE application. Specifically, you need to know: •...
Page 437: Creating A Zone Class
To use Transparent Mode, you create a zone class and use the port-list com- mand to specify the ports that belong to a zone class. By default, the HP 5400zl or 8200zl switch supports a maximum of ten zones. Two are created automat- ically—BYPASS and SWITCH_SELF.
Page 438 Classifier-Based Software Configuration Zone Classes The zone classes you configure will be used later in the zone policies you create. To configure a zone class to be used in one or more policies, follow these steps: Enter the class zone command from the global configuration context. Context: Global configuration Syntax: [no] class zone <zone name>...
Page 439: Creating A Zone Policy
Classifier-Based Software Configuration Zone Classes HP Switch(config)# class zone internal HP Switch(config-class)# port-list a10-a24 HP Switch(config-class)# exit HP Switch(config)# class zone external HP Switch(config-class)# port-list a1 HP Switch(config-class)# exit Figure 8-15. Example of a Zone Class Configuration Creating a Zone Policy To create a zone policy that performs zone-specific actions on selected packets, enter the policy zone <policy-name>...
Page 440 Example. In the following policy configuration, traffic being sent from the internal zone to the external zone is intercepted, so that it can be forwarded to an application that is running on an HP AllianceONE Extended Services zl Module. 8-44...
Page 441: Modifying Zones And Policies
HP Switch(config)# class zone external HP Switch(config-class)# port-list a1-a4 HP Switch(config-class)# exit HP Switch(config)# policy zone Firewall HP Switch(policy-config)# class zone internal external action intercept unidirectional HP Switch(policy-config)# exit Figure 8-16. Example of a Policy Configuration Modifying Zones and Policies...
Page 442: Applying A Zone Policy To A One Application
Use the ONE application’s management interface to apply the zone poli- cies To apply zone policies through the ONE application, consult the HP Installa- tion and Getting Started Guide for that application. To apply a zone service policy from the switch CLI, enter the following command from the global configuration context.
Page 443 ONE application is installed is unavailable. The following example shows how to apply a zone policy: HP Switch(config)# zone-service-policy Firewall zone enable bind F1 appname Steelhead appinstance Steelhead-F fail-action bypass expire app-down Figure 8-17. Example zone-service-policy command...
Page 444: Troubleshooting Problems
However, using your terminal emulator’s text capture features, you can save show tech transparentmode data to a text file for viewing, printing, or sending to an associate or even HP Support. For example, if your terminal emulator is the HyperTerminal application available with Microsoft® Windows® soft-...
Page 445: Where To Go From Here
Where to Go From Here Zone service policies are designed to work with ONE applications that support Transparent Mode. (ONE applications run on HP AllianceONE Extended Services zl Modules.) Refer to the ONE application’s documentation for detailed information on how to configure zone classes and zone policies.
Page 446 Classifier-Based Software Configuration Zone Classes 8-50...
Page 447: Index
Index Numerics 802.1ad QinQ … 7-2, 7-4 Class of Service 802.1p priority defined … 5-4 definition … 5-4 Classifier determining outbound port queue … 5-77 benefits … 5-3, 5-71, 8-2 in DSCP policy … 5-5 class configuration mapped to DSCP codepoint … 5-80, 5-90 commands …...
Page 448 restrictions … 8-34 maximum age, 20 … 3-22 QoS configuration … 5-3, 5-71, 5-72, 8-3, 8-28, path cost values … 3-15 8-38 per port parameters … 3-24–3-28 examples … 5-88 pvst-filter, disabled … 3-34 resources used … 5-87 pvst-protection, disabled … 3-33 viewing …...
Page 449 8 QoS queues … 5-99 heartbeat packets in VLAN MAC GVRP … 3-6 configuration … 1-65 ACLs, restriction … 2-18 HP Networking advertisement … 2-18 switch documentation … -xiii advertisement, defined … 2-2 advertisement, responses to … 2-5 advertisements, generating … 2-10 auto option …...
Page 450 in ToS byte … 5-6, 5-42 show … 3-76, 3-77 in Traffic Class byte … 5-42 transmit-interval … 3-74 match criteria trap … 3-74 classifier … 5-73, 8-11 used for unmanaged devices … 3-2 global QoS … 5-40 VLAN list … 3-74 IPv4 loop, network …...
Page 451 connecting domains … 4-24 VLAN … 4-21 connecting multiple domains … 4-5 VLAN, dynamic … 4-5 domain … 4-2 VLAN, static … 4-5 domain, defined … 4-3 with IGMP … 4-21 dynamic vlan … 4-22 with network monitor port … 4-25 edge switch …...
Page 452 troubleshooting … 8-31 manually re-enabling port … 3-34 Policy-based routing … 8-2 protection … 3-32 port show configured ports … 3-35 blocked by STP operation … 3-8 blocked in mesh … 4-7 loop … 3-8 QinQ manually re-enabling … 3-34 configuration example …...
Page 453 meshing … 7-8, 7-10, 7-30 tag-type, tpid value … 7-10 mirroring/monitoring … 7-21, 7-31 use model … 7-2 multicast-routing … 7-31 used in a single enterprise … 7-2 QoS … 7-31 VID configuration options … 7-7, 7-9 routing … 7-31 VLAN configurations …...
Page 454 global configuration … 5-17 single point of failure, removing … 4-1 overview … 5-9 spanning tree See also match criteria. … 5-9 802.1s packet marking See spanning tree, 802.1s. 802.1p priority … 5-11, 5-15 blocked link … 3-10 classifier-based QoS … 5-15, 5-72 blocked port …...
Page 455 configuration … 3-19, 3-42 IST, dynamic VLAN … 3-13 configuration identifier … 3-12 IST, root switch … 3-11 configuration steps … 3-17 IST, switch membership … 3-11 configuration, BPDU port protection … 3-28 IST, VLAN membership … 3-6 configuration, exchanging … 3-42 legacy devices and the CST …...
Page 456 regional root bridge per-instance … 3-9 regional root switch … 3-11 cost change by mesh switch … 4-20 regional root switch, configuration … 3-13 subnet address … 1-5 regions, communication between … 3-13 switch meshing root bridge … 3-6 See mesh. root bridge per-instance …...
Page 457 802.1Q VLAN in mesh … 4-21 port configuration … 1-48 already exists, message … 1-43 port monitoring … 1-61 broadcast domain … 1-2 port restriction … 1-62 CLI, commands … 1-28 port trunk … 1-61 CLI, configuring parameters … 1-27 port-based …...
Page 458 service VLAN See S-VLAN show vlan ports detail … 1-29 single forwarding database … 1-17 static … 1-2, 1-4, 1-21, 1-27, 1-50 static, in switch mesh … 4-5 subnet … 1-2 S-VLAN (QinQ) … 7-3, 7-4 svlan mode (QinQ) … 7-5 switch capacity …...
Page 460 © Copyright 201 1 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty.

This manual is also suitable for:

6600 series 8200zl series 3500yl series E3500-24 5400zl series J9470a ... Show all

HP 3500 Series Advanced Traffic Management Manual

Product Documentation

About Your Switch Manual Set

Software Feature Index

1 Static Virtual Lans (Vlans)

Overview

Introduction

Terminology

Static VLAN Operation

VLAN Operating Rules

General Steps for Using Vlans

Multiple VLAN Considerations

Configuring Vlans

Special VLAN Types

Effect of Vlans on Other Switch Features

VLAN Restrictions

Migrating Layer 3 Vlans Using VLAN MAC Configuration

2 Gvrp

Overview

Introduction

General Operation

Per-Port Options for Dynamic VLAN Advertising and Joining

GVRP and VLAN Access Control

Planning for GVRP Operation

Configuring GVRP on a Switch

GVRP Operating Notes

3 Multiple Instance Spanning-Tree Operation

Overview

Configuring MSTP

Displaying MSTP Statistics and Configuration

Troubleshooting an MSTP Configuration

Loop Protection

STP Loop Guard

4 Switch Meshing

Introduction

Switch Meshing Fundamentals

Configuring Switch Meshing

Operating Notes for Switch Meshing

5 Quality of Service: Managing Bandwidth more Effectively

Using Quality of Service Policies

Qos Terminology

Qos Operation

Qos Packet Classification

Qos Traffic Marking

Globally-Configured Qos

Advanced Classifier-Based Qos

Differentiated Services Codepoint (DSCP) Mapping

Qos Queue Configuration

6 Stack Management for the 3500, 3500Yl, 6200Yl and 6600 Switches

Introduction to Stack Management on the 3500, 3500Yl, 6200Yl and 6600 Switches

Configuring Stack Management

7 Qinq (Provider Bridging)

Overview

Introduction

Configuring Qinq

Configuration Example

Updating Qinq Configurations

Displaying Qinq Config and Status

Effects of Qinq on Other Switch Features

Event Log Messages

8 Classifier-Based Software Configuration

Introduction

Traffic Classes

Zone Classes

Index

Quick Links

Troubleshooting

Related Manuals for HP 3500 Series

Summary of Contents for HP 3500 Series