HP 438031-B21 HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati
HP 438031-B21 - 1:10Gb Ethernet BL-c Switch Manual
UPC - 882780885165
View all HP 438031-B21 manuals
Add to My Manuals
Save this manual to your list of manuals |
HP 438031-B21 manual content summary:
- HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 1
HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Application Guide Part number: 445881-001 First edition: April 2007 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 2
to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 3
Contents Contents Accessing the switch Introduction ...9 Additional references ...10 Typographical conventions...10 Management Network...10 Connecting through the console port 11 Connecting through Telnet...11 Connecting through Secure Shell...11 Using the command line interfaces ...12 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 4
...46 Extensible authentication protocol over LAN 46 802.1x authentication process...47 EAPoL Message Exchange ...47 802.1x port states...48 Supported RADIUS attributes ...48 EAPoL configuration guidelines ...49 Port-based traffic control ...50 Configuring port-based traffic control 50 VLANs - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 5
example ...79 Configuring Multiple Spanning Tree Protocol (CLI example 79 Configuring Multiple Spanning Tree Protocol (BBI example 80 Quality of Service Introduction ...84 Overview...84 Using ACL filters ...85 Summary of packet classifiers ...85 Summary of ACL actions ...87 Understanding ACL - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 6
Access Control Lists (CLI example 90 Configure Access Control Lists and Groups (BBI example 1 91 Using DSCP values to provide QoS ...95 Differentiated Services concepts ...95 Per Hop Behavior...95 QoS levels ...96 Using 802.1p priorities to provide QoS 96 802.1p configuration (CLI example 98 802 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 7
Tree ...130 Internal versus external routing...131 OSPF implementation in HP 1:10GbE switch software 131 Configurable parameters ...131 Defining areas ...136 Host routes for load balancing ...137 OSPF features not supported in this release 138 OSPF configuration examples ...138 Example 1: Simple - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 8
methods...172 Active-Active redundancy ...172 HP 1:10GbE switch extensions to VRRP Task 1: Configure Switch A (BBI example 178 Troubleshooting tools Introduction ...188 Port Mirroring...188 Configuring (BBI example 190 Other network troubleshooting techniques 192 Console and Syslog messages - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 9
can exchange network monitoring data. • "High Availability" describes how the HP 1:10GbE switch supports high-availability network topologies. This release provides Uplink Failure Detection and Virtual Router Redundancy Protocol (VRRP). • "Troubleshooting tools" describes Port Mirroring and other - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 10
BL-c Switch User Guide • HP 1:10Gb Ethernet BL-c Switch Command Reference • HP 1:10Gb Ethernet BL-c Switch ISCLI Reference Guide • HP 1:10Gb Ethernet BL-c Switch Browser-based Interface Reference • HP 1:10Gb Ethernet BL-c Switch Quick Setup Instructions Typographical conventions The following - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 11
can configure the IP address of the management interface manually or through Dynamic Host Control Protocol (DHCP). the switch, see the HP 1:10Gb Ethernet BL-c Switch User Guide. Connecting through Telnet , minus certain commands. The switch supports four concurrent Telnet connections. To establish - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 12
configuration. The HP 1:10GbE switch provides two CLI modes You can set the HP 1:10GbE switch to use AOS CLI, see the HP 1:10Gb Ethernet BL-c , refer to the ISCLI Reference Guide. Configuring an IP interface An in the System Information menu (see the HP 1:10Gb Ethernet BL-c Switch Command Reference or - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 13
example shows how to manually configure an IP address through your Web browser. For more information, see the HP 1:10Gb Ethernet BL-c Switch Browser-based Interface Reference. , including IGMP Snooping. ○ QoS-Configure Quality of Service features. ○ Access Control-Configure Access Control Lists and - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 14
Accessing the switch Using Simple Network Management Protocol The switch software provides SNMP v1.0 and SNMP v3.0 support for access through any network management software, such as HP-OpenView. SNMP v1.0 To access the SNMP agent on the switch, the read and write community strings on the SNMP - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 15
Accessing the switch User configuration Users can be configured to use the authentication/privacy options. The HP 1:10GbE switch supports two authentication algorithms: MD5 and SHA, as specified in the following command: /cfg/sys/ssnmp/snmpv3/usm /auth md5|sha 1. To configure a user with name - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 16
Accessing the switch View based configurations CLI user equivalent To configure an SNMP user equivalent to the CLI user, use the following configuration: /c/sys/ssnmp/snmpv3/usm 4 name "usr" (Configure the user) /c/sys/ssnmp/snmpv3/access 3 name "usrgrp" (Configure access group 3) rview " - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 17
Accessing the switch CLI oper equivalent To configure an SNMP user equivalent to the CLI oper, use the following configuration: /c/sys/ssnmp/snmpv3/usm 5 name "oper" (Configure the oper) /c/sys/ssnmp/snmpv3/access 4 name "opergrp" (Configure access group 4) rview "oper" wview "oper" nview - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 18
10 name v1trap tag v1trap (Assign user to the notify table) 4. Specify the IP address and other trap parameters in the Target Address( targetAddr) and Target Parameters (targetParam) tables. Use the following command to specify the user name used with this targetParam table: c/sys/ssnmp/snmpv3 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 19
Accessing the switch SNMPv2 trap host configuration The SNMPv2 trap host configuration is similar to the SNMPv1 trap host configuration. Wherever you specify the model, specify snmpv2 instead of snmpv1. c/sys/ssnmp/snmpv3/usm 10 (Configure user named "v2trap") name "v2trap" /c/sys/ssnmp/ - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 20
(Set the authentication level) For more information on using SNMP, see the HP 1:10Gb Ethernet BL-c Switch Command Reference. See the HP 1:10Gb Ethernet BL-c Switch User Guide for a complete list of supported MIBs. Secure access to the switch Secure switch management is needed for environments - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 21
192.128-255). RADIUS authentication and authorization The switch supports the Remote Authentication Dial-in User Service (RADIUS) method to authenticate and authorize remote administrators Using RADIUS protocol, the authentication server instructs the switch to grant or deny administrative access. 21 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 22
Accessing the switch Configuring RADIUS on the switch (CLI example) To configure RADIUS on the switch, do the following: 1. Turn RADIUS authentication on, and then configure the Primary and Secondary RADIUS servers. For example: >> Main# /cfg/sys/radius (Select the RADIUS Server menu) >> - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 23
Configuring RADIUS on the switch (BBI example) 1. Configure RADIUS parameters. a. Click the Configure context button. b. Open the System folder, and select Radius. Accessing the switch c. Enter the IP address of the primary and secondary RADIUS servers, and enter the RADIUS secret for each server. - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 24
on the switch, based on the protocol definitions in RFC 2138 and RFC 2866. • Allows RADIUS secret password up to 32 bytes. • Supports secondary authentication server so that when the primary authentication server is unreachable, the switch can send client authentication requests to the secondary - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 25
of the switch. Administrators can access switch functions to configure and troubleshoot problems on the switch level. Because administrators can also make temporary User service type Vendor-supplied Vendor-supplied Value 255 252 TACACS+ authentication The switch software supports authentication, - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 26
ID database. 4. Using TACACS+ protocol, the authentication server instructs the switch to grant or deny administrative access. During a first attempts to log in to a device or gain access to its services. Switch software supports ASCII inbound login to the device. PAP, CHAP and ARAP login methods, - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 27
HP 1:10GbE switch management access levels. Use the command /cfg/sys/tacacs/usermap to manually map each TACACS+ privilege level (0-15) to a corresponding HP logins, configuration changes, and interactive commands. The switch supports the following TACACS+ accounting attributes: • protocol (console/ - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 28
Accessing the switch Configuring TACACS+ authentication on the switch (CLI example) 1. Turn TACACS+ authentication on, and then configure the Primary and Secondary TACACS+ servers. >> Main# /cfg/sys/tacacs (Select the TACACS+ Server menu) >> TACACS+ Server# on (Turn TACACS+ on) Current - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 29
Accessing the switch Configuring TACACS+ authentication on the switch (BBI example) 1. Configure TACACS+ authentication for the switch. a. Click the Configure context button. b. Open the System folder, and select Tacacs+. c. Enter the IP address of the primary and secondary TACACS+ servers, and - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 30
Accessing the switch e. Configure custom privilege-level mapping (optional). Click Submit to accept each mapping change. 2. Apply, verify, and save the configuration. Secure Shell and Secure Copy Secure Shell (SSH) and Secure Copy (SCP) use secure tunnels to encrypt and secure messages between a - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 31
clients from version 1.0 through version 2.0. Client software can use SSH version 1 or version 2. The following SSH clients are supported: • SSH 3.0.1 for Linux (freeware) • SecureCRT® 4.1.8 (VanDyke Technologies, Inc.) • OpenSSH_3.9 for Linux (FC 3) • FedoraCore 3 for SCP commands • PuTTY Release - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 32
Accessing the switch Configuring the SCP administrator password To configure the scpadmin (SCP administrator) password, first connect to the switch via the RS-232 management console. For security reasons, the scpadmin password can be configured only when connected directly to the switch console. To - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 33
authentication, RADIUS, TACACS+ Generating RSA host and server keys for SSH access To support the SSH server feature, two sets of RSA keys (host and server keys) via Telnet connection), and enter the following commands to generate them manually: >> # /cfg/sys/sshd/hkeygen (Generates the host key) - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 34
Accessing the switch A value of 0 denotes that RSA server key autogeneration is disabled. When greater than 0, the switch will auto generate the RSA server key every specified interval; however, RSA server key generation is skipped if the switch is busy doing other key or cipher generation when the - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 35
access level. By default, the end user is assigned to the user access level. To change the user's access level, enter the user Class of Service (cos) command, and select one of the available options. >> User ID 1 # cos 4. Enable the user ID. >> # /cfg/sys/access/user/uid /ena - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 36
to create a single, larger virtual link. The switch provides trunking support for the seven external ports, one crosslink port, and 16 server blade, and the enclosure type. For more information, see the HP 1:10Gb Ethernet BL-c Switch User Guide. Table 7 Ethernet switch port names Port number 1 2 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 37
link operating at up to five Gigabits per second, depending on how many physical ports are combined. The switch supports up to 12 trunk groups per switch, each with up to six ports per trunk group. The trunking is maintained whenever a link in a trunk group is lost or returned to service. 37 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 38
Server 1 and a link from Server 2 into one trunk group. • Any physical switch port can belong to only one trunk group. • Trunking from non-HP devices must comply with Cisco® EtherChannel® technology. • All trunk member ports must be assigned to the same VLAN configuration before the trunk can be - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 39
dependant on the operating system software, the type of server blade, and the enclosure type. For more information, see the HP 1:10Gb Ethernet BL-c Switch User Guide. Figure 1 Port trunk group configuration example The trunk groups are configured as follows: Trunk groups 2-5 consist of two Gigabit - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 40
Save for restore after reboot) NOTE: In this example, two switches are used. Any third-party device supporting link aggregation should be configured manually. Connection problems might arise when using automatic trunk group negotiation on the third-party device. 3. Examine the trunking information - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 41
Configuring trunk groups (BBI example) 1. Configure trunk groups. a. Click the Configure context button on the Toolbar. b. Open the Layer 2 folder, and select Trunk Groups. Ports and trunking c. Click a Trunk Group number to select it. 41 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 42
Ports and trunking d. Enable the Trunk Group. To add ports, select each port in the Ports Available list, and click Add. e. Click Submit. 2. Apply, verify, and save the configuration. 3. Examine the trunking information on each switch. a. Click the Dashboard context button on the Toolbar. 42 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 43
and that each port is in the expected state. Configurable Trunk Hash algorithm This feature allows you to configure the particular parameters for the HP 1:10GbE switch Trunk Hash algorithm instead of having to utilize the defaults. You can configure new default behavior for Layer 2 traffic and Layer - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 44
as a dynamic trunk group or Link Aggregation group) with any device that supports the standard. Refer to the IEEE 802.3ad-2002 for a full is an integer value (1-65535) that you can configure in the CLI. Each HP 1:10GbE switch port that participates in the same LACP trunk group must have the - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 45
Ports and trunking Each port in the HP 1:10GbE switch can have one of the following LACP modes. • off (default)-The user can configure this port in to a regular static trunk group. • active- - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 46
802.1x Port States • Supported RADIUS Attributes • Configuration Guidelines Extensible authentication protocol over LAN HP 1:10GbE switch software can unauthorized to authorized state, and the client is allowed full access to services through the port. When the client sends an EAP-Logoff message to - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 47
Port-based Network Access and traffic control 802.1x authentication process The clients and authenticators communicate using Extensible Authentication Protocol (EAP), which was originally designed to run over PPP, and for which the IEEE 802.1x Standard has defined an encapsulation method over - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 48
to authorized state, and the client is allowed full access to services through the controlled port. When the client later sends an EAPOL (/cfg/l2/8021x/port x) to configure a single port. Supported RADIUS attributes The HP 1:10GbE switch 802.1x Authenticator relies on external RADIUS servers for - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 49
is in the unauthorized state. • The 802.1x supplicant capability is not supported. Therefore, none of its ports can connect successfully to an 802.1x-enabled configured in forcedauthorized mode. For example, if a HP 1:10GbE switch is connected to another HP 1:10GbE switch, and if 802.1x is enabled - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 50
, and TerminationAction. RADIUS accounting service for 802.1x-authenticated devices or users is not supported. Configuration changes performed using SNMP and the standard 802.1x MIB take effect immediately. Port-based traffic control Port-based traffic control prevents HP 1:10GbE switch ports from - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 51
can be done from the command line interface. See the HP 1:10Gb Ethernet BL-c Switch Command Reference. Overview Setting up port VLAN ID numbers VLAN numbers The HP 1:10GbE switch supports up to 1,000 VLANs per switch. Even though the maximum number of VLANs supported at any given time is 1,000, - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 52
VLANs Viewing VLANs The VLAN information menu (/info/l2/vlan) displays all configured VLANs and all member ports that have an active link state, for example: >> Layer 2# vlan VLAN Name Status Ports 1 Default VLAN ena 1 4-18 19-25 2 VLAN 2 ena 2 3 4095 VLAN 4095 ena 18 PVID numbers - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 53
of frames transmitted on a tagged port, you must carefully plan network designs to prevent tagged frames from being transmitted to devices that do not support 802.1Q VLAN tags, or devices where tagging is not enabled. Important terms used with the 802.1Q tagging feature are: • VLAN identifier (VID - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 54
Figure 3 Default VLAN settings VLANs NOTE: The port numbers specified in these illustrations may not directly correspond to the physical port configuration of your switch model. When you configure VLANs, you configure the switch ports as tagged or untagged members of specific VLANs. See the - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 55
Figure 5 802.1Q tagging (after port-based VLAN assignment) VLANs In the following figure, the tagged incoming packet is assigned directly to VLAN 2 because of the tag assignment in the packet. Port 5 is configured as a tagged member of VLAN 2, and port 7 is configured as an untagged member of VLAN - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 56
Figure 7 802.1Q tagging (after 802.1Q tag assignment) VLANs NOTE: Using the /boot/conf factory command resets all ports to VLAN 1 (except management port 18) and all other settings to the factory defaults at the next reboot. VLANs and IP interfaces Carefully consider how you create VLANs within - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 57
rules which must be considered when creating VLANs. For example: • HP recommends that all ports involved in trunking and Port Mirroring have the on configuring Port Mirroring, see the "Port Mirroring" section in the "Troubleshooting tools" appendix. • When you delete a VLAN, untagged ports are moved - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 58
Figure 8 Multiple VLANs with VLAN tagging VLANs The features of this VLAN are described in the following table: Table 10 Multiple VLANs with tagging Component Switch 1 Switch 2 Description Switch 1 is configured for VLANS 1, 2, and 3. Port 1 is tagged to accept traffic from VLANs 1 and 2. Port - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 59
VLANs Table 10 Multiple VLANs with tagging Component Blade Server #1 Blade Server #2 PC #1 PC #2 PC #3 PC #4 PC #5 Description This high-use blade server needs to be accessed from all VLANs and IP subnets. The server has a VLAN-tagging adapter installed with VLAN tagging turned on. One adapter is - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 60
17 changed to tagged. (Select crosslink link port 17) (Enable tagging) Main# /cfg/port 19 >> Port 19# tag e Current VLAN tag support: disabled New VLAN tag support: enabled Port 19 changed to tagged. >> Port 19# apply (Select uplink port 19) (Enable tagging) (Apply the port configurations - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 61
17 changed to tagged. (Select crosslink link port 17) (Enable tagging) Main# /cfg/port 19 >> Port 19# tag e Current VLAN tag support: disabled New VLAN tag support: enabled Port 19 changed to tagged. >> Port 19# apply (Select uplink port 19) (Enable tagging) (Apply the port configurations - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 62
VLANs Configuring ports and VLANs on Switch 1 (BBI example) To configure ports and VLANs on Switch 1, do the following: 1. On the switch 1, enable VLAN tagging on the necessary ports. a. Click the Configure context button on the Toolbar. b. Open the Switch folder, and select Switch Ports (click the - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 63
d. Enable the port and enable VLAN tagging. VLANs e. Click Submit. 2. Configure the VLANs and their member ports. a. Open the Virtual LANs folder, and select Add VLAN. 63 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 64
VLANs b. Enter the VLAN name, VLAN ID number, and enable the VLAN. To add ports, select each port in the Ports Available list and click Add. Since all ports are configured for VLAN 1 by default, configure only those ports that belong to VLAN 2. The crosslink port 17 must belong to VLAN 1 and VLAN 2. - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 65
flooding ports to perform a lookup. A FDB static entry is a MAC address associated with a specific port and VLAN. The switch supports 128 static entries. Static entries are manually configured, using the following command: /cfg/l2/fdb/static FDB static entries are permanent, so the FDB Aging value - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 66
up another active path on the network to sustain network operations. The switch supports IEEE 802.1d Spanning Tree Protocol for STG 1, and Per VLAN Spanning Tree more information, see the "RSTP and MSTP" chapter in this guide. Bridge Protocol Data Units To create a spanning tree, the application - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 67
Spanning Tree Protocol Determining the path for forwarding BPDUs When determining which port to use for forwarding and which port to block, the switch uses information in the BPDU, including each bridge priority ID. A technique based on the lowest root cost is then computed to determine the most - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 68
Spanning Tree Protocol Adding a VLAN to a Spanning Tree Group If no VLANs exist beyond the default VLAN 1, see the "Creating a VLAN" section in this chapter for information on adding ports to VLANs. Add the VLAN to the STG using the command /cfg/l2/stp /add . Creating a VLAN - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 69
Forwarding state. Multiple Spanning Trees Each switch supports a maximum of 128 Spanning Tree Groups ( ). The switch supports 128 STGs running simultaneously. The default STG 1 supports IEEE 802.1d support Per VLAN Spanning Tree (PVST+), and may contain only one VLAN each. The switch can support - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 70
Spanning Tree Protocol Why do we need Multiple Spanning Trees? The following figure shows a simple example of why we need multiple Spanning Trees. This example assumes that port 24 and 25 are not part of a Trunk Group. Two VLANs (VLAN 1 and VLAN 2) exist between Switch 1 and Switch 2. If the same - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 71
VLAN membership on Switch 1 as described in the "Configuring ports and VLANs on Switch 1 (CLI example)" section, in the "VLANs" chapter of this guide. 2. Add VLAN 2 to Spanning Tree Group 2. >> /cfg/l2/stp 2 >> Spanning Tree Group 2# add 2 (Select Spanning Tree Group 2) (Add VLAN 2) 3. VLAN 2 is - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 72
membership on Switch 1 as described in the "Configuring ports and VLANs on Switch 1 (BBI example)" section, in the "VLANs" chapter of this guide. 2. Add VLAN 2 to Spanning Tree Group 2. a. Click the Configure context button on the Toolbar. b. Select Spanning Tree Groups (click the underlined text - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 73
Spanning Tree Protocol d. Enter the Spanning Tree Group number and set the Switch Spanning Tree State to on. To add a VLAN to the Spanning Tree Group, select the VLAN in the VLANs Available list, and click Add. VLAN 2 is automatically removed from Spanning Tree Group 1. e. Scroll down, and click - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 74
Spanning Tree Protocol Port Fast Forwarding Port Fast Forwarding permits a port that participates in Spanning Tree to bypass the Listening and Learning states and enter directly into the Forwarding state. While in the Forwarding state, the port listens to the BPDUs to learn if there is a loop and, - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 75
Spanning Tree Protocol, see the "Spanning Tree Protocol" chapter in this guide. RSTP parameters are configured in Spanning Tree Group 1. STP Groups 2-128 to RSTP, and must be cleared. There are new STP parameters to support RSTP, and some values to existing parameters are different. RSTP is - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 76
and link type Spanning Tree Configuration includes the following parameters to support RSTP and MSTP: • Edge port • Link type Although "Configuring ports and VLANs (CLI example)" section in the "VLANs" chapter of this guide. 2. Set the Spanning Tree mode to Rapid Spanning Tree. >> /cfg/l2/mrst - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 77
VLAN membership on the switch, as described in the "Configuring ports and VLANs (BBI example)" section in the "VLANs" chapter of this guide. 2. Configure RSTP general parameters. a. Click the Configure context button on the Toolbar. b. Open the MSTP/RSTP folder, and select General. c. Select RSTP - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 78
. This approach provides multiple forwarding paths for data traffic, enabling load balancing, and reducing the number of Spanning-Tree instances required to support a large number of VLANs. MSTP region A group of interconnected bridges that share the same attributes is called an MST region. Each - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 79
VLAN membership on the switch, as described in the "Configuring ports and VLANs (CLI example)" section in the "VLANs" chapter of this guide. 2. Set the mode to Multiple Spanning Tree, and configure MSTP region parameters. >> /cfg/l2/ mrst (Select Multiple Spanning Tree menu) >> Multiple Spanning - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 80
and VLAN membership on the switch, as described in the "Configuring ports and VLANs (BBI example)" section in the "VLANs" chapter of this guide. 2. Configure MSTP general parameters. a. Click the Configure context button on the Toolbar. b. Open the MSTP/RSTP folder, and select General. c. Enter the - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 81
3. Configure Common Internal Spanning Trees (CIST) bridge parameters. a. Open the MSTP/RSTP folder, and select CIST-Bridge. RSTP and MSTP b. Enter the Bridge Priority, Maximum Age, and Forward Delay values. c. Click Submit. 81 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 82
4. Configure Common Internal Spanning Tree (CIST) port parameters. a. Open the MSTP/RSTP folder, and select CIST-Ports. RSTP and MSTP b. Click a port number to select it. 82 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 83
RSTP and MSTP c. Enter the Port Priority, Path Cost, and select the Link Type. Set the CIST Port State to ON. d. Click Submit. 5. Apply, verify, and save the configuration. 83 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 84
thereby providing better service for selected applications. The following figure shows the basic QoS model used by the HP 1:10GbE switch. traffic attributes match those specified in a traffic pattern, the policy instructs the switch to perform specified actions on each packet that passes through - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 85
Quality of Service The basic HP 1:10GbE switch QoS model works as follows: • Classify traffic: ○ Read 802.1p that allow you to classify and segment traffic, so you can provide different levels of service to different traffic types. Each filter defines the conditions that must match for inclusion in - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 86
Quality of Service Table 14 Well-known protocol types Number 89 112 Protocol Name ospf vrrp • TCP/UDP ○ TCP/UDP application source port, as shown in the table - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 87
Quality of Service • Packet Format ○ Ethernet format (eth2, SNAP, LLC) ○ Ethernet the destination port is a trunk member. Summary of ACL actions Actions determine how the traffic is treated. The HP 1:10GbE switch QoS actions include the following: • Pass or Drop • Re-mark a new DiffServ Code Point - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 88
Quality of Service Using ACL Groups Access Control Lists (ACLs) allow you to classify packets number, destination port number, and others. Packet classifiers identify flows for more processing. The HP 1:10GbE switch supports up to 896 ACLs. Each ACL defines one filter rule. Each filter rule is a - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 89
Quality of Service ACL Metering and Re-marking You can define a profile for the aggregate traffic flowing through the HP 1:10GbE switch, by precedence levels. ACL Group 1 has precedence over ACL Group 2. Each port supports up to seven precedence levels. Actions taken by an ACL are called In-Profile - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 90
Quality of Service ACL configuration examples Configure Access Control Lists (CLI example) The following configuration examples illustrate how to use Access Control Lists (ACLs) to block traffic. These - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 91
Quality of Service • Example 3 Use this configuration to block traffic from a source that is destined for a specific egress port. >> Main# /cfg/acl/acl 1 (Define ACL 1) >> ACL 1# ethernet/smac - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 92
Quality of Service c. Configure the ACL parameters. Set the Filter Action to Deny, the Ethernet Type to IPv4, and the Destination IP Address to 100.10.1.116. d. Click Submit. 2. Apply, verify, and save the configuration. 92 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 93
3. Add ACL 1 to port 1. a. Click the Configure context button on the Toolbar. b. Select Switch Ports (click the underlined text, not the folder). Quality of Service c. Select a port. 93 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 94
d. Add the ACL to the port. Quality of Service e. Click Submit. 4. Apply, verify, and save the configuration. 94 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 95
packets, based on the DSCP value, as they hop through the network. The HP 1:10GbE switch default settings are based on the following standard PHBs, as defined in RFC 2598. • Assured Forwarding (AF)-This PHB contains four service levels, each with a different drop precedence, as shown below. Routers - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 96
, CS3 AF21, AF22, AF23, CS2 AF11, AF12, AF13, CS1 802.1p Priority 7 6 5 4 3 2 1 Using 802.1p priorities to provide QoS The HP 1:10GbE switch software provides Quality of Service functions based on the priority bits in a packet's VLAN header. (The priority bits are defined by the 802.1p standard - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 97
Quality of Service The IEEE 802.1p standard uses eight levels of priority (0-7). Priority Use the /cfg/qos/8021p/cur command to display the mapping between 802.1p values, Class of Service queues (COSq), and COSq scheduling weights. >> 802.1p# cur Current priority to COS queue configuration: Number - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 98
Quality of Service 802.1p configuration (CLI example) 1. Configure a port's default 802.1 priority. >> Main# cfg/port 20 (Select port) >> Port 20# 8021ppri (Set port's default 802.1p priority) - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 99
c. Select a port. Quality of Service 99 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 100
d. Set the 802.1p priority value. Quality of Service e. Click Submit. 100 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 101
value to a COS queue. a. Click the Configure context button on the Toolbar. b. Open the 802.1p folder, and select Priority - CoS. Quality of Service c. Select an 802.1p priority value. d. Select a Class of Service queue (CoSQ) to correlate with the 802.1p priority value. e. Click Submit. 101 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 102
3. Set the COS queue scheduling weight. a. Click the Configure context button on the Toolbar. b. Open the 802.1p folder, and select CoS - Weight. Quality of Service c. Select a Class of Service queue (CoS). d. Enter a value for the weight of the Class of Service queue. e. Click Submit. 102 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 103
Queuing and scheduling The switch can be configured with either two or eight output Class of Service queues (COSq) per port, into which each packet is placed. Each packet's 802.1p priority weight of each COS queue. Use the 802.1p menu (/cfg/qos/8021p) to configure Class of Service queues. 103 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 104
faster switched topologies, particularly now that switches are increasingly intelligent. HP 1:10GbE switches are intelligent and fast enough to perform routing functions switching in a single device provides another service-it allows you to build versatile topologies that account for legacy - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 105
to better logical subnets (a daunting task), competition for access to common server pools on different subnets still burdens the routers. This problem is solved by using HP 1:10GbE switch with built-in IP routing capabilities. Cross-subnet LAN traffic can now be routed within the switches with wire - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 106
Basic IP routing Take a closer look at the HP 1:10GbE switch in the following configuration example: Figure 15 Switch-based routing topology The switch connects the Gigabit Ethernet and Fast Ethernet trunks from various - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 107
administrator. NOTE: For details about accessing and using any of the menu commands described in this example, see the HP c-Class 1:10Gb Ethernet Blade Switch Command Reference Guide. 1. Assign an IP address (or document the existing one) for each router and client workstation. 2. In the example - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 108
Basic IP routing 8. Configuring the default gateways allows the switch to send outbound traffic to the routers: >> IP Interface 5# ../gw 1 (Select primary default gateway) >> Default gateway 1# addr 205.21.17.1(Assign IP address) >> Default gateway 1# ena (Enable primary default gateway) >> - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 109
and configuration information to other IP hosts or clients in a large TCP/IP network. Without DHCP, the IP address must be entered manually for each network device. DHCP allows a network administrator to distribute IP addresses from a central point and automatically send a new IP address when - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 110
each subnet that has hosts needing to perform the DHCP request. DHCP relay agent DHCP is described in RFC 2131, and the DHCP relay agent supported on HP 1:10GbE switches is described in RFC 1542. DHCP uses UDP as its transport protocol. The client sends messages to the server on port 67 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 111
Basic IP routing In HP 1:10GbE switch implementation, there is no need for primary or secondary servers. The client request is forwarded to the BOOTP servers configured on the switch. The use of two servers provides failover redundancy. However, no health checking is supported. Use the following - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 112
about available routes dynamically, using the Routing Information Protocol (RIP). HP 1:10GbE switch software supports RIP version 1 (RIPv1) and RIP version 2 (RIPv2) for Information Protocol Configuration (/cfg/l3/rip) in the HP c-Class 1:10Gb Ethernet Blade Switch Command Reference Guide. 112 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 113
. NOTE: When using both RIPv1 and RIPv2 within a network, use a single subnet mask throughout the network. RIP Features HP 1:10GbE switch software provides the following features to support RIPv1 and RIPv2: Poison Simple split horizon in RIP scheme omits routes learned from one neighbor in updates - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 114
Routing Information Protocol Multicast RIPv2 messages use IP multicast address (224.0.0.9) for periodic broadcasts. Multicast RIPv2 announcements are not processed by RIPv1 routers. IGMP is not needed since these are inter-router messages which are not forwarded. To configure RIPv2 in RIPv1- - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 115
Routing Information Protocol RIP configuration example NOTE: An interface RIP disabled uses all the default values of the RIP, no matter how the RIP parameters are configured for that interface. RIP sends out RIP regular updates to include an Up interface, but not a Down interface. 1. Add VLANs - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 116
and forwards multicast data only to those ports. In this way, other ports are not burdened with unwanted multicast traffic. The switch currently supports snooping for IGMP version 1, version 2, and version 3. The switch can sense IGMP Membership Reports from attached host servers and act as a proxy - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 117
is terminated immediately. A maximum of 8 VLANs can be configured for IGMP Snooping. The switch can learn up to 16 multicast routers, and supports up to 1,000 multicast groups. IGMPv3 IGMPv3 includes new membership report messages to extend IGMP functionality. The switch provides snooping capability - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 118
IGMP Snooping IGMP Filtering With IGMP Filtering, you can allow or deny a port to send and receive multicast traffic to certain multicast groups. Unauthorized users are restricted from streaming multicast traffic across the network. If access to a multicast group is denied, IGMP Membership Reports - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 119
not have to be learned through IGMP Snooping. You can configure static Mrouters on any switch port except the management port 18. The switch supports up to total of sixteen static Mrouters. When you configure a static Mrouter on a VLAN, it replaces any dynamic Mrouters learned through IGMP Snooping - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 120
IGMP Snooping Configuring IGMP Filtering (CLI example) 1. Enable IGMP Filtering on the switch. >> /cfg/l3/igmp/igmpflt >> IGMP Filter# ena Current status: disabled New status: enabled (Select IGMP Filtering menu) (Enable IGMP Filtering) 2. Define an IGMP Filter. >> //cfg/l3/igmp/igmpflt ( - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 121
IGMP Snooping Configuring IGMP Snooping (BBI example) 1. Configure port and VLAN membership on the switch, as described in the "Configuring ports and VLANs (BBI example)" section in the "VLANs" chapter. 2. Configure IGMP Snooping. a. Click the Configure context button. b. Open the IGMP folder, and - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 122
c. Enable IGMP Snooping. IGMP Snooping d. Click Submit. 122 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 123
3. Apply, verify, and save the configuration. IGMP Snooping Configuring IGMP Filtering (BBI example) 1. Configure IGMP Snooping. 2. Enable IGMP Filtering. a. Click the Configure context button. b. Open the IGMP folder, and select IGMP Filters (click the underlined text, not the folder). 123 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 124
c. Enable IGMP Filtering globally. IGMP Snooping d. Click Submit. 3. Define the IGMP Filter. a. Select Layer 3 > IGMP > IGMP Filters > Add Filter. 124 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 125
IGMP Snooping b. Enable the IGMP Filter. Assign the range of IP multicast addresses and the filter action (allow or deny). c. Click Submit. 4. Assign the filter to a port and enable IGMP Filtering on the port. a. Select Layer 3 > IGMP > IGMP Filters > Switch Ports. 125 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 126
b. Select a port from the list. IGMP Snooping c. Enable IGMP Filtering on the port. Select a filter in the IGMP Filters Available list, and click Add. d. Click Submit. 5. Apply, verify, and save the configuration. 126 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 127
IGMP Snooping Configuring a Static Multicast Router (BBI example) 1. Configure Static Mrouter. a. Click the Configure context button. b. Open the Switch folder and select Layer 3 > IGMP > IGMP Static Mrouter > Add Mrouter. c. Enter a port number, VLAN ID number, and IGMP version number. d. Click - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 128
detailed in Internet RFC 1583. The following sections discuss OSPF support for the HP 1:10GbE switch: • OSPF Overview: This section provides information OSPF Configuration Examples. This section provides step-by-step instructions on configuring different configuration examples: ○ Creating a simple - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 129
Figure 17 OSPF area types OSPF Types of OSPF routing devices As shown in the figure, OSPF uses the following types of routing devices: • Internal Router (IR)-a router that has all of its interfaces within the same area. IRs maintain LSDBs identical to those of other routing devices within the - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 130
OSPF Neighbors and adjacencies In areas with two or more routing devices, neighbors and adjacencies are formed. Neighbors are routing devices that maintain information about each others' health. To establish neighbor relationships, routing devices periodically send hello packets on each of their - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 131
for any address in the 192.204.4.0/24 range, it will carry that data to its destination. OSPF implementation in HP 1:10GbE switch software The HP 1:10GbE switch supports a single instance of OSPF and up to 4 K routes on the network. The following sections describe OSPF implementation in switch - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 132
. • Default routes-Default routes with weight metrics can be manually injected into transit areas. This helps establish a preferred route when areas (see "Virtual Links"). Up to three OSPF areas can be connected to the HP 1:10GbE switch. To configure an area, the OSPF number must be defined and then - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 133
switch as areaid 2.2.2.2. NOTE: Although both types of area ID formats are supported, be sure that the area IDs are in the same format throughout an the bandwidth of the interface. Low cost indicates high bandwidth. You can manually enter the cost for the output route with the following command: >> - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 134
OSPF Electing the designated router and backup In any area with more than two routing devices, a Designated Router (DR) is elected as the central contact for database exchanges among neighbors, and a Backup Designated Router (BDR) is elected in case the DR fails. DR and BDR elections are made - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 135
is the IP address of the virtual neighbor (nbr), the routing device at the target endpoint. Another router ID is needed when configuring a virtual link in the other ID. This is the default. • Statically-Use the following command to manually configure the router ID >> # /cfg/l3/rtrid To - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 136
uses IP multicast when sending and receiving packets. Routers participate in routing domains based on predefined passwords. The switch software supports simple password (type 1 plain text passwords) and MD5 cryptographic authentication. This type of authentication allows a password to be configured - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 137
/cfg/l3/ospf/virt 1/mdkey 2 Host routes for load balancing The HP 1:10GbE switch implementation of OSPF includes host routes. Host routes are used traffic among multiple ABRs. To accomplish this, each switch provides identical services but advertises a host route for a different IP address to the - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 138
in this release The following OSPF features are not supported in this release: • Summarizing external routes • Filtering of the basic steps for configuring OSPF on the switch is listed here. Detailed instructions for each of the steps are covered in the following sections: • Configure IP interfaces - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 139
OSPF Follow this procedure to configure OSPF support as shown in the figure. 1. Configure IP interfaces on each network that will be attached to OSPF areas. 2. In this example, two IP interfaces are - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 140
b. Open the IP Interfaces folder, and select Add IP Interface. OSPF c. Configure an IP interface. Enter the IP address, subnet mask, and enable the interface. d. Click Submit. 2. Apply, verify, and save the configuration. 140 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 141
3. Enable OSPF. a. Open the OSPF Routing Protocol folder, and select General. OSPF b. Enable OSPF. c. Click Submit. 141 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 142
4. Configure OSPF Areas. a. Open the OSPF Areas folder, and select Add OSPF Area. OSPF 142 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 143
b. Configure the OSPF backbone area 0. OSPF c. Click Submit. d. Select Add OSPF Area. e. Configure the OSPF area 1. f. Click Submit. 143 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 144
5. Configure OSPF Interfaces. a. Open the OSPF Interfaces folder, and select Add OSPF Interface. OSPF 144 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 145
b. Configure the OSPF Interface 1, and attach it to the backbone area 0. OSPF c. Click Submit. d. Select Add OSPF Interface. 145 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 146
e. Configure the OSPF Interface 2, and attach it to the stub area 1. OSPF f. Click Submit. 6. Apply, verify, and save the configuration. 146 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 147
virtual links. Later, when configuring the other end of the virtual link on Switch B, the router ID specified here will be used as the target virtual neighbor (nbr) address >> IP Interface 2 # /cfg/l3/rtrid 10.10.10.1 (Set static router ID) 4. Enable OSPF. >> IP # /cfg/l3/ospf/on 5. Define - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 148
2) 3. Configure the router ID. 4. A router ID is required when configuring virtual links. This router ID should be the same one specified as the target virtual neighbor (nbr) on Switch A. >> IP Interface 2 # /cfg/l3/rtrid 10.10.14.1(Set static router ID) 5. Enable OSPF. >> IP# /cfg/l3/ospf - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 149
OSPF 8. Define the transit area. >> OSPF Area (index) 0 # ../aindex 1 (Select menu for area index 1) >> OSPF Area (index) 1 # areaid 0.0.0.1(Set the area ID for OSPF area 1) >> OSPF Area (index) 1 # type transit (Define area as transit type) >> OSPF Area (index) 1 # enable (Enable the area) - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 150
option. In this example, routes in the range 36.128.200.0 through 36.128.200.255 are kept private. Follow this procedure to configure OSPF support on Switch A and Switch B, as shown in the figure. 1. Configure IP interfaces for each network which will be attached to OSPF areas. >> # /cfg/l3/if - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 151
on your switch: • /info/l3/ospf/general • /info/l3/ospf/nbr • /info/l3/ospf/dbase/dbsum • /info/l3/ospf/routes • /stats/l3/route See the HP c-Class 1:10Gb Ethernet Blade Switch Command Reference Guide for information on the above commands. 151 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 152
RMON Groups, as described in RFC 1757: • Group 1: Statistics • Group 2: History • Group 3: Alarms • Group 9: Events RMON group 1-statistics The switch supports collection of Ethernet statistics as outlined in the RMON statistics MIB, in reference to etherStatsTable. You can enable RMON statistics on - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 153
Remote monitoring Configuring RMON Statistics (CLI example) 1. Enable RMON on each port where you wish to collect RMON statistics. >> /cfg/port 23/rmon (Select Port 23 RMON) >> Port 23 RMON# ena (Enable RMON) >> Port 23 RMON# apply (Make your changes active) >> Port 23 RMON# save (Save for - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 154
2. Select a port. Remote monitoring 3. Enable RMON on the port. 154 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 155
4. Click Submit. 5. Apply, verify, and save the configuration. Remote monitoring RMON group 2-history The RMON History group allows you to sample and archive Ethernet statistics for a specific interface during a specific time interval. NOTE: RMON port statistics must be enabled for the port before - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 156
Remote monitoring Configure RMON History (CLI example) 1. Enable RMON on each port where you wish to collect RMON History. >> /cfg/port 23/rmon (Select Port 23 RMON) >> Port 23# ena (Enable RMON) >> Port 23 RMON# apply (Make your changes active) >> Port 23 RMON# save (Save for restore - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 157
2. Configure RMON History Group parameters. Remote monitoring 3. Click Submit. 4. Apply, verify, and save the configuration. RMON group 3-alarms The RMON Alarm group allows you to define a set of thresholds used to determine network performance. When a configured threshold is crossed, an alarm is - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 158
Remote monitoring • 258 = port 2 • 280 = port 24 This value represents the alarm's MIB OID, as a string. Note that for non-tables, you must supply a .0 to specify end node. Configure RMON Alarms (CLI example 1) 1. Configure the RMON Alarm parameters to track the number of packets received on a - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 159
Remote monitoring Configure RMON Alarms (BBI example 1) 1. Configure an RMON Alarm group. a. Click the Configure context button. b. Open the Switch folder, and select RMON > Alarm > Add Alarm Group. c. Configure RMON Alarm Group parameters to check ifInOctets on port 20 once every hour. Enter a - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 160
3. Apply, verify, and save the configuration. Remote monitoring Configure RMON Alarms (BBI example 2) 1. Configure an RMON Alarm group. a. Click the Configure context button. b. Open the Switch folder, and select RMON > Alarm > Add Alarm Group. 160 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 161
Remote monitoring c. Configure RMON Alarm Group parameters to check icmpInEchos, with a polling interval of 60, a rising limit of 200, and a rising event index of 5. This configuration creates an RMON alarm that checks icmpInEchos on the switch once every minute. If the statistic exceeds 200 within - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 162
Remote monitoring Configuring RMON Events (CLI example) 1. Configure the RMON Event parameters. >> /cfg/rmon/event 5 (Select RMON Event 5) >> RMON Event 5# descn "SYSLOG_generation_event" >> RMON Event 5# type log >> RMON Event 5# owner "Owner_event_5" 2. Apply and save the configuration. >> - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 163
2. Click Submit. 3. Apply, verify, and save the configuration. Remote monitoring 163 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 164
designed to support Network Adapter Teaming on HP server blades. For details about Network Adapter Teaming on HP ProLiant server . The switch automatically enables the downlink ports when the uplink returns to service. The following figure shows a basic UFD configuration, with a Failure Detection - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 165
Protocol trunks. When the switch detects a link failure on the LtM, it automatically disables all ports in the LtD. When the LtM returns to service, the switch automatically enables all ports in the LtD. Spanning Tree Protocol with UFD If Spanning Tree Protocol (STP) is enabled on ports in the - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 166
not available on the blade switches. • Only one Failure Detection pair (one group of Links to Monitor and one group of Links to Disable) is supported on each switch (all VLANs and Spanning Tree Groups). • An LtM can be either one uplink port or one Multi-Link trunk group of uplink - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 167
High availability In this example, NIC 1 is the primary network adapter; NIC 2, NIC 3, and NIC 4 are non-primary adapters. NIC 1 and NIC 2 are connected to port 1 and port 2 on Blade Switch 1. NIC 3 and NIC 4 are connected to port 1 and port 2 on Blade Switch 2. Configuring UFD on Switch 1 (CLI - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 168
High availability Configuring Uplink Failure Detection (BBI example) 1. Configure Uplink Failure Detection. a. Click the Configure context button. b. Open the Switch folder, and select Uplink Failure Detection (click the underlined text, not the folder). c. Turn Uplink Failure Detection on, and then - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 169
High availability d. Enable the FDP. Select ports in the LtM Ports Available list, and click Add to place the ports into the Link to Monitor (LtM). Select ports in the LtD Ports Available list, and click Add to place the ports into the Link to Disable (LtD). e. Click Submit. 2. Apply, verify, and - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 170
the network or force a single point-of-failure to any other part of the network. This means that your network will remain in service despite the failure of any single device. To achieve this usually requires redundancy for all vital network components. VRRP enables redundant router configurations - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 171
High availability Master and backup virtual router Within each virtual router, one VRRP router is selected to be the virtual router master. See "Selecting the Master VRRP Router" for an explanation of the selection process. NOTE: If the IP address owner is available, it will always become the - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 172
into action. Service providers now demand that vendors' equipment support redundant configurations HP 1:10GbE switch high availability configurations are based on VRRP. The switch software implementation of VRRP includes proprietary extensions. The switch software implementation of VRRP supports - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 173
extensions to VRRP This section describes VRRP enhancements that are implemented in switch software: Tracking VRRP router priority The HP 1:10GbE switch software supports a tracking function that dynamically modifies the priority of a VRRP router, based on its current state. The objective of - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 174
High availability Virtual router deployment considerations Review the following issues described in this section to prevent network problems when deploying virtual routers: • Assigning VRRP Virtual Router ID • Configuring the Switch for Tracking Assigning VRRP virtual router ID During the software - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 175
High availability High availability configurations The HP 1:10GbE switches offer flexibility in implementing redundant configurations. This section discusses the Active-Active configuration. Active-Active configuration The following figure shows an example configuration, - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 176
High availability 2. Configure client and server interfaces. /cfg/l3/if 1 (Select interface 1) >> IP Interface 1# addr 192.168.1.100 (Define IP address for interface 1) >> IP Interface 1# vlan 10 (Assign VLAN 10 to interface 1) >> IP Interface 1# ena (Enable interface 1) >> IP Interface 1# - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 177
High availability Task 2: Configure Switch B 1. Configure ports. /cfg/l2/vlan 10 >> VLAN 10# ena >> VLAN 10# add 20 >> VLAN 10# .. >> Layer 2# vlan 20 >> VLAN 20# ena >> VLAN 20# add 21 (Select VLAN 10) (Enable VLAN 10) (Add port 20 to VLAN 10) (Select VLAN 20) (Enable VLAN 20) (Add port 21 to - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 178
High availability 5. Enable tracking on ports. Set the priority of Virtual Router 2 to 101, so that it becomes the Master. /cfg/l3/vrrp/vr 1 (Select VRRP virtual router 1) >> VRRP Virtual Router 1# track/ports/ena (Set tracking on ports) >> VRRP Virtual Router 1 Priority Tracking# .. >> VRRP - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 179
High availability c. Configure port 20 as a member of VLAN 10 and port 21 as a member of VLAN 20. Enable each VLAN. d. Click Submit. 2. Configure the following client and server interfaces: − IF 1 IP address = 192.168.1.100 Subnet mask = 255.255.255.0 VLAN 10 − IF 2 IP address = 10.10.12.1 Subnet - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 180
a. Open the IP Interfaces folder, and select Add IP Interface. High availability b. Configure an IP interface. Enter the IP address, subnet mask, and VLAN membership. Enable the interface. c. Click Submit. 180 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 181
High availability 3. Configure the default gateways. Each default gateway points to one of the Layer 2 routers. a. Open the Default Gateways folder, and select Add Default Gateway. b. Configure the IP address for each default gateway. Enable the default gateways. c. Click Submit. 181 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 182
High availability 4. Turn on VRRP and configure two Virtual Interface routers. a. Open the Virtual Router Redundancy Protocol folder, and select General. 182 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 183
b. Enable VRRP processing. High availability c. Click Submit. d. Open the Virtual Routers folder, and select Add Virtual Router. 183 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 184
High availability e. Configure the IP address for Virtual Router 1 (VR1). Enable tracking on ports, and set the priority to 101. Enable The Virtual Router. f. Click Submit. g. Select Add Virtual Router. 184 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 185
High availability h. Configure the IP address for Virtual Router 2 (VR2). Enable tracking on ports, but set the priority to 100 (default value). Enable The Virtual Router. i. Click Submit. 5. Turn off Spanning Tree globally. a. Open the Spanning Tree Groups folder, and select Add Spanning Tree Group - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 186
b. Select a Spanning Tree Group. High availability 186 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 187
High availability c. Enter Spanning Tree Group ID 1 and set the Switch Spanning Tree State to off. d. Click Submit. 6. Apply, verify, and save the configuration. 187 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 188
-oriented problem. Any traffic in or out of one or more ports can be mirrored to a single monitoring port to which a network monitor can be attached. Port Mirroring can be used as a troubleshooting tool or to enhance the security of your network. For example, an Intrusion Detection Service (IDS - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 189
Troubleshooting tools Ingress traffic is duplicated and sent to the mirrored port before processing, and egress traffic is duplicated and sent to the mirrored port after - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 190
Troubleshooting tools Configuring Port Mirroring (BBI example) 1. Configure Port Mirroring. a. Click the Configure context button. b. Open the Switch folder, and select Port-Based Port Mirroring (click the underlined text, not the folder). c. Click a port number to select a monitoring port. 190 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 191
d. Click Add Mirrored Port. Troubleshooting tools e. Enter a port number for the mirrored port, and select the Port Mirror Direction. f. Click Submit. 2. Apply, verify, and save the configuration. 3. Verify the Port Mirroring information on the switch. 191 - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 192
troubleshooting techniques Other network troubleshooting techniques include the following. Console and Syslog messages When a switch experiences a problem, review the console and Syslog messages. The switch displays these informative messages when state changes and system problems the target station - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 193
be performed through HP technical support. • Offline Diagnostics-This tool is used for troubleshooting suspected switch hardware dump. This dump file can be analyzed post-mortem to determine the cause of the problem. • Stack Trace-If a fatal software condition occurs, the switch dumps stack trace - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 194
console messages, 192 customer support tools, 193 D default gateway: configuration example, 13, 107 Differentiated Services Code Point (DSCP)DSCP 192 Port Fast Forwarding, 74 port mirroring: configuration rules, 38; troubleshooting, 188 port trunking, 38 port trunking, fault tolerance, 37 Port-based - HP 438031-B21 | HP 1:10Gb Ethernet BL-c Switch for c-Class BladeSystem Applicati - Page 195
172 re-mark, 89 Remote Authentication Dial-in User Service (RADIUS): authentication, 21; SSH/SCP, 34 HP-OpenView, 14 SNMP, 14 SNMP, 131 SNMP v1.0, 14 SNMP v3.0, 14 Spanning Tree Protocol (STP), multiple instances, 70 spanning tree, configuration rules, 38 SSH: RSA host and server keys, 33; supported
HP 1:10Gb Ethernet BL-c Switch for c-Class
BladeSystem
Application Guide
Part number: 445881-001
First edition: April 2007