HP 6125G HP 6125G & 6125G/XG Blade Switches Layer 2 - LAN Switching Co - Page 88
Configuring Digest Snooping, Configuration restrictions and guidelines, Configuration procedure
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 88 highlights
NOTE: An mCheck operation takes effect on a device that operates in MSTP or RSTP mode. Configuring Digest Snooping As defined in IEEE 802.1s, connected devices are in the same region only when their MST region-related configurations (region name, revision level, and VLAN-to-instance mappings) are identical. A spanning tree device identifies devices in the same MST region by determining the configuration ID in BPDU packets. The configuration ID includes the region name, revision level, and configuration digest, which is in 16-byte length and is the result calculated via the HMAC-MD5 algorithm based on VLAN-to-instance mappings. Spanning tree implementations vary with vendors, and the configuration digests calculated using private keys is different, so devices of different vendors in the same MST region cannot communicate with each other. To enable communication between an HP device and a third-party device, enable the Digest Snooping feature on the port that connects the HP device to the third-party device in the same MST region. Configuration restrictions and guidelines • Before you enable Digest Snooping, make sure that associated devices of different vendors are connected and run spanning tree protocols. • With digest snooping enabled, in-the-same-region verification does not require comparison of configuration digest, so the VLAN-to-instance mappings must be the same on associated ports. • With global Digest Snooping enabled, modification of VLAN-to-instance mappings and removal of the current region configuration via the undo stp region-configuration command are not allowed. You can modify only the region name and revision level. • To make Digest Snooping take effect, you must enable it both globally and on associated ports. To make the configuration effective on all configured ports and while reducing impact on the network, enable Digest Snooping on all associated ports first and then globally. • To prevent loops, do not enable Digest Snooping on MST region edge ports. • HP recommends you to enable Digest Snooping first and then the spanning tree feature. To avoid causing traffic interruption, do not configure Digest Snooping when the network is already working well. Configuration procedure You can enable Digest Snooping only on the HP device that is connected to a third-party device that uses its private key to calculate the configuration digest. To configure Digest Snooping: Step 1. Enter system view. Command system-view Remarks N/A 79