HP 10Gb Ethernet BL-c Switch ISCLI Reference Guide Part number: 445942-001 Third Edition: June 2007
Legal notices © 2007 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Microsoft®, Windows®, and Windows NT® are U.S.
Contents Contents ISCLI reference Introduction ........................................................................................................................................... 9 Additional references ............................................................................................................................. 9 Connecting to the switch .........................................................................................................................
Contents Common Internal Spanning Tree information ...................................................................................... 41 Trunk group information................................................................................................................... 43 VLAN information ........................................................................................................................... 44 Layer 3 information .................................................................
Contents ICMP statistics ................................................................................................................................ 83 TCP statistics................................................................................................................................... 84 UDP statistics .................................................................................................................................. 86 IGMP Multicast Group statistics..........................
Contents 802.1x Port configuration ......................................................................................................... 128 Rapid Spanning Tree Protocol / Multiple Spanning Tree Protocol configuration.................................... 129 Common Internal Spanning Tree configuration.................................................................................. 131 CIST bridge configuration ..............................................................................................
Contents Access Control configuration ............................................................................................................... 171 Access Control List configuration ..................................................................................................... 171 ACL Ethernet Filter configuration ..................................................................................................... 171 ACL IP Version 4 Filter configuration.........................................
Contents Panic command ............................................................................................................................ 197 Unscheduled system dumps .................................................................................................................
ISCLI reference ISCLI reference Introduction The HP 10Gb Ethernet BL-c Switch is ready to perform basic switching functions right out of the box. Some of the more advanced features, however, require some administrative configuration before they can be used effectively. This guide provides a command reference for the HP 10GbE switch.
ISCLI reference Establishing a console connection To establish a console connection with the switch, you need: • A null modem cable with a female DB-9 connector (See the HP 10Gb Ethernet BL-c Switch User Guide for more information.) • An ASCII terminal or a computer running terminal emulation software set to the parameters shown in the table below.
ISCLI reference Establishing a Telnet connection A Telnet connection offers the convenience of accessing the HP 10GbE switch from any workstation connected to the network. Telnet provides the same options for user, operator, and administrator access as those available through the console port. By default, Telnet is enabled on the switch. The switch supports four concurrent Telnet connections. Once the IP parameters are configured, you can access the ISCLI using a Telnet connection.
ISCLI reference The following SSH clients are supported: • • • • • SSH 3.0.1 for Linux (freeware) SecureCRT® 4.1.8 (VanDyke Technologies, Inc.) OpenSSH_3.9 for Linux (FC 3) FedoraCore 3 for SCP commands PuTTY Release 0.58 (Simon Tatham) for Windows NOTE: The HP 10GbE switch implementation of SSH is based on versions 1.5 and 2.0, and supports SSH clients from version 1.0 through version 2.0. SSH clients of other versions are not supported.
ISCLI reference Table 2 User access levels User account Description and tasks performed User The User has no direct responsibility for switch management. He or she can view all switch status information and statistics, but cannot make any configuration changes to the switch. The user account is enabled by default, and the default password is user. Oper The Operator has no direct responsibility for switch management.
ISCLI reference Typographical conventions The following table describes the typographic styles used in this guide: Table 3 Typographical conventions Typeface or symbol Meaning angle brackets < > Indicate a variable to enter based on the description inside the brackets. Do not type the brackets as you enter the command. Example: If the command syntax is ping Enter: ping 192.32.10.12 bold body text Indicates user-interface objects, such as buttons and tabs.
ISCLI basics ISCLI basics Introduction The ISCLI is used for viewing switch information and statistics. In addition, the administrator can use the CLI for performing all levels of switch configuration. This chapter describes the ISCLI Command Modes, and provides a list of commands and shortcuts that typically are from all the command modes within the ISCLI. Accessing the ISCLI The first time you start the HP 10GbE switch, it boots into the AOS CLI.
ISCLI basics The following table describes the ISCLI command modes. Table 4 ISCLI Command Modes Command Mode/Prompt User EXEC Switch> Command used to enter or exit.
ISCLI basics Global commands Some basic commands are recognized throughout the ISCLI hierarchy. These commands are useful for obtaining online Help, navigating through the interface, and saving configuration changes. To get help about a specific command, type the command, followed by help. The following table describes the global commands. Table 5 Global commands Command Action ? Provides more information about a specific command or lists commands available at the current level.
ISCLI basics Command line interface shortcuts The following shortcuts allow you to enter commands quickly and easily. Command abbreviation Most commands can be abbreviated by entering the first characters that distinguish the command from the others in the same mode.
Information Commands Information Commands Introduction You can view configuration information for the switch in the ISCLI. This chapter discusses how to use the ISCLI to display switch information. The following table describes general information commands. Table 6 Information commands Command Usage show sys-info Displays system information. Command mode: All show layer2 information Displays Layer 2 information. Command mode: All show layer3 information Displays Layer 3 information.
Information Commands Table 6 Information commands Command Usage show information-dump Dumps all switch information available (10K or more, depending on your configuration). If you want to capture dump data to a file, set your communication software on your workstation to capture session data prior to issuing the dump commands. Command mode: All System Information commands The following table describes the System Information commands.
Information Commands SNMPv3 Information commands SNMP version 3 (SNMPv3) is an extensible SNMP Framework that supplements the SNMPv2 Framework by supporting the following: • • • • a new SNMP message format security for messages access control remote configuration of SNMP parameters For more details on the SNMPv3 architecture, see RFC2271 to RFC2276. The following table describes the SNMPv3 Information commands.
Information Commands SNMPv3 USM User Table information The following command displays SNMPv3 user information: show snmp-server v3 user Command mode: All The User-based Security Model (USM) in SNMPv3 provides security services such as authentication and privacy of messages. This security model makes use of a defined set of user identities displayed in the USM user table. The USM user table contains information like: • • • the user name • the privacy protocol.
Information Commands The following table describes the SNMPv3 View Table information. Table 10 View Table parameters Field Description View Name Displays the name of the view. Subtree Displays the MIB subtree as an OID string. A view subtree is the set of all MIB object instances which have a common Object Identifier prefix to their names. Mask Displays the bit mask. Type Displays whether a family of view subtrees is included or excluded from the MIB view.
Information Commands SNMPv3 Group Table information The following command displays SNMPv3 group information: show snmp-server v3 group Command mode: All Sec Model ---------snmpv1 usm usm User Name ----------------------------v1v2only adminmd5 adminsha Group Name ------------------------------v1v2grp admingrp admingrp A group is a combination of security model and security name that defines the access rights assigned to all the security names belonging to that group.
Information Commands SNMPv3 Target Address Table information The following command displays SNMPv3 target address information: show snmp-server v3 target-address Command mode: All Name Transport Addr Port Taglist Params ---------- --------------- ---- ---------- --------------trap1 47.81.25.66 162 v1v2trap v1v2param This command displays the SNMPv3 target address table information, which is stored in the SNMP engine. The following table describes the SNMPv3 Target Address Table information.
Information Commands Table 15 Target Parameters Table information Field Description Sec Model Displays the security model used when generating SNMP messages using this entry. The system may choose to return an inconsistentValue error if an attempt is made to set this variable to a value for a security model which the system does not support. Sec Level Displays the level of security used when generating SNMP messages using this entry.
Information Commands SNMPv3 dump The following command displays SNMPv3 information: show snmp-server v3 Command mode: All Engine ID = 80:00:07:50:03:00:0F:6A:F8:EF:00 usmUser Table: User Name Protocol -------------------------------- -------------------------------admin NO AUTH, NO PRIVACY adminmd5 HMAC_MD5, DES PRIVACY adminsha HMAC_SHA, DES PRIVACY v1v2only NO AUTH, NO PRIVACY vacmAccess Table: Group Name Prefix Model ---------- ------ ------admin usm v1v2grp snmpv1 admingrp usm Level -----------noAuthN
Information Commands System information The following command displays system information: show sys-info Command mode: All System Information at 6:56:22 Thu Jan 11, 2007 Time zone: America/US/Pacific HP 10 Gb Ethernet Blade Switch sysName: sysLocation: RackId: Default RUID RackName: Default Rack Name EnclosureSerialNumber: -noneEnclosureName: Default Chassis Name BayNumber: 1 Switch has been up for 3 days, 14 hours, 56 minutes and 22 seconds.
Information Commands Show recent syslog messages The following command displays system log messages: show logging messages Command mode: All Date ---Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Jul 8 Time ---17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:42 17:25:42 17:25:42 17:25:42 17:25:42 17:25:42 Severity level ----------------NOTICE NOTICE NOTICE
Information Commands System user information The following command displays user status information: show access user Command mode: All except User EXEC Usernames: user - enabled oper - disabled admin - Always Enabled Current User ID table: 1: name tech1 , ena, cos user 2: name tech2 , ena, cos user , password valid, online , password valid, offline The following table describes the User Name information. Table 17 User Name Information Field Usage user Displays the status of the user access level.
Information Commands Layer 2 information The following table describes the Layer 2 Information commands. The following sections provide more detailed information and commands. Table 18 Layer 2 information commands Command Usage show mac-address-table Displays Forwarding Database Information. Command mode: All show lacp information Displays a summary of LACP information. Command mode: All show qos transmit-queue information Displays 802.1p Information.
Information Commands Table 18 Layer 2 information commands Command Usage show vlan information Displays VLAN configuration information, including: • • • • VLAN Number VLAN Name Status Port membership of the VLAN Command mode: All show layer2 Dumps all switch information available from Layer 2 memory (10K or more, depending on your configuration). If you want to capture dump data to a file, set your communication software on your workstation to capture session data prior to issuing the dump commands.
Information Commands Show all FDB information The following command displays Forwarding Database information: show mac-address-table Command mode: All MAC address ----------------00:02:01:00:00:00 00:02:01:00:00:01 00:02:01:00:00:02 00:02:01:00:00:03 00:02:01:00:00:04 00:02:01:00:00:05 00:02:01:00:00:06 00:02:01:00:00:07 00:02:01:00:00:08 00:02:01:00:00:09 00:02:01:00:00:0a 00:02:01:00:00:0b 00:02:01:00:00:0c VLAN ---300 300 300 300 300 300 300 300 300 300 300 300 300 Port ---- Trnk ---1 20 20 20 20 20
Information Commands LACP dump The following command displays LACP information: show lacp information Command mode: All >> LACP# dump port lacp adminkey operkey selected prio attached trunk aggr ---------------------------------------------------------------------1 off 1 1 n 32768 --2 off 2 2 n 32768 --3 off 3 3 n 32768 --4 off 4 4 n 32768 --5 off 5 5 n 32768 --6 off 6 6 n 32768 --7 off 7 7 n 32768 --8 off 8 8 n 32768 --… LACP dump includes the following information for each port in the HP 10GbE swit
Information Commands 802.1x information The following command displays 802.
Information Commands Table 21 802.1x information Field Description Authenticator PAE State Displays the Authenticator Port Access Entity State. The PAE state can be one of the following: • • • • • • • • Backend Auth State initialize disconnected connecting authenticating authenticated aborting held forceAuth Displays the Backend Authorization State.
Information Commands Spanning Tree information The following table describes the Spanning Tree Protocol (STP) information commands. Table 22 STP information commands Command Usage show spanning-tree stp <1-128> Displays information about the spanning tree group. Command mode: All Displays STP bridge information. show spanning-tree stp <1-128> bridge Command mode: All show spanning-tree [<1-128>] information Displays STP information.
Information Commands You can also refer to the following port-specific STP information: • • • • • • Port number and priority Cost State Port Fast Forwarding state Designated bridge Designated port The following table describes the STP parameters. Table 23 STP parameters Parameter Description Current Root Shows information about the root bridge for the Spanning Tree. Information includes the priority (hex) and MAC address of the root. Path-Cost Path-cost is the total path cost to the root bridge.
Information Commands Rapid Spanning Tree and Multiple Spanning Tree information The following command displays RSTP/MSTP information: show spanning-tree stp <1-128> information Command mode: All -----------------------------------------------------------------upfast disabled, update 40 -----------------------------------------------------------------Spanning Tree Group 1: On (RSTP) VLANs: 1-3 Current Root: 8000 00:00:01:00:19:00 Parameters: Port ---1 2 3 4 5 6 7 8 9 10 11 12 Prio ---0 0 0 0 0 0 0 0 0 0 0
Information Commands You can also refer to the following port-specific RSTP information: • • • • • • Port number and priority Cost State Role Designated bridge and port Link type The following table describes the STP parameters in RSTP or MSTP mode. Table 24 Rapid Spanning Tree parameter descriptions Parameter Description Current Root Shows information about the root bridge for the Spanning Tree. Information includes the priority (hex) and MAC address of the root.
Information Commands Table 24 Rapid Spanning Tree parameter descriptions Parameter Description Role Shows the current role of this port in the Spanning Tree. The port role can be one of the following: Designated (DESG), Root (ROOT), Alternate (ALTN), Backup (BKUP), Master (MAST), or Unknown (UNK). Designated bridge Shows information about the bridge connected to each port, if applicable. Information includes the priority (hex) and MAC address of the Designated Bridge.
Information Commands In addition to seeing if Common Internal Spanning Tree (CIST) is enabled or disabled, you can view the following CIST bridge information: • • • • • • • Status of Uplink Fast (upfast) CIST root CIST regional root Priority Maximum age value Forwarding delay Hops You can also refer to the following port-specific CIST information: • • • • • • • Port number and priority Cost State Role Designated bridge and port Hello interval Link type and port type The following table describes the C
Information Commands Table 25 Common Internal Spanning Tree parameter descriptions Parameter Description Role Shows the current role of this port in the Spanning Tree. The port role can be one of the following: Designated (DESG), Root (ROOT), Alternate (ALTN), Backup (BKUP), Master (MAST). Designated Bridge Shows information about the bridge connected to each port, if applicable. Information includes the priority (hex) and MAC address of the Designated Bridge.
Information Commands VLAN information The following table describes the VLAN information commands. Table 26 VLAN information commands Command Usage show vlan Displays VLAN information Command mode: All show vlan information Displays VLAN information, including spanning tree assignment.
Information Commands Layer 3 information The following table describes basic Layer 3 Information commands. The following sections provide more detailed information and commands. Table 27 Layer 3 information commands Command Usage show ip route Displays all routes configured in the switch. Command mode: All except User EXEC show ip information Displays general IP information. Command mode: All except User EXEC show ip arp Displays Address Resolution Protocol (ARP) Information.
Information Commands Route information Using the commands listed below, you can display all or a portion of the IP routes currently held in the switch. Table 28 Route Information commands Command Usage show ip route address Displays a single route by destination IP address. Command mode: All except User EXEC Displays routes to a single gateway.
Information Commands The following table describes the Type parameter. Table 29 IP Routing Type information Field Description indirect The next hop to the host or subnet destination will be forwarded through a router at the Gateway address. direct Packets will be delivered to a destination host or subnet attached to the switch. local Indicates a route to one of the switch’s IP interfaces. broadcast Indicates a broadcast route.
Information Commands ARP information The Address Resolution Protocol (ARP) information includes IP address and MAC address of each entry, address status flags, VLAN, and port for the address, and port referencing information. The following table describes the Address Resolution Protocol commands. Table 31 ARP information Command Usage show ip arp find Displays a single ARP entry by IP address.
Information Commands ARP address list information The following command displays ARP address list information: show ip arp reply Command mode: All except User EXEC IP address --------------205.178.18.66 205.178.50.1 205.178.18.64 IP mask --------------255.255.255.255 255.255.255.255 255.255.255.255 MAC address VLAN Flags ----------------- ---- ----00:70:cf:03:20:04 P 00:70:cf:03:20:06 1 00:70:cf:03:20:05 1 This screen displays all entries in the ARP cache.
Information Commands OSPF general information The following command displays general OSPF information: show ip ospf general-information Command mode: All except User EXEC OSPF Version 2 Router ID: 10.10.10.
Information Commands OSPF Database information The following table describes the OSPF Database information commands. Table 34 OSPF Database information commands Command Usage show ip ospf database advertisingrouter Takes advertising router as a parameter. Displays all the Link State Advertisements (LSAs) in the LS database that have the advertising router with the specified router ID, for example: 20.1.1.1.
Information Commands Table 34 OSPF Database information commands Command Usage show ip ospf database summary [advertising-router | linkstate-id | self] Displays the network summary (type 3) LSAs with detailed information of each field of the LSAs. show ip ospf database Displays all the LSAs.
Information Commands Routing Information Protocol The following table describes the Routing Information Protocol (RIP) information commands. Table 35 RIP information commands Command Usage show ip rip routes Displays RIP routes. Command mode: All except User EXEC show ip rip interface [<1-249>] Displays RIP interface information. Command mode: All except User EXEC show interface ip rip Displays RIP user’s configuration.
Information Commands IP information The following command displays Layer 3 information: show layer3 information Command mode: All IP information: Interface information: 1: 10.80.23.243 255.255.254.0 250: 10.20.7.144 255.255.0.0 10.80.23.255, 10.20.255.255, vlan 1, up vlan 4095, up Default gateway information: metric strict 1: 10.80.22.1, vlan any, up active 254: 10.20.1.1, vlan 4095, up active Current BOOTP relay settings: OFF 0.0.0.0, 0.0.0.
Information Commands IGMP multicast group information The following table describes the commands used to display information about IGMP groups learned by the switch. Table 36 IGMP Multicast Group commands Command Usage show ip igmp groups address Displays a single IGMP multicast group by its IP address. Command mode: All except User EXEC Displays all IGMP multicast groups on a single VLAN.
Information Commands IGMP multicast router information The following table describes the commands used to display information about multicast routers learned through IGMP Snooping. Table 37 IGMP Multicast Router information commands Command Usage show ip igmp mrouter vlan <1-4094> Displays information for all multicast groups on a single VLAN. Command mode: All except User EXEC show ip igmp mrouter information Displays information for all multicast groups learned by the switch.
Information Commands VRRP information Virtual Router Redundancy Protocol (VRRP) support on HP 10GbE switch provides redundancy between routers in a LAN. This is accomplished by configuring the same virtual router IP address and ID number on each participating VRRP-capable routing device. One of the virtual routers is then elected as the master, based on a number of priority criteria, and assumes control of the shared virtual router IP address.
Information Commands 802.1p information The following command displays 802.1p information: show qos transmit-queue information Command mode: All Current priority to COS queue information: Priority COSq Weight -------- ---- -----0 0 1 1 0 1 2 0 1 3 0 1 4 1 2 5 1 2 6 1 2 7 1 2 Current port priority information: Port Priority COSq Weight ----- -------- ---- -----1 0 0 1 2 0 0 1 3 0 0 1 4 0 0 1 … 20 0 0 1 21 0 0 1 The following table describes the IEEE 802.1p priority to COS queue information. Table 38 802.
Information Commands ACL information The following table describes the commands used to display information about Access Control Lists and Groups. Table 40 ACL information commands Command Usage show access-control list <1-384> Displays information about the selected ACL. Command mode: All except User EXEC show access-control group <1-384> Displays information about ACL Groups. Command mode: All except User EXEC show access-control Displays information about all ACLs.
Information Commands RMON Information The following command displays general RMON information: show rmon Command mode: All RMON history information The following command displays RMON history information: show rmon history Command mode: All RMON History group configuration: Index ----1 2 3 4 5 IFOID -----------------------------1.3.6.1.2.1.2.2.1.1.21 1.3.6.1.2.1.2.2.1.1.18 1.3.6.1.2.1.2.2.1.1.20 1.3.6.1.2.1.2.2.1.1.19 1.3.6.1.2.1.2.2.1.1.
Information Commands RMON alarm information The following command displays RMON alarm information: show rmon alarm Command mode: All RMON Alarm group configuration: Index ----1 2 3 4 5 8 10 11 15 18 100 Interval -------30 900 300 1800 1800 1800 1800 1800 1800 1800 1800 Type ---abs abs abs abs abs abs abs abs abs abs abs rLimit -------10 0 10 10 10 10 10 10 10 10 10 fLimit -------0 10 20 0 0 0 0 0 0 0 0 Index ----1 2 3 4 5 8 10 11 15 18 100 OID -----------------------------1.3.6.1.2.1.2.2.1.10.257 1.
Information Commands Table 42 RMON Alarm Information Command Usage rEvtIdx Displays the rising alarm event index that is triggered when a rising threshold is crossed. fEvtIdx Displays the falling alarm event index that is triggered when a falling threshold is crossed. Last value Displays the last sampled value. OID Displays the MIB Object Identifier for each alarm index.
Information Commands Link status information The following command displays link information: show interface link Command mode: All except User EXEC -----------------------------------------------------------------Port Speed Duplex Flow Ctrl Link --------------- --TX-----RX------1 10000 full yes yes down 2 10000 full yes yes down 3 10000 full yes yes down 4 10000 full yes yes down 5 10000 full yes yes down 6 10000 full yes yes down 7 10000 full yes yes down 8 10000 full yes yes down 9 10000 full yes yes up
Information Commands Port information The following command displays port information: show interface information Command mode: All except User EXEC Port Tag RMON PVID NAME ---- --- ---- ---- -------------1 n d 1 Downlink1 2 n d 1 Downlink2 3 n d 1 Downlink3 4 n d 1 Downlink4 5 n d 1 Downlink5 6 n d 1 Downlink6 7 n d 1 Downlink7 8 n d 1 Downlink8 9 n d 1 Downlink9 10 n d 1 Downlink10 11 n d 1 Downlink11 12 n d 1 Downlink12 13 n d 1 Downlink13 14 n d 1*Downlink14 15 n d 1*Downlink15 16 n d 1*Downlink16 17 n
Information Commands Logical Port to GEA Port mapping The following command displays information about GEA ports: show geaport Command mode: All Logical Port -----------1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 GEA Port(0-based) ----------------2 4 6 8 10 12 14 16 3 5 7 9 11 13 15 17 255 18 19 0 1 GEA Unit --------0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 This display correlates the logical port number to the GEA unit on which each port resides.
Information Commands Uplink Failure Detection information The following command displays Uplink Failure Detection (UFD) information: show ufd Command mode: All except User EXEC Uplink Failure Detection: Enabled LtM status: Down Member STG STG State ---------------------port 20 1 DISABLED 10 DISABLED * 15 DISABLED * * = STP turned off for this port.
Statistics Commands Statistics Commands Introduction You can view switch performance statistics in the user, operator, and administrator command modes. This chapter discusses how to use the ISCLI to display switch statistics. The following table describes general Statistics commands. Table 44 Statistics commands Command Usage show layer3 counters Displays Layer 3 Statistics. Command mode: All show snmp-server counters Displays SNMP statistics.
Statistics Commands Port Statistics The following table describes the Port Statistics commands. The following sections provide more detailed information and commands. Table 45 Port Statistics commands Command Usage show interface port dot1x counters Displays IEEE 802.1x statistics for the port. show interface port bridging-counters Displays bridging (“dot1”) statistics for the port.
Statistics Commands 802.1x statistics Use the following command to display the 802.
Statistics Commands Table 46 802.1x statistics for port Statistics Description authEntersAuthenticating Total number of times that the state machine transitions from CONNECTING to AUTHENTICATING, as a result of an EAPResponse/Identity message being received from the Supplicant.
Statistics Commands Table 46 802.1x statistics for port Statistics Description backendNonNakResponsesFrom Supplicant Total number of times that the state machine receives a response from the Supplicant to an initial EAP-Request, and the response is something other than EAP-NAK. Indicates that the Supplicant can respond to the Authenticators chosen EAP-method. backendAuthSuccesses Total number of times that the state machine receives an Accept message from the Authentication Server.
Statistics Commands Table 47 Bridging statistics for port Statistics Description dot1TpLearnedEntryDiscards The total number of Forwarding Database entries, which have been or would have been learned, but have been discarded due to a lack of space to store them in the Forwarding Database. If this counter is increasing, it indicates that the Forwarding Database is regularly becoming full (a condition which has adverse performance effects on the sub network).
Statistics Commands Table 48 Ethernet statistics for port Statistics Description dot3StatsFCSErrors A count of frames received on a particular interface that are an integral number of octets in length but do not pass the Frame Check Sequence (FCS) check. The count represented by an instance of this object is incremented when the frameCheckError status is returned by the MAC service to the LLC (or other MAC user).
Statistics Commands Table 48 Ethernet statistics for port Statistics Description dot3StatsFrameTooLongs A count of frames received on a particular interface that exceeds the maximum permitted frame size. The count represented by an instance of this object is incremented when the frameTooLong status is returned by the MAC service to the LLC (or other MAC user). Received frames for which multiple error conditions obtained are, according to the conventions of IEEE 802.
Statistics Commands Table 49 Interface statistics for port Statistics Description MulticastPkts—IfHCIn The total number of packets, delivered by this sublayer. These are the packets that higher-level protocols requested to be transmitted, and which were addressed to a multicast address at this sublayer, including those that were discarded or not sent. For a MAC layer protocol, this includes both group and functional addresses.
Statistics Commands Internet Protocol (IP) statistics Use the following command to display the interface protocol statistics of the selected port: show interface port ip-counters Command mode: All GEA IP statistics for port 1: ipInReceives : 0 ipInHeaderError: 0 ipInDiscards : 0 The following table describes the Internet Protocol (IP) statistics for a selected port: Table 50 IP statistics for port Statistics Description ipInReceives The total number of input datagrams received from interf
Statistics Commands Layer 2 statistics The following table describes the Layer 2 statistics commands. The following sections provide more detailed information and commands. Table 52 Layer 2 Statistics commands Command Usage show mac-address-table counters Displays the Forwarding Database statistics. Command mode: All show interface port lacp counters Displays Link Aggregation Control Protocol (LACP) statistics. show layer2 counters Displays all Layer 2 statistics.
Statistics Commands LACP statistics Use the following command to display Link Aggregation Control Protocol (LACP) statistics: show interface port lacp counters Command mode: All Valid LACPDUs received Valid Marker PDUs received Valid Marker Rsp PDUs received Unknown version/TLV type Illegal subtype received LACPDUs transmitted Marker PDUs transmitted Marker Rsp PDUs transmitted - 0 0 0 0 0 0 0 0 78
Statistics Commands Layer 3 statistics The following table describes basic Layer 3 statistics commands. The following sections provide more detailed information and commands. Table 54 Layer 3 Statistics commands Command Usage show ip counters Displays IP statistics. Command mode: All except User EXEC clear ip counters Clears IP statistics. Use this command with caution as it deletes all the IP statistics. Command mode: All except User EXEC show ip route counters Displays route statistics.
Statistics Commands Table 54 Layer 3 Statistics commands Command Usage show ip rip counters Displays Routing Information Protocol (RIP) statistics. Command mode: All above Priv EXEC Clears Routing Information Protocol (RIP) statistics. clear ip rip counters Command mode: All above Priv EXEC Displays GEA statistics. show ip gea Command mode: All above Priv EXEC Displays all Layer 3 statistics.
Statistics Commands Table 55 IP statistics Statistics Description ipInDiscards The number of input IP datagrams for which no problems were encountered to prevent their continued processing, but which were discarded (for example, for lack of buffer space). This counter does not include any datagrams discarded while awaiting re-assembly. ipInDelivers The total number of input datagrams successfully delivered to IP user-protocols (including ICMP).
Statistics Commands ARP statistics The following command displays Address Resolution Protocol statistics. show ip arp counters Command mode: All except User EXEC ARP statistics: arpEntriesCur: arpEntriesMax: 2 4095 arpEntriesHighWater: 4 The following table describes the Address Resolution Protocol (ARP) statistics: Table 57 ARP statistics Statistic Description arpEntriesCur The total number of outstanding ARP entries in the ARP table.
Statistics Commands ICMP statistics The following command displays ICMP statistics: show ip icmp counters Command mode: All except User EXEC ICMP statistics: icmpInMsgs: icmpInDestUnreachs: icmpInParmProbs: icmpInRedirects: icmpInEchoReps: icmpInTimestampReps: icmpInAddrMaskReps: icmpOutErrors: icmpOutTimeExcds: icmpOutSrcQuenchs: icmpOutEchos: icmpOutTimestamps: icmpOutAddrMasks: 245802 41 0 0 244350 0 0 0 0 0 253777 0 0 icmpInErrors: icmpInTimeExcds: icmpInSrcQuenchs: icmpInEchos: icmpInTimestamps: icm
Statistics Commands Table 59 ICMP statistics Statistics Description icmpOutErrors The number of ICMP messages that this switch did not send due to problems discovered within ICMP such as a lack of buffer. This value should not include errors discovered outside the ICMP layer such as the inability of IP to route the resultant datagram. In some implementations there may be no types of errors that contribute to this counter's value.
Statistics Commands Table 60 TCP statistics Statistics Description tcpRtoMin The minimum value permitted by a TCP implementation for the retransmission timeout, measured in milliseconds. More refined semantics for objects of this type depend upon the algorithm used to determine the retransmission timeout. In particular, when the timeout algorithm is rsre(3), an object of this type has the semantics of the LBOUND quantity described in Request For Comments (RFC) 793.
Statistics Commands UDP statistics The following command displays UDP statistics: show ip udp counters Command mode: All except User EXEC UDP statistics: udpInDatagrams: udpInErrors: 54 0 udpOutDatagrams: udpNoPorts: 43 1578077 The following table describes the User Datagram Protocol (UDP) statistics: Table 61 UDP statistics Statistics Description udpInDatagrams The total number of UDP datagrams delivered to the switch. udpOutDatagrams The total number of UDP datagrams sent from this switch.
Statistics Commands Table 62 IGMP statistics Statistic Description rxIgmpGrpSpecificQueries Total number of Membership Query packets received from specific groups Total number of Group Source Specific Queries (GSSQ) received rxIgmpLeaves Total number of Leave requests received rxIgmpReports Total number of Membership Reports received txIgmpReports Total number of Membership reports transmitted txIgmpGrpSpecificQueries Total number of Membership Query packets transmitted to specific groups txI
Statistics Commands OSPF global statistics The following command displays OSPF global statistics: show ip ospf counters general Command mode: All except User EXEC OSPF stats ---------Rx/Tx Stats: Pkts hello database ls requests ls acks ls updates Nbr change stats: hello start n2way adjoint ok negotiation done exchange done bad requests bad sequence loading done n1way rst_ad down Timers kickoff hello retransmit lsa lock lsa ack dbage summary ase export Rx -------0 23 4 3 7 9 2 0 2 2 2 2 0 0 2 0 0 1 Tx ---
Statistics Commands Table 64 OSPF global statistics Statistic Description Tx Database The sum total of all Database Description packets transmitted on all OSPF areas and interfaces. Rx ls Requests The sum total of all Link State Request packets received on all OSPF areas and interfaces. Tx ls Requests The sum total of all Link State Request packets transmitted on all OSPF areas and interfaces.
Statistics Commands Table 64 OSPF global statistics Statistic Description n1way The sum total number of Hello packets received from neighbors, in which this router is not mentioned across all OSPF interfaces and areas. rst_ad The sum total number of times the Neighbor adjacency has been reset across all OPSF areas and interfaces. down The total number of Neighboring routers down (that is, in the initial state of a neighbor conversation) across all OSPF areas and interfaces.
Statistics Commands VRRP statistics Virtual Router Redundancy Protocol (VRRP) support on the HP 10GbE switch provides redundancy between routers in a LAN. This is accomplished by configuring the same virtual router IP address and ID number on each participating VRRP-capable routing device. One of the virtual routers is then elected as the master, based on a number of priority criteria, and assumes control of the shared virtual router IP address.
Statistics Commands RIP statistics The following command displays RIP statistics: show ip rip counters Command mode: All except User EXEC RIP ALL STATS INFORMATION: RIP packets received = 12 RIP packets sent = 75 RIP request received = 0 RIP response received = 12 RIP request sent = 3 RIP response sent = 72 RIP route timeout = 0 RIP bad size packet received = 0 RIP bad version received = 0 RIP bad zeros received = 0 RIP bad src port received = 0 RIP bad src IP received = 0 RIP packets from self received =
Statistics Commands Management Processor statistics The following table describes the MP-specific Statistics commands. The following sections provide more detailed information and commands. Table 67 MP-specific Statistics commands Command Usage show mp packet Displays packet statistics, to check for leads and load. Command mode: All show mp tcp-block Displays all Transmission Control Protocol (TCP) control blocks (TCB) that are in use.
Statistics Commands Table 68 MP specific packet statistics Field Description smalls Total number of packet allocations with size less than 128 bytes from the packet buffer pool by the TCP/IP protocol stack. smalls hi-watermark The highest number of packet allocation with size less than 128 bytes from the packet buffer pool by the TCP/IP protocol stack. failures Total number of packet allocation failures from the packet buffer pool by the TCP/IP protocol stack.
Statistics Commands UDP statistics The following command displays UDP statistics: show mp udp-block Command mode: All except User EXEC All UDP allocated control blocks: 161: listen The following table describes the User Datagram Protocol (UDP) control block (UCB) statistics shown in this example: Table 70 UDP statistics Description Example Statistic Control block 161 State listen CPU statistics The following command displays the CPU utilization statistics: show mp cpu Command mode: All except User E
Statistics Commands SNMP statistics The following command displays SNMP statistics: show snmp-server counters Command mode: All except User EXEC SNMP statistics: snmpInPkts: snmpInBadC'tyNames: snmpInASNParseErrs: snmpOutPkts: snmpInTooBigs: snmpInBadValues: snmpInGenErrs: snmpInTotalSetVars: snmpInGetNexts: snmpInGetResponses: snmpOutTooBigs: snmpOutBadValues: snmpOutGenErrs: snmpOutGetNexts: snmpOutGetResponses: snmpSilentDrops: 54 0 0 54 0 0 0 0 52 0 0 0 0 0 54 0 snmpInBadVersions: snmpInBadC'tyUses:
Statistics Commands Table 72 SNMP statistics Statistics Description snmpOutPkts The total number of SNMP messages which were passed from the SNMP protocol entity to the transport service. snmpInBadTypes The total number of SNMP messages which failed ASN.1 parsing. snmpInTooBigs The total number of SNMP Protocol Data Units (PDUs) that were delivered to the SNMP protocol entity and for which the value of the error-status field is too big.
Statistics Commands Table 72 SNMP statistics Statistics Description snmpOutGetRequests The total number of SNMP Get-Request Protocol Data Units (PDUs), which have been generated by the SNMP protocol entity. snmpOutGetNexts The total number of SNMP Get-Next Protocol Data Units (PDUs), which have been generated by the SNMP protocol entity. snmpOutSetRequests The total number of SNMP Set-Request Protocol Data Units (PDUs), which have been generated by the SNMP protocol entity.
Statistics Commands Table 73 NTP statistics Statistics Description Primary Server • Requests Sent—The total number of NTP requests the switch sent to the primary NTP server to synchronize time. • Responses Received—The total number of NTP responses received from the primary NTP server. • Updates—The total number of times the switch updated its time based on the NTP responses received from the primary NTP server.
Statistics Commands Statistics dump The following command dumps switch statistics: show counters Use the dump command to dump all switch statistics available (40K or more, depending on your configuration). This data can be used to tune or debug switch performance. If you want to capture dump data to a file, set your communication software on your workstation to capture session data prior to issuing the dump commands.
Configuration Commands Configuration Commands Introduction The Configuration commands are available only from an administrator login. They include commands for configuring every aspect of the HP 10GbE switch . Changes can be saved to non-volatile memory (NVRAM). The following table describes the basic Configuration commands. The following sections provide more detailed information and commands.
Configuration Commands System configuration These commands allow you to configure switch management parameters such as user and administrator privilege mode passwords, browser-based management settings, and management access list. The following table describes the System Configuration commands. Table 76 System Configuration commands Command Usage system date - Prompts the user for the system date.
Configuration Commands Table 76 System Configuration commands Command Usage [no] enable Allows administrators to assign the Privilege EXEC password. The password will be required to enter Privilege EXEC mode. The default value is disabled. Command mode: Global configuration show system Displays the current system parameters. Command mode: All System host log configuration The following table describes the Syslog Configuration commands.
Configuration Commands Table 77 Syslog Configuration commands Command Description [no] logging log {} Displays a list of features for which syslog messages can be generated. You can choose to enable/disable specific features or enable/disable syslog on all available features.
Configuration Commands Secure Shell Server configuration Telnet traffic on the network is not secure. These commands enable Secure Shell (SSH) access from any SSH client. The SSH program securely logs into another computer over a network and executes commands in a secure environment. All data using SSH is encrypted. NOTE: See the HP 10Gb Ethernet BL-c Switch Application Guide for information on SSH. The following table describes the SSHD Configuration commands.
Configuration Commands Table 78 SSHD Configuration commands Command Description no ssh enable Disables the SSH server. This is the default for the SSH server. Command mode: Global configuration show ssh Displays the current SSH server configuration. Command mode: All RADIUS server configuration NOTE: See the HP 10Gb Ethernet BL-c Switch Application Guide for information on RADIUS. The following table describes the RADIUS Server Configuration commands.
Configuration Commands Table 79 RADIUS Server Configuration commands Command Description no radius-server enable Disables the RADIUS server. This is the default. Command mode: Global configuration show radius-server Displays the current RADIUS server parameters. Command mode: All IMPORTANT: If RADIUS is enabled, you must login using RADIUS authentication when connecting via the console or Telnet/SSH/HTTP/HTTPS.
Configuration Commands Table 80 TACACS+ Server Configuration commands Command Description tacacs-server port Enter the number of the TCP port to be configured, between 1 and 65000. The default is 49. Command mode: Global configuration tacacs-server retransmit <1-3> Sets the number of failed authentication requests before switching to a different TACACS+ server. The range is 1-3 requests. The default is 3 requests.
Configuration Commands and use the administrator password to log into the switch. The switch allows this only if TACACS+ servers are not available. NTP server configuration These commands enable you to synchronize the switch clock to a Network Time Protocol (NTP) server. By default, this option is disabled. The following table describes the NTP Server Configuration commands.
Configuration Commands System SNMP configuration The switch software supports SNMP-based network management. In SNMP model of network management, a management station (client/manager) accesses a set of variables known as MIBs (Management Information Base) provided by the managed device (agent).
Configuration Commands Table 82 System SNMP Configuration commands Command Description snmp-server timeout <1-30> Sets the timeout value for the SNMP state machine. The range is 1-30 minutes. The default value is 5 minutes. Command mode: Global configuration Enables or disables the use of the system authentication trap facility. The default setting is disabled.
Configuration Commands Table 83 SNMPv3 Configuration commands Command Description snmp-server group <1-16> Configures an SNMP group. A group maps the user name to the access group names and their access rights needed to access SNMP management objects. A group defines the access rights assigned to all names that belong to a particular group. The range is 1-16. Command mode: Global configuration snmp-server community <1-16> Configures a community table entry.
Configuration Commands User Security Model configuration You can make use of a defined set of user identities using this Security Model. An SNMP engine must have the knowledge of applicable attributes of a user. These commands help you create a user security model entry for an authorized user. You need to provide a security name to create the USM entry. The following table describes the User Security Model Configuration commands.
Configuration Commands SNMPv3 View configuration The following table describes the SNMPv3 View Configuration commands. Table 85 SNMPv3 View Configuration commands Command Description snmp-server view <1-128> name <1-32 characters> Defines the name for a family of view subtrees up to a maximum of 32 characters.
Configuration Commands Table 86 View-based Access Control Configuration commands Command Description snmp-server access <1-32> level {noAuthNoPriv|authNoPriv|authPriv} Defines the minimum level of security required to gain access rights. The level noAuthNoPriv means that the SNMP message will be sent without authentication and without using a privacy protocol. The level authNoPriv means that the SNMP message will be sent with authentication but without using a privacy protocol.
Configuration Commands Table 87 SNMPv3 Group Configuration commands Command Description show snmp-server group <1-16> Displays the current vacmSecurityToGroup configuration. Command mode: All SNMPv3 Community Table configuration These commands are used for configuring the community table entry. The configured entry is stored in the community table list in the SNMP engine. This table is used to configure community strings in the Local Configuration Datastore (LCD) of SNMP engine.
Configuration Commands Table 89 SNMPv3 Target Address Table Configuration commands Command Description snmp-server target-address <1-16> name <1-32 characters> address Configures a transport address IP that can be used in the generation of SNMP traps. snmp-server target-address <1-16> port Configures a transport address port that can be used in the generation of SNMP traps.
Configuration Commands Table 90 SNMPv3 Target Parameters Table Configuration commands Command Description snmp-server target-parameters <1-16> level {noAuthNoPriv|authNoPriv|authPriv} Selects the level of security to be used when generating the SNMP messages using this entry. The level noAuthNoPriv means that the SNMP message will be sent without authentication and without using a privacy protocol.
Configuration Commands System Access configuration The following table describes the System Access Configuration commands. Table 92 System Access Configuration commands Command Description [no] access http enable Enables or disables HTTP (Web) access to the Browser-based Interface. It is enabled by default. Command mode: Global configuration access http port Sets the switch port used for serving switch Web content. The default is HTTP port 80.
Configuration Commands Table 93 Management Networks Configuration commands Command Description clear access management-network Clears the management network definitions. Command mode: All except User EXEC User Access Control configuration The following table describes the User Access Control commands. Table 94 User Access Control Configuration commands Command Description access user <1-10> Configures the User ID.
Configuration Commands Table 95 User ID Configuration commands Command Description access user <1-10> password <1-128 Sets the user password of up to 128 characters maximum. characters> Command mode: Global configuration access user <1-10> enable Enables the user ID. Command mode: Global configuration no access user <1-10> enable Disables the user ID. Command mode: Global configuration no access user <1-10> Deletes the user ID.
Configuration Commands HTTPS Access configuration The following table describes the HTTPS Access Configuration commands. Table 96 HTTPS Access Configuration commands Command Description [no] access https enable Enables or disables BBI access (Web access) using HTTPS. The default value is disabled. Command mode: Global configuration access https port Defines the HTTPS Web server port number.
Configuration Commands Port configuration Use the port configuration commands to configure settings for individual switch ports. NOTE: Port 17 is reserved for switch management. The following table describes the Port Configuration commands. The following sections provide more detailed information and commands. Table 97 Port Configuration commands Command Description interface port {} Enter Interface Port configuration mode for the selected port. dot1p <0-7> Configures the port’s 802.
Configuration Commands Table 97 Port Configuration commands Command Description shutdown Disables the port. To temporarily disable a port without changing its configuration attributes, see the “Temporarily disabling a port” section later in this chapter. Command mode: Interface port show interface port {} Displays current port parameters.
Configuration Commands Table 98 Gigabit Link Configuration commands Command Description no flowcontrol Sets the flow control to none. Command mode: Interface port [no] auto Enables or disables auto-negotiation for the port. All downlink and uplink ports are fixed at 10000 Mbps, and cannot be set to auto-negotiate. Command mode: Interface port show interface port {} Displays current port parameters.
Configuration Commands Layer 2 configuration The following table describes the Layer 2 Configuration commands. The following sections provide more detailed information and commands. Table 100 Layer 2 Configuration commands Command Description vlan {<1-4094>} Enter VLAN configuration mode. Command mode: Global configuration [no] spanning-tree uplinkfast Enables or disables Fast Uplink Convergence, which provides rapid Spanning Tree convergence to an upstream switch during failover.
Configuration Commands 802.1x Global configuration The global 802.1x commands allow you to configure parameters that affect all ports in the switch (except management port 17). The following table describes the 802.1x Global Configuration commands. Table 102 802.1x Global Configuration commands Command Description dot1x mode {[force-unauthorized| auto|force-authorized]} Sets the type of access control for all ports: • force-unauth—the port is unauthorized unconditionally.
Configuration Commands Table 102 802.1x Global Configuration commands Command Description show dot1x Displays current global 802.1x parameters. Command mode: All 802.1x Port configuration The 802.1x port commands allow you to configure parameters that affect the selected port in the switch. These settings override the global 802.1x parameters. The following table describes the 802.1x Port Configuration commands. Table 103 802.
Configuration Commands Table 103 802.1x Port Configuration commands Command Description dot1x re-authentication-interval {<1-604800>} Sets the time, in seconds, the authenticator waits before reauthenticating a supplicant (client) when periodic re-authentication is enabled. The default value is 3600 seconds. Command mode: Interface port [no] dot1x re-authenticate Sets the re-authentication status to on or off. The default value is off.
Configuration Commands Table 104 Multiple Spanning Tree Configuration commands Command Description spanning-tree mstp maximum-hop <4-60> Configures the maximum number of bridge hops a packet may to traverse before it is dropped. The range is from 4 to 60 hops. The default is 20.
Configuration Commands Common Internal Spanning Tree configuration The Common Internal Spanning Tree (CIST) provides compatibility with different MSTP regions and with devices running different Spanning Tree instances. It is equivalent to Spanning Tree Group 0. The following table describes the commands used to configure CIST commands. Table 105 CIST Configuration commands Command Description spanning-tree mstp cist-add-vlan <1-4095> Adds VLANs to the CIST.
Configuration Commands Table 106 CIST Bridge Configuration commands Command Description spanning-tree mstp cistbridge forward-delay {<4-30>} Configures the CIST bridge forward delay parameter. The forward delay parameter specifies the amount of time that a bridge port has to wait before it changes from the listening state to the learning state and from the learning state to the forwarding state. The range is 4 to 30 seconds, and the default is 15 seconds. This command does not apply to RSTP.
Configuration Commands Table 107 CIST Port Configuration commands Command Description spanning-tree mstp cist hello {<1-10>} Configures the CIST port Hello time. The Hello time specifies how often the root bridge transmits a configuration bridge protocol data unit (BPDU). Any bridge that is not the root bridge uses the root bridge Hello value. The range is 1 to 10 seconds, and the default is 2 seconds.
Configuration Commands Spanning Tree configuration The switch supports the IEEE 802.1d Spanning Tree Protocol (STP) and Cisco proprietary PVST and PVST+ protocols. You can configure up to 127 spanning tree groups on the switch (STG 128 is reserved for switch management). Spanning Tree is turned on by default. NOTE: When RSTP is turned on, only STP group 1 can be configured. The following table describes the Spanning Tree Configuration commands.
Configuration Commands Bridge Spanning Tree configuration Spanning tree bridge parameters can be configured for each Spanning Tree Group. STP bridge parameters include: • • • • • Bridge priority Bridge hello time Bridge maximum age Forwarding delay Current bridge configuration The following table describes the Bridge Spanning Tree Configuration commands.
Configuration Commands When configuring STP bridge parameters, the following formulas must be used: • • 2*(fwd-1) ≥ mxage 2*(hello+1) ≤ mxage Spanning Tree port configuration The default configuration for STP/PVST+ is off for downlink ports (1-16) and the management port (17), and on for uplink ports (18-21).
Configuration Commands Table 110 Spanning Tree Port Configuration commands Command Description [no] spanning-tree stp {<1-128>} edge Enables or disables this port as an edge port. An edge port is not connected to a bridge, and can begin forwarding traffic as soon as the link is up. Configure server ports as edge ports (enabled). This command only applies when RSTP is turned on. See the “Common Internal Spanning Tree configuration” section for more information.
Configuration Commands Table 112 Static FDB Configuration commands Command Description mac-address-table static all [||] Clears specified static FDB entries from the forwarding database, as follows: • Interface • MAC address • VLAN Command mode: Global configuration Trunk configuration Trunk groups can provide super-bandwidth connections between switches or other trunk capable devices.
Configuration Commands Layer 2 IP Trunk Hash configuration Trunk hash parameters are set globally for the HP 10GbE switch. You can enable one or two parameters, to configure any of the following valid combinations: • • • • • • SMAC (source MAC only) DMAC (destination MAC only) SIP (source IP only) DIP (destination IP only) SIP + DIP (source IP and destination IP) SMAC + DMAC (source MAC and destination MAC) The following table describes the IP Trunk Hash Configuration commands.
Configuration Commands Link Aggregation Control Protocol configuration The following table describes the LACP Configuration commands. Table 115 LACP Configuration commands Command Description lacp system-priority {<1-65535>} Defines the priority value (1 through 65535) for the switch. Lower numbers provide higher priority. The default value is 32768. Command mode: Global configuration lacp timeout {short|long} Defines the timeout period before invalidating LACP data from a remote partner.
Configuration Commands VLAN configuration The commands in this section configure VLAN attributes, change the status of the VLAN, delete the VLAN, and change the port membership of the VLAN. By default, the VLANs are disabled except VLAN 1, which is always enabled. The switch supports a maximum of 1,000 VLANs. VLAN 4095 is reserved for switch management. NOTE: See the HP 10Gb Ethernet BL-c Switch Application Guide for information about VLANs. The following table describes the VLAN Configuration commands.
Configuration Commands Layer 3 configuration The following table describes basic Layer 3 Configuration commands. The following sections provide more detailed information and commands. Table 118 L3 Configuration commands Command Description interface ip {<1-250>} Enter IP Interface mode. Command mode: Global configuration route-map <1-32> Enter IP Route Map mode. Command mode: Global configuration router rip Enter Router RIP mode.
Configuration Commands Table 119 IP Interface Configuration commands Command Description no enable Disables this IP interface. Command mode: Interface IP no interface ip {<1-250>} Removes this IP interface. Command mode: Global configuration show interface ip {<1-250>} Displays the current interface settings. Command mode: All NOTE: If you enter an IP address for interface 1, you are prompted to change the BOOTP setting.
Configuration Commands IP Static Route configuration The following table describes the Static Route Configuration commands. Table 121 Static Route Configuration commands Command Description ip route [] Adds a static route. You will be prompted to enter a destination IP address, destination subnet mask, and gateway address. Enter all addresses using dotted decimal notation. Command mode: Global configuration Removes a static route.
Configuration Commands Static ARP configuration Static ARP entries are permanent in the ARP cache and do not age out like the ARP entries that are learnt dynamically. Static ARP entries enable the switch to reach the hosts without sending an ARP broadcast request to the network. Static ARPs are also useful to communicate with devices that do not respond to ARP requests. Static ARPs can also be configured on some gateways as a protection against malicious ARP Cache corruption and possible DOS attacks.
Configuration Commands IP Forwarding configuration The following table describes the IP Forwarding Configuration commands. Table 124 IP Forwarding Configuration commands Command Description [no] ip routing direct-broadcasts Enables or disables forwarding directed broadcasts. This command is disabled by default. Command mode: Global configuration ip routing Enables IP forwarding (routing) on the switch. Command mode: Global configuration no ip routing Disables IP forwarding (routing) on the switch.
Configuration Commands Route Map configuration Routing maps control and modify routing information. The map number <1-32> represents the routing map you wish to configure. The following table describes the basic Route Map Configuration commands. The following sections provide more detailed information and commands. Table 126 Route Map Configuration commands Command Description route-map <1-32> Enter Route Map configuration mode.
Configuration Commands IP Access List configuration The route map number <1-32> and the access list number <1-8> represent the IP access list you wish to configure. The following table describes the IP Access List Configuration commands. Table 127 IP Access List Configuration commands Command Description [no] access-list <1-8> match-address <1-32> Sets the network filter number. Command mode: Route Map [no] access-list <1-8> metric <1-16777214> Sets the metric value in the AS-External (ASE) LSA.
Configuration Commands RIP Interface configuration The RIP commands are used for configuring Routing Information Protocol parameters. This option is turned off by default. NOTE: Do not configure RIP version 1 parameters if your routing equipment uses RIP version 2. The following table describes the RIP Interface Configuration commands. Table 129 RIP Interface Configuration commands Command Description ip rip version {1|2|both} Configures the RIP version used by this interface.
Configuration Commands Table 129 RIP Interface Configuration commands Command Description ip rip authentication key {} Configures the authentication key password. ip rip enable Enables this RIP interface. Command mode: Interface IP Command mode: Interface IP no ip rip enable Disables this RIP interface. Command mode: Interface IP show interface ip [<1-250>] rip Displays the current RIP configuration.
Configuration Commands Open Shortest Path First configuration The following table describes the basic Open Shortest Path First (OSPF) commands. The following sections provide more detailed information and commands. Table 131 OSPF Configuration commands Command Description router ospf Enter Router OSPF configuration mode. Command mode: Router OSPF area <0-2> Configures the OSPF area. Command mode: Router OSPF area-range <0-16> Configures the summary range.
Configuration Commands OSFP Area Index configuration The following table describes the Area Index Configuration commands. Table 132 OSPF Area Index Configuration commands Command Description area <0-2> area-id Defines the area ID of the OSPF area number. Command mode: Router OSPF area <0-2> type {transit|stub|nssa} Defines the type of area. For example, when a virtual link has to be established with the backbone, the area type must be defined as transit.
Configuration Commands Table 132 OSPF Area Index Configuration commands Command Description show ip ospf area <0-2> Displays the current OSPF configuration. Command mode: All except User EXEC OSPF Summary Range configuration The following table describes the OSPF Summary Range Configuration commands. Table 133 OSPF Summary Range Configuration commands Command Description area-range <1-16> address Configures the base IP address and IP address mask for the range.
Configuration Commands OSPF Interface configuration The following table describes the OSPF Interface Configuration commands. Table 134 OSPF Interface Configuration commands Command Description ip ospf area <0-2> Configures the OSPF area index. Command mode: Interface IP ip ospf priority <0-255> Configures the assigned priority value to the OSPF interfaces. (A priority value of 255 is the highest and 1 is the lowest.
Configuration Commands OSPF Virtual Link configuration The following table describes the OSPF Virtual Link Configuration commands. Table 135 OSPF Virtual Link Configuration commands Command Description area-virtual-link <1-3> area <0-2> Configures the OSPF area index. area-virtual-link <1-3> hello-interval <1-65535> Configures the authentication parameters of a hello packet, which is set to be in an interval of seconds.
Configuration Commands OSPF Host Entry configuration The following table describes the OSPF Host Entry Configuration commands. Table 136 OSPF Host Entry Configuration commands Command Description host <1-128> address Configures the base IP address for the host entry. Command mode: Router OSPF host <1-128> area <0-2> Configures the area index of the host. Command mode: Router OSPF host <1-128> cost <1-65535> Configures the cost value of the host.
Configuration Commands OSPF MD5 Key configuration The following table describes the OSPF MD5 Key Configuration commands. Table 138 OSPF MD5 Key Configuration commands Command Description message-digest-key <1-255> md5-key Sets the authentication key for this OSPF packet. no message-digest-key <1-255> Deletes the authentication key for this OSPF packet. Command mode: Router OSPF Command mode: Router OSPF show ip ospf message-digest-key <1-255> Displays the current MD5 key configuration.
Configuration Commands Table 139 IGMP Snooping commands Command Description [no] ip igmp snoop flood Configures the switch to flood unregistered IP multicast reports to all ports. Command mode: Global configuration [no] ip igmp snoop aggregate Enables or disables IGMP Membership Report aggregation. Command mode: Global configuration ip igmp snoop source-ip Configures the source IP address used as a proxy for IGMP Group Specific Queries.
Configuration Commands Table 140 IGMPv3 Snooping commands Command Description [no] ip igmp snoop igmpv3 exclude Enables or disables snooping on IGMPv3 Exclude Reports. When disabled, the switch ignores Exclude Reports. The default value is enabled. Command mode: Global configuration ip igmp snoop igmpv3 enable Enables IGMP version 3. The default value is disabled. Command mode: Global configuration no ip igmp snoop igmpv3 enable Disables IGMP version 3.
Configuration Commands IGMP static multicast router configuration The following table describes the Static Multicast Router Configuration commands. NOTE: When you configure a static multicast router on a VLAN, the process of learning multicast routers is disabled for that VLAN.
Configuration Commands IGMP filter definition The following table describes the IGMP Filter Definition commands. Table 143 IGMP Filter Definition commands Command Description ip igmp profile <1-16> range Configures the range of IP multicast addresses for this filter. Enter the first IP multicast address of the ranger, followed by the second IP multicast address of the range.
Configuration Commands Domain Name System configuration The Domain Name System (DNS) Configuration commands are used for defining the primary and secondary DNS servers on your local network, and for setting the default domain name served by the switch services. DNS parameters must be configured prior to using hostname parameters with the ping, traceroute, and tftp commands. The following table describes the Domain Name System (DNS) Configuration commands.
Configuration Commands Virtual Router Redundancy Protocol configuration Virtual Router Redundancy Protocol (VRRP) support on the HP 10GbE switch provides redundancy between routers in a LAN. This is accomplished by configuring the same virtual router IP address and ID number on each participating VRRP-capable routing device. One of the virtual routers is then elected as the master, based on a number of priority criteria, and assumes control of the shared virtual router IP address.
Configuration Commands VRRP Virtual Router configuration Virtual Router commands are used for configuring virtual routers for this switch. A virtual router is defined by its virtual router ID and an IP address. On each VRRP-capable routing device participating in redundancy for this virtual router, a virtual router will be configured to share the same virtual router ID and IP address. Virtual routers are disabled by default. The following table describes the Virtual Router Configuration commands.
Configuration Commands Table 148 Virtual Router Configuration commands Command Description [no] virtual-router <1-250> preemption Enables or disables master preemption. When enabled, if this virtual router is in backup mode but has a higher priority than the current master, this virtual router will preempt the lower priority master and assume control.
Configuration Commands Table 149 Virtual Router Priority Tracking Configuration commands Command Description [no] virtual-router <1-250> track interfaces When enabled, the priority for this virtual router will be increased for each other IP interface active on this switch. An IP interface is considered active when there is at least one active port on the same VLAN. This helps elect the virtual routers with the most available routes as the master. This command is disabled by default.
Configuration Commands Table 150 Virtual Router Group Configuration commands Command Description group advertisement <1-255> Defines the time interval between VRRP master advertisements. This can be any integer between 1 and 255 seconds. The default is 1. Command mode: Router VRRP [no] group preemption Enables or disables master preemption.
Configuration Commands VRRP Interface configuration These commands are used for configuring VRRP authentication parameters for the IP interfaces used with the virtual routers. The interface number represents the IP interface on which authentication parameters must be configured. The following table describes the VRRP Interface Configuration commands.
Configuration Commands NOTE: These priority tracking options only define increment values. These options do not affect the VRRP master router election process until options under VRRP Virtual Router Priority Tracking are enabled.
Configuration Commands Quality of Service configuration Use the Quality of Service (QoS) commands to configure the IEEE 802.1p priority value of incoming packets. This allows you to differentiate between various types of traffic, and provide different priority levels. QoS 802.1p configuration This feature provides the HP 10GbE switch the capability to filter IP packets based on the IEEE 802.1p bits in the packet's VLAN header. The 802.
Configuration Commands Access Control configuration Use these commands to create Access Control Lists (ACLs) and ACL Groups. ACLs define matching criteria used for IP filtering and Quality of Service functions. Access Control List configuration These commands allow you to define filtering criteria for each Access Control List (ACL). The following table describes the basic ACL Configuration commands.
Configuration Commands Table 156 Ethernet Filter Configuration commands Command Description access-control list <1-384> ethernet ethernet-type {ARP|IP|IPv6|MPLS| RARP|any|0xXXXX} Defines the Ethernet type for this ACL. access-control list <1-384> ethernet priority <0-7> Defines the Ethernet priority value for the ACL. default access-control list <1-384> ethernet Resets Ethernet parameters for the ACL to their default values.
Configuration Commands ACL TCP/UDP Filter configuration These commands allow you to define TCP/UDP matching criteria for an ACL. The following table describes the TCP/UDP Filter Configuration commands. Table 158 TCP/UDP Filter Configuration commands Command Description access-control list <1-384> tcpudp source-port <1-65535> {} Defines a source port for the ACL. If defined, traffic with the specified TCP or UDP source port will match this ACL. Specify the port number.
Configuration Commands ACL Packet Format configuration The following table describes the Packet Format Configuration commands. Table 159 Packet Format Configuration commands Command Description access-control list <1-384> packet-format ethernet {ethertype2|snap|llc} Defines the Ethernet format for the ACL. [no] access-control list <1-384> packet-format tagged Defines the tagging format for the ACL.
Configuration Commands ACL Re-mark configuration You can choose to re-mark IP header data for the selected ACL. You can configure different re-mark values, based on whether packets fall within the ACL Metering profile, or out of the ACL Metering profile. The following table describes the ACL Re-mark Configuration commands. Table 161 ACL Re-mark Configuration commands Command Description [no] access-control list <1-384> re-mark Assign an ACL for DSCP Re-marking.
Configuration Commands Re-Mark Update User Priority configuration The following table describes the Update User Priority Configuration commands. Table 163 ACL Update User Priority Configuration commands Command Description access-control list <1-384> re-mark in-profile dot1p <0-7> Defines 802.1p value. The value is the priority bits information in the packet structure.
Configuration Commands ACL Group configuration These commands allow you to compile one or more ACLs into an ACL Group. Once you create an ACL Group, you can assign the ACL Group to one or more ports. The following table describes the ACL Group Configuration commands. Table 165 ACL Group Configuration commands Command Description access-control group <1-384> list <1-384> Adds the selected ACL to the ACL Group. You can add up to 96 ACLs to each ACL Group.
Configuration Commands Remote Monitoring configuration Remote Monitoring (RMON) allows you to monitor traffic flowing through the switch. The RMON MIB is described in RFC 1757. The following table describes the basic RMON Configuration commands. The following sections provide more detailed commands. Table 166 RMON commands Command Description show rmon Displays the current RMON configuration. Command mode: All RMON history configuration The following table describes the RMON History commands.
Configuration Commands RMON event configuration The following table describes the RMON Event commands. Table 168 RMON Event commands Command Description rmon event <1-65535> description <1-127 characters> Enter a text string to describe the event. The description can have a maximum of 127 characters. Command mode: Global configuration rmon event <1-65535> type Selects the type of notification provided for this event.
Configuration Commands RMON alarm configuration The Alarm RMON group can track rising or falling values for a MIB object. The MIB object must be a counter, gauge, integer, or time interval. Each alarm index must correspond to an event index that triggers once the alarm threshold is crossed. The following table describes the RMON Alarm commands. Table 169 RMON Alarm commands Command Description rmon alarm <1-65535> alarm oid <1-127 characters> Configures an alarm MIB Object Identifier.
Configuration Commands Table 169 RMON Alarm commands Command Description rmon alarm <1-65535> owner <1-127 characters> Enter a text string that identifies the person or entity that uses this alarm index. The owner can have a maximum of 127 characters. Command mode: Global configuration no rmon alarm <1-65535> Deletes this alarm index. show rmon alarm Displays the current RMON Alarm parameters.
Configuration Commands Port-based port mirroring The following table describes the port-based Port Mirroring Configuration commands. Table 171 Port Mirroring Configuration commands Command Description port-mirroring monitor-port mirroring-port {in|out|both} Adds the port to be mirrored. This command also allows you to enter the direction of the traffic.
Configuration Commands Failure Detection Pair configuration Use these commands to configure a Failure Detection Pair, which consists of one Link to Monitor (LtM) and one Link to Disable (LtD). When the switch detects a failure on the LtM, it automatically disables the ports in the LtD. The following table describes the Failure Detection Pair (FDP) configuration commands. Table 173 Failure Detection Pair Configuration commands Command Description ufd fdp enable Enables the FDP Parameters.
Configuration Commands Link to Disable configuration The following table describes the Link to Disable (LtD) commands. The LtD can consist of any mix of downlink ports (ports 1-16) and trunk groups that contain only downlink ports. Table 175 Link to Disable commands Command Description ufd fdp ltd port Adds a port to the current LtD group. Only downlink ports (1-16) are allowed in the LtD.
Configuration Commands Saving the active switch configuration When the copy running-global configuration {tftp|ftp} command is used, the active configuration commands of the switch will be uploaded to the specified script configuration file on the FTP/TFTP server. To start the switch configuration upload, at the prompt, enter: Switch(config)# copy running-config startup-config NOTE: The output file is formatted with line-breaks but no carriage returns.
Operations Commands Operations Commands Introduction Operations-level commands are used for making immediate and temporary changes to switch configuration. Operations commands are used for bringing ports temporarily in and out of service. These commands are available only from an administrator and operator login. The following table describes basic Operations commands. The following sections provide more detailed information and commands.
Operations Commands Operations-level port 802.1x options Operations-level port 802.1x options are used to temporarily set 802.1x parameters for a port. Table 178 Operations-Level Port 802.1x commands Command Description interface port dot1x init Re-initializes the 802.1x access-control parameters for the port. The following actions take place, depending on the 802.1x port configuration: • force unauth—the port is placed in unauthorized state, and traffic is blocked.
Boot Options Boot Options Introduction You must be logged in to the switch as the administrator to use the Boot Options commands. The Boot Options allow you to perform the following functions: • • • Select a switch software image to be used when the switch is next reloaded. Select a configuration block to be used when the switch is next reloaded. Download or upload a new software image to the switch via FTP/TFTP. Each of the Boot Options commands is discussed in the following sections.
Boot Options When the above requirements are met, use the following procedure to download the new software to the HP 10GbE switch . 1. In Privileged EXEC mode, enter: Switch# copy tftp {} -orSwitch# copy ftp {} 2. Enter the port type to use for the file transfer: Port type: ["data-port"/"mgt-port"]: 3. Enter the hostname or IP address of the FTP/TFTP server: Address or name of remote host: 4.
Boot Options Selecting a software image to run You can select which software image (image1 or image2) you want to run in switch memory for the next reboot. 1. In Global Configuration mode, enter: Router(config)# boot image {image1|image2} 2. Enter the name of the image you want the switch to use upon the next boot. The system informs you of which image is currently set to be loaded at the next reset, and prompts you to enter a new choice: Currently set to use switch software "image1" on next reset.
Boot Options Selecting a configuration block When you make configuration changes to the switch, you must save the changes so that they are retained beyond the next time the switch is reset. When you execute a save operation (copy running-config startup-config), your new configuration changes are placed in the active configuration block. The previous configuration is copied into the backup configuration block. There is also a factory configuration block.
Maintenance Commands Maintenance Commands Introduction The Maintenance commands are used for debugging purposes, enabling you to generate a technical support dump of the critical state information in the switch, and to clear entries in the Forwarding Database and the Address Resolution Protocol (ARP) and routing tables. These commands are available only from an administrator login.
Maintenance Commands Forwarding Database maintenance The Forwarding Database (FDB) Manipulation commands can be used to view information and to delete a MAC address from the Forwarding Database or clear the entire Forwarding Database. This is helpful in identifying problems associated with MAC address learning and packet forwarding decisions. The following table describes the FDB Manipulation commands.
Maintenance Commands Table 182 Miscellaneous Debug commands Command Usage debug mp-snap Displays the management processor snap (or post-mortem) trace buffer. This buffer contains information traced at the time that a reset occurred. Command mode: All except User EXEC clear flash-config Deletes all flash configuration blocks. The next time the switch is rebooted, it returns to the factory default settings.
Maintenance Commands Table 184 IGMP Snooping Maintenance commands Command Usage show ip igmp groups interface Shows IGMP Multicast groups on a single port. Command mode: All except User EXEC show ip igmp groups Shows all IGMP Multicast groups. Command mode: All except User EXEC clear ip igmp snoop Clears IGMP Multicast data from switch memory. Command mode: All except User EXEC IGMP Mrouter maintenance The following table describes the IGMP Multicast Routers Maintenance commands.
Maintenance Commands To access dump information, at the prompt, enter: Switch# show flash-dump-uuencode The dump information is displayed on your screen and, if you have configured your communication software to do so, captured to a file. If the dump region is empty, the following displays: No FLASH dump available. FTP/TFTP system dump put Use this command to put (save) the system dump to a FTP/TFTP server.
Maintenance Commands Panic command The panic command causes the switch to dump state information immediately to flash memory and reboot. To select panic, at the prompt, enter: >> Switch# debug panic A FLASH dump already exists. Confirm replacing existing dump and reboot [y/n]: Enter y to confirm the command: Confirm dump and reboot [y/n]: y A list of messages is displayed: Starting system dump...done. Reboot at 11:54:08 Wednesday March 14, 2007... . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Index Index 8 802.1x information, 35 802.
Index O online help, 17 operating mode, configuration, 124 Operations-level port options, 186, 187 ospf: interface, 151; Not-So-Stubby Area, 152; stub area, 152; transit area, 152 P panic: command, 197; switch, 192 ping command, 17 port configuration, 123 port mirroring, configuration, 181 port number, 63 port speed, 19, 63 port trunking configuration, 138 ports: disable (temporarily), 124; information, 64; membership of the VLAN, 44; priority, 38, 40, 42; STP port priority, 136 preemption: assuming VRRP m
