System information

ManualsBrandsProCurve ManualsNetworking2610-PWR

Advanced Traffic

Management Guide

2610

2610-PWR

ProCurve Switches

R.11.XX

www.procurve.com

Summary of content (364 pages)

PAGE 1
Advanced Traffic Management Guide 2610 2610-PWR ProCurve Switches R.11.XX www.procurve.
PAGE 2
PAGE 3
ProCurve Switch 2610 Series Switch 2610-PWR Series December 2007 Advanced Traffic Management Guide
PAGE 5
Contents Product Documentation Software Feature Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiv 1 Getting Started Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 6
Multiple VLAN Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Single-Forwarding Database Operation . . . . . . . . . . . . . . . . . . . . Example of an Unsupported Configuration and How to Correct It . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Multiple-Forwarding Database Operation . . . . . . . . . . . . . . . . . . 2-10 2-12 Menu: Configuring VLAN Parameters . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 7
Per-Port Options for Dynamic VLAN Advertising and Joining . . . . . . 3-8 GVRP and VLAN Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-10 Port-Leave From a Dynamic VLAN . . . . . . . . . . . . . . . . . . . . . . . . 3-10 Planning for GVRP Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-11 Configuring GVRP On a Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Menu: Viewing and Configuring GVRP . . . . . . . . . . . . . . . . . . .
PAGE 8
Using the Switch as Querier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-22 Querier Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-22 Excluding Multicast Addresses from IP Multicast Filtering . . . . . . . . . . . 4-23 5 Spanning-Tree Operation Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 9
How MSTP Operates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . MST Regions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Regions, Legacy STP and RSTP Switches, and the Common Spanning Tree (CST) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . MSTP Operation with 802.1Q VLANs . . . . . . . . . . . . . . . . . . . . . . 5-49 5-49 5-51 5-51 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 10
Planning a QoS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Prioritizing and Monitoring QoS Configuration Options . . . . . . Policy Enforcement Engine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . QoS Resource Usage and Monitoring . . . . . . . . . . . . . . . . . . . . . . Planning and Monitoring Rule Usage . . . . . . . . . . . . . . . . . . . . . . Managing QoS Resource Consumption . . . . . . . . . . . . . . . . . . . . .
PAGE 11
QoS Messages in the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-65 QoS Operating Notes and Restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-66 7 IP Routing Features Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1 Overview of IP Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3 IP Interfaces . . . . . . . . . . . . . . . . .
PAGE 12
Displaying IRDP Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-25 Configuring DHCP Relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-26 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-26 DHCP Packet Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-26 Unicast Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 13
Operating Rules for Stacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7 General Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7 Specific Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-8 Configuring Stack Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-10 Overview of Configuring and Bringing Up a Stack . . . . . . . . . . . . . . .
PAGE 14
xii
PAGE 15
Product Documentation Note For the latest version of all ProCurve switch documentation, including release notes covering recently added features, visit the ProCurve Networking website at www.procurve.com. Click on Technical support, and then click on Product manuals. Printed Publications The two publications listed below are printed and shipped with your switch. The latest version of each is also available in PDF format on the ProCurve Web site, as described in the Note at the top of this page.
PAGE 16
Product Documentation Software Feature Index For the software manual set supporting your switch model, the following feature index indicates which manual to consult for information on a given software feature. (Note that some software features are not supported on all switch models.) Feature Management and Configuration Advanced Traffic Management Access Security Guide 802.1Q VLAN Tagging - X - 802.
PAGE 17
Product Documentation Feature Management and Configuration Advanced Traffic Management Access Security Guide File Transfers X - - Friendly Port Names X GVRP - X - IGMP - X - Interface Access (Telnet, Console/Serial, Web) X - - Jumbo Packets X - - IP Addressing X - - IP Routing - X - LACP X - - Link X - - LLDP X - - LLDP-MED X - - MAC Address Management X - - MAC Lockdown - - X MAC Lockout - - X MAC-based Authentication - - X Monitoring and A
PAGE 18
Product Documentation Feature Management and Configuration Advanced Traffic Management Access Security Guide Port-Based Access Control - - X Port-Based Priority (802.
PAGE 19
Product Documentation Feature Management and Configuration Advanced Traffic Management Access Security Guide VLANs - X - Web-based Authentication - - X Xmodem X - - xvii
PAGE 20
Product Documentation xviii
PAGE 21
1 Getting Started Contents Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Feature Descriptions by Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Command Syntax Statements .
PAGE 22
Getting Started Introduction Introduction This Advanced Traffic Management Guide describes how to manage and configure advanced traffic management features on your switch. It supports the following switches: ■ ProCurve Series 2610 ■ ProCurve Series 2610-PWR For an overview of other product documentation for the above switches, refer to “Product Documentation” on page xiii. You can download a copy from the ProCurve website, www.procurve.com.
PAGE 23
Getting Started Conventions ■ Braces within square brackets ( [ < > ] ) indicate a required element within an optional choice. ■ Boldface indicates use of a CLI command, part of a CLI command syntax, or other displayed element in general text. For example: “Use the copy tftp command to download the key from a TFTP server.” ■ Italics indicate variables for which you must supply a value when executing the command.
PAGE 24
Getting Started Sources for More Information Port Identity Examples This guide describes software applicable to both chassis-based and stackable ProCurve switches. Where port identities are needed in an example, this guide uses the chassis-based port identity system, such as “A1”, “B3 - B5”, “C7”, etc. However, unless otherwise noted, such examples apply equally to the stackable switches, which for port identities typically use only numbers, such as “1”, “3-5”, “15”, etc.
PAGE 25
Getting Started Need Only a Quick Start? ■ For information on a specific command in the CLI, type the command name followed by “help”. For example: Figure 1-3. Getting Help in the CLI ■ For information on specific features in the Web browser interface, use the online help. For more information, refer to the Management and Configuration Guide for your switch. ■ For further information on ProCurve Networking switch technology, visit the ProCurve website at: www.procurve.
PAGE 26
Getting Started Need Only a Quick Start? To Set Up and Install the Switch in Your Network I m po r t a n t ! Use the Installation and Getting Started Guide shipped with your switch for the following: ■ Notes, cautions, and warnings related to installing and using the switch and its related modules ■ Instructions for physically installing the switch in your network ■ Quickly assigning an IP address and subnet mask, setting a Manager password, and (optionally) configuring other basic features.
PAGE 27
2 Static Virtual LANs (VLANs) Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3 Port-Based Virtual LANs (Static VLANs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4 Overview of Using VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-7 VLAN Support and the Default VLAN . . . . . . . . . . . . . . . . . . . . . . . 2-7 The Primary VLAN . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 28
Static Virtual LANs (VLANs) Contents Effect of VLANs on Other Switch Features . . . . . . . . . . . . . . . . . . . . . Spanning Tree Operation with VLANs . . . . . . . . . . . . . . . . . . . . . IP Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . VLAN MAC Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Port Trunks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Port Monitoring . . . . .
PAGE 29
Static Virtual LANs (VLANs) Overview Overview This chapter describes how to configure and use static, port-based VLANs on the switches covered by this manual.
PAGE 30
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Port-Based Virtual LANs (Static VLANs) VLAN Features Feature Default Menu CLI Web page 2-15 thru 2-21 page 2-22 page 2-29 default VLAN with page 2-15 VID = 1 thru 2-21 page 2-21 page 2-29 view existing VLANs n/a configuring static VLANs configuring dynamic disabled VLANs See the chapter on GVRP in this manual. A VLAN is a group of ports designated by the switch as belonging to the same broadcast domain.
PAGE 31
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) General Use and Operation. Port-based VLANs are typically used to reduce broadcast traffic and to increase security. A group of network users assigned to a VLAN forms a broadcast domain that is separate from other VLANs that may be configured on a switch. On a given switch, packets are forwarded only between ports that belong to the same VLAN.
PAGE 32
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) ProCurve Switch Figure 2-2. Example of Overlapping VLANs Using the Same Server Similarly, using 802.1Q-compliant switches, you can connect multiple VLANs through a single switch-to-switch link. ProCurve Switch ProCurve Switch Figure 2-3. Example of Connecting Multiple VLANs Through the Same Link Introducing Tagged VLAN Technology into Networks Running Legacy (Untagged) VLANs. You can introduce 802.
PAGE 33
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Switch 2524 ProCurve Switch Switch ProCurve Switch Untagged VLAN Links Non-802.1Qcompliant switch Tagged VLAN Link Figure 2-4.
PAGE 34
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) features and ensure that multiple instances of DHCP or Bootp on different VLANs do not result in conflicting configuration values for the switch. The primary VLAN is the VLAN the switch uses to run and manage these features and data. In the factory-default configuration, the switch designates the default VLAN (DEFAULT_VLAN) as the primary VLAN. However, to provide more control in your network, you can designate another VLAN as primary.
PAGE 35
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Per-Port Static VLAN Configuration Options The following figure and table show the options you have for assigning individual ports to a static VLAN. Note that GVRP, if configured, affects these options and VLAN behavior on the switch. The display below shows the perport VLAN configuration options. Table 2-2 briefly describes these options.
PAGE 36
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) General Steps for Using VLANs 1. Plan your VLAN strategy and create a map of the logical topology that will result from configuring VLANs. Include consideration for the interaction between VLANs and other features such as Spanning Tree Protocol, load balancing, and IGMP. (Refer to “Effect of VLANs on Other Switch Fea tures” on page 2-38.
PAGE 37
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) showing the (different) source VLAN and source port. Other switch models have a single-forwarding database, which means they allow only one data base entry of a unique MAC address, along with the source VLAN and source port on which it is found (see Table 2-6). Not all VLANs on a switch covered by this guide use the same MAC address (see “VLAN MAC Addresses” on page 2-39).
PAGE 38
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Multiple-Forwarding Databases* Single-Forwarding Database* Series 2600/2600-PWR switches Series 2510 switches *To determine whether other vendors’ devices use single-forwarding or multiple-forwarding database architectures, refer to the documentation provided for those devices.
PAGE 39
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Switch 8000M VLAN 2 VLAN 1 PC “A” A1 B1 PC “B” This switch has a single forwarding database. C1 VLAN 1 D1 VLAN 2 Multiple-Forwarding Database Switch Routing Enabled This switch has multiple forwarding databases. (Same MAC address for all VLANs.) Figure 2-8. Example of Invalid Configuration for Single-Forwarding to MultipleForwarding Database Devices in a Multiple VLAN Environment In figure 2-8, PC “A” sends an IP packet to PC “B”.
PAGE 40
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) The Solution. To avoid the preceding problem, use only one cable or port trunk between the single-forwarding and multiple-forwarding database devices, and configure the link with multiple, tagged VLANs. Switch 8000M VLAN 1 PC “A” VLAN 1& 2 VLAN 2 PC “B” A1 VLAN 1 C1 VLAN 1&2 This switch has a single forwarding database. VLAN 2 Multiple-Forwarding Database Switch (Routing Enabled) This switch has multiple forwarding databases.
PAGE 41
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) 2610 Switch VLAN 1 VLAN 1 VLAN 2 VLAN 2 Multiple-Forwarding Database Switch Both switches have multiple forwarding databases. Figure 2-10. Example of a Valid Topology for Devices Having Multiple-Forwarding Databases in a Multiple VLAN Environment Menu: Configuring VLAN Parameters In the factory default state, support is enabled for up to eight VLANs. (You can change the switch VLAN configuration to support additional VLANs.
PAGE 42
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Figure 2-11. The Default VLAN Support Screen Note 2. Press [E] (for Edit), then do one or more of the following: ■ To change the maximum number of VLANs, type the new number. (For the maximum number of VLANs allowed, refer to table 2-1 on page 2-4.) ■ To designate a different VLAN as the primary VLAN, select the Primary VLAN field and use the space bar to select from the existing options.
PAGE 43
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) An asterisk indicates you must reboot the switch to implement the new Maximum VLANs setting. Figure 2-12. VLAN Menu Screen Indicating the Need To Reboot the Switch – – 4. If you changed the VLAN Support option, you must reboot the switch before the Maximum VLANs change can take effect. You can go on to configure other VLAN parameters first, but remem ber to reboot the switch when you are finished.
PAGE 44
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Default VLAN and VLAN ID Figure 2-13. The Default VLAN Names Screen 2. Press [A] (for Add). You will then be prompted for a new VLAN name and VLAN ID: 802.1Q VLAN ID : 1 Name : _ 3. Type in a VID (VLAN ID number). This can be any number from 2 to 4094 that is not already being used by another VLAN. (The switch reserves “1” for the default VLAN.
PAGE 45
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Example of a New VLAN and ID Figure 2-14. Example of VLAN Names Screen with a New VLAN Added 6. Repeat steps 2 through 5 to add more VLANs. Remember that you can add VLANs until you reach the number specified in the Maximum VLANs to support field on the VLAN Support screen (see figure 2-11 on page 2-16). This includes any VLANs added dynamically due to GVRP operation. 7.
PAGE 46
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Default: In this example, the “VLAN-22” has been defined, but no ports have yet been assigned to it. (“No” means the port is not assigned to that VLAN.) Using GVRP? If you plan on using GVRP, any ports you don’t want to join should be changed to “Forbid”. A port can be assigned to several VLANs, but only one of those assignments can be “Untagged”. Figure 2-15. Example of VLAN Port Assignment Screen 2.
PAGE 47
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Ports A4 and A5 are assigned to both VLANs. Ports A6 and A7 are assigned only to VLAN-22. All other ports are assigned only to the Default VLAN. Figure 2-16. Example of VLAN Assignments for Specific Ports For information on VLAN tags (“Untagged” and “Tagged”), refer to “802.1Q VLAN Tagging” on page 2-30. d. 3.
PAGE 48
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) VLAN Commands Used in this Section show vlans below show vlan page 2-23 max-vlans page 2-26 primary-vlan page 2-26 [no] vlan page 2-26 name page 2-28 [no] tagged page 2-28 [no] untagged page 2-28 [no] forbid page 2-28 auto page 2-28 (Available if GVRP enabled.) static-vlan page 2-27 (Available if GVRP enabled.
PAGE 49
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Displaying the Configuration for a Particular VLAN This command uses the VID to identify and display the data for a specific static or dynamic VLAN. Syntax: show vlan Figure 2-18. Example of “Show VLAN” for a Specific Static VLAN Show VLAN lists this data when GVRP is enabled and at least one port on the switch has dynamically joined the designated VLAN. Figure 2-19.
PAGE 50
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Showing Port Details for VLANs The show vlan ports detail option allows you to display VLAN memberships on a per-port basis when a range of ports is specified in the command. In addition, user-specified port names will be displayed (if assigned), along with tagged or untagged membership modes.
PAGE 51
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) The follow examples illustrate the displayed output depending on whether the detail option is used. ProCurve(config)# show vlan ports a1-a33 Status and Counters - VLAN Information - for ports A1-A33 VLAN ID ------1 10 20 33 Name ----------------DEFAULT_VLAN VLAN_10 VLAN_20 GVRP_33 | + | | | | Status ---------Port-based Port-based Protocol Dynamic Voice ----No Yes No No Jumbo ---No No No No ProCurve# Figure 2-20.
PAGE 52
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Changing the Number of VLANs Allowed on the Switch By default, the switch allows a maximum of 8 VLANs. You can specify any value from 1 to the upper limit for the switch. (Refer to table 2-1 on page 2-4.) If GVRP is enabled, this setting includes any dynamic VLANs on the switch. As part of implementing a new value, you must execute a write memory command (to save the new value to the startup-config file) and then reboot the switch.
PAGE 53
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Syntax: vlan [name ] Creates a new static VLAN if a VLAN with that VID does not already exist, and places you in that VLAN’s context level. If you do not use the name option, the switch uses “VLAN” and the new VID to automatically name the VLAN. If the VLAN already exists, the switch places you in the context level for that VLAN. vlan Places you in the context level for that static VLAN.
PAGE 54
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) For example, suppose a dynamic VLAN with a VID of 125 exists on the switch. The following command converts the VLAN to a static VLAN. ProCurve(config)# static-vlan 125 Configuring Static VLAN Name and Per-Port Settings The vlan command, used with the options listed below, changes the name of an existing static VLAN and changes the per-port VLAN membership settings.
PAGE 55
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) ProCurve(config)# vlan 100 name Blue_Team ProCurve(config)# vlan 100 tagged 1-5 To move to the vlan 100 context level and execute the same commands: ProCurve(config)# vlan 100 ProCurve(vlan-100)# name Blue_Team ProCurve(vlan-100)# tagged 1-5 Similarly, to change the tagged ports in the above examples to No (or Auto, if GVRP is enabled), you could use either of the following commands.
PAGE 56
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) 802.1Q VLAN Tagging VLAN tagging enables traffic from more than one VLAN to use the same port. (Even when two or more VLANs use the same port they remain as separate domains and cannot receive traffic from each other without going through an external router.) As mentioned earlier, a “tag” is simply a unique VLAN identification number (VLAN ID, or VID) assigned to a VLAN at the time that you configure the VLAN name in the switch.
PAGE 57
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) ■ ■ ■ Note In switch X: • VLANs assigned to ports X1 - X6 can all be untagged because there is only one VLAN assignment per port. Red VLAN traffic will go out only the Red ports; Green VLAN traffic will go out only the Green ports, and so on. Devices connected to these ports do not have to be 802.1Q compliant.
PAGE 58
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) VLAN tagging gives you several options: ■ Since the purpose of VLAN tagging is to allow multiple VLANs on the same port, any port that has only one VLAN assigned to it can be configured as “Untagged” (the default). ■ Any port that has two or more VLANs assigned to it can have one VLAN assignment for that port as “Untagged”. All other VLANs assigned to the same port must be configured as “Tagged”.
PAGE 59
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) The VLANs assigned to ports X3, X4, Y2, Y3, and Y4 can all be untagged because there is only one VLAN assigned per port. Port X1 has multiple VLANs assigned, which means that one VLAN assigned to this port can be untagged and any others must be tagged. The same applies to ports X2, Y1, and Y5.
PAGE 60
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) The Secure Management VLAN Configures a secure Management VLAN by creating an isolated network for managing the following ProCurve switches that support this feature: • Series 2600 switches • Series 4100gl switches • Series 2600-PWR switches • Series 4200vl switches • Series 2610 switches • Series 5300xl switches • Series 2610-PWR switches • Series 5400zl switches • Series 2800 switches • Series 8200zl switches • Series
PAGE 61
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) • Switches “A”, “B”, and “C” are connected by ports belonging to the management VLAN. • Hub “X” is connected to a switch port that belongs to the management VLAN. As a result, the devices connected to Hub X are included in the management VLAN. • Other devices connected to the switches through ports that are not in the management VLAN are excluded from management traffic.
PAGE 62
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Figure 2-28. Example of Management VLAN Control in a LAN Table 2-3. VLAN Membership in Figure 2-28 Switch A1 A3 A6 A7 B2 B4 B5 B9 C2 C3 C6 C8 Management VLAN (VID = 7) Y N N Y Y Y N N Y N N N Marketing VLAN (VID = 12) N N N N N N N N N Y Y Y Shipping Dept. VLAN (VID = 20) N Y Y N N N N N N N N N DEFAULT-VLAN (VID = 1) Y Y Y Y Y Y Y Y Y Y Y Y Preparation 1.
PAGE 63
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Configuration Syntax: [ no ] management-vlan < vlan-id | vlan-name > Default: Disabled To confirm the Management VLAN configuration, use the show running-config command. For example, suppose you have already configured a VLAN named My_VLAN with a VID of 100. Now you want to configure the switch to do the following: ■ Use My_VLAN as a Management VLAN (tagged, in this case) to connect port A1 on switch “A” to a management station.
PAGE 64
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Note ■ During a Telnet session to the switch, if you configure the ManagementVLAN to a VID that excludes the port through which you are connected to the switch, you will continue to have access only until you terminate the session by logging out or rebooting the switch.
PAGE 65
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) links are in separate VLANs. However, you can use port trunking to prevent Spanning Tree from unnecessarily blocking ports (and to improve overall network performance). Refer to “RSTP and STP Operation with 802.1Q VLANs” on page 5-9. Note that Spanning Tree operates differently in different devices. For exam ple, in the (obsolete, non-802.
PAGE 66
Static Virtual LANs (VLANs) Port-Based Virtual LANs (Static VLANs) Port Trunks When assigning a port trunk to a VLAN, all ports in the trunk are automatically assigned to the same VLAN. You cannot split trunk members across multiple VLANs. Also, a port trunk is tagged, untagged, or excluded from a VLAN in the same way as for individual, untrunked ports.
PAGE 67
3 GVRP Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3 General Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4 Per-Port Options for Handling GVRP “Unknown VLANs” . . . . . . . . . . 3-6 Per-Port Options for Dynamic VLAN Advertising and Joining . . . . . .
PAGE 68
GVRP Overview Overview This chapter describes GVRP and how to configure it with the switch’s builtin interfaces, and assumes an understanding of VLANs, which are described in Chapter 2, “Static Virtual LANs (VLANs)”.
PAGE 69
GVRP Introduction Introduction Feature Default Menu CLI Web view GVRP configuration n/a page 3-12 page 3-13 page 3-16 list static and dynamic VLANs on a GVRP-enabled switch n/a — page 3-15 page 3-16 enable or disable GVRP disabled page 3-12 page 3-14 page 3-16 enable or disable GVRP on individual ports enabled page 3-12 page 3-14 — control how individual ports will handle advertisements for new VLANs Learn page 3-12 page 3-14 page 3-16 convert a dynamic VLAN to a static VLAN
PAGE 70
GVRP Introduction General Operation When GVRP is enabled on a switch, the VID for any static VLANs configured on the switch is advertised (using BPDUs—Bridge Protocol Data Units) out all ports, regardless of whether a port is up or assigned to any particular VLAN. A GVRP-aware port on another device that receives the advertisements over a link can dynamically join the advertised VLAN. A dynamic VLAN (that is, a VLAN learned through GVRP) is tagged on the port on which it was learned.
PAGE 71
GVRP Introduction Note that if a static VLAN is configured on at least one port of a switch, and that port has established a link with another device, then all other ports of that switch will send advertisements for that VLAN. For example, in the following figure, Tagged VLAN ports on switch “A” and switch “C” advertise VLANs 22 and 33 to ports on other GVRP-enabled switches that can dynamically join the VLANs.
PAGE 72
GVRP Introduction ■ If the switch already has a static VLAN assignment with the same VID as in the advertisement, and the port is configured to Auto for that VLAN, then the port will dynamically join the VLAN and begin moving that VLAN’s traffic. (For more detail on Auto, see “Per-Port Options for Dynamic VLAN Advertising and Joining” on page 3-8.) ■ Ignore the advertisement for that VID. ■ Don’t participate in that VLAN.
PAGE 73
GVRP Introduction Table 3-1. Options for Handling “Unknown VLAN” Advertisements: Unknown VLAN Operation Mode Learn (the Default) Enables the port to become a member of any unknown VLAN for which it receives an advertisement. Allows the port to advertise other VLANs that have at least one other port on the same switch as a member. Block Prevents the port from joining any new dynamic VLANs for which it receives an advertisement.
PAGE 74
GVRP Introduction Per-Port Options for Dynamic VLAN Advertising and Joining Initiating Advertisements. As described in the preceding section, to enable dynamic joins, GVRP must be enabled and a port must be configured to Learn (the default). However, to send advertisements in your network, one or more static (Tagged, Untagged, or Auto) VLANs must be configured on one or more switches (with GVRP enabled), depending on your topology. Enabling a Port for Dynamic Joins.
PAGE 75
GVRP Introduction Table 3-2. Controlling VLAN Behavior on Ports with Static VLANs Per-Port Static VLAN Options—Per VLAN Specified on Each Port 1 “Unknown VLAN” Port Activity: Port Activity: Port Activity: Forbid (Per VLAN)2 2 2 (GVRP) Auto (Per VLAN) Tagged or Untagged (Per VLAN) Configuration Learn (the Default) The port: • Belongs to specified VLAN. • Advertises specified VLAN. • Can become a member of dynamic VLANs for which it receives advertisements.
PAGE 76
GVRP Introduction As the preceding table indicates, when you enable GVRP, a port that has a Tagged or Untagged static VLAN has the option for both generating advertise ments and dynamically joining other VLANs. Note In table 3-2, above, the Unknown VLAN parameters are configured on a perport basis using the CLI. The Tagged, Untagged, Auto, and Forbid options are configured per static VLAN on every port, using either the menu interface or the CLI.
PAGE 77
GVRP Introduction Planning for GVRP Operation These steps outline the procedure for setting up dynamic VLANs for a seg ment. 1. Determine the VLAN topology you want for each segment (broadcast domain) on your network. 2. Determine the VLANs that must be static and the VLANs that can be dynamically propagated. 3. Determine the device or devices on which you must manually create static VLANs in order to propagate VLANs throughout the segment. 4.
PAGE 78
GVRP Introduction Menu: Viewing and Configuring GVRP 1. From the Main Menu, select: 2. Switch Configuration . . . 8. VLAN Menu . . . 1. VLAN Support Figure 3-4. The VLAN Support Screen (Default Configuration) 2. Do the following to enable GVRP and display the Unknown VLAN fields: a. Press [E] (for Edit). b. Use [v] to move the cursor to the GVRP Enabled field. c. Press the Space bar to select Yes. d. Press [v] again to display the Unknown VLAN fields.
PAGE 79
GVRP Introduction 3. Use the arrow keys to select the port you want, and the Space bar to select Unknown VLAN option for any ports you want to change. 4. When you finish making configuration changes, press [Enter], then [S] (for Save) to save your changes to the Startup-Config file. CLI: Viewing and Configuring GVRP GVRP Commands Used in This Section show gvrp below gvrp page 3-14 unknown-vlans page 3-14 Displaying the Switch’s Current GVRP Configuration.
PAGE 80
GVRP Introduction This example includes non-default settings for the Unknown VLAN field for some ports. Figure 3-7. Example of Show GVRP Listing with GVRP Enabled Enabling and Disabling GVRP on the Switch. This command enables GVRP on the switch. Syntax: gvrp This example enables GVRP: ProCurve(config)# gvrp This example disables GVRP operation on the switch: ProCurve(config)# no gvrp Enabling and Disabling GVRP On Individual Ports.
PAGE 81
GVRP Introduction Figure 3-8. Example of Preventing Specific Ports from Joining Dynamic VLANs Displaying the Static and Dynamic VLANs Active on the Switch. The show vlans command lists all VLANs present in the switch. Syntax: show vlans For example, in the following illustration, switch “B” has one static VLAN (the default VLAN), with GVRP enabled and port 1 configured to Learn for Unknown VLANs. Switch “A” has GVRP enabled and has three static VLANs: the default VLAN, VLAN-222, and VLAN-333.
PAGE 82
GVRP Introduction Dynamic VLANs Learned from Switch “A” through Port 1 Figure 3-10. Example of Listing Showing Dynamic VLANs Converting a Dynamic VLAN to a Static VLAN.
PAGE 83
GVRP Introduction GVRP Operating Notes ■ A dynamic VLAN must be converted to a static VLAN before it can have an IP address. ■ The total number of VLANs on the switch (static and dynamic combined) cannot exceed the current Maximum VLANs setting. For example, in the factory default state, the switch supports eight VLANs. Thus, in a case where four static VLANs are configured on the switch, the switch can accept up to four additional VLANs in any combination of static and dynamic.
PAGE 84
GVRP Introduction 3-18
PAGE 85
4 Multimedia Traffic Control with IP Multicast (IGMP) Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2 General Operation and Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3 IGMP Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3 IGMP Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 86
Multimedia Traffic Control with IP Multicast (IGMP) Overview Overview This chapter describes Multimedia Traffic Control with IP Multicast (IGMP), and explains how to configure IGMP controls to reduce unnecessary bandwidth usage on a per-port basis. For the latest information on IGMP, see the software release notes posted on the ProCurve Networking support web site at www.procurve.com.
PAGE 87
Multimedia Traffic Control with IP Multicast (IGMP) General Operation and Features General Operation and Features IGMP Features Feature Default Menu CLI Web view igmp configuration n/a — page 4-6 — show igmp status for multicast groups used by the selected VLAN n/a — Yes — enabling or disabling IGMP (Requires VLAN ID Context) disabled — page 4-8 page 4-11 per-port packet control auto — page 4-9 — IGMP traffic priority normal — page 4-10 — querier enabled — page 4-10 — fas
PAGE 88
Multimedia Traffic Control with IP Multicast (IGMP) General Operation and Features Enabling IGMP allows detection of IGMP queries and report packets in order to manage IP multicast traffic through the switch. If no other querier is detected, the switch will then also function as the querier. (If you need to disable the querier feature, you can do so through the IGMP configuration MIB. Refer to “Changing the Querier Configuration Setting” on page 4-10.
PAGE 89
Multimedia Traffic Control with IP Multicast (IGMP) General Operation and Features IGMP Operating Features Basic Operation In the factory default configuration, IGMP is disabled. If multiple VLANs are not configured, you must configure IGMP on the default VLAN (DEFAULT_VLAN; VID = 1). If multiple VLANs are configured, you must configure IGMP on a per-VLAN basis for every VLAN where this feature is desired. The switches covered in this guide support up to 255 IGMP filters (addresses).
PAGE 90
Multimedia Traffic Control with IP Multicast (IGMP) CLI: Configuring and Displaying IGMP Notes Whenever IGMP is enabled, the switch generates an Event Log message indicating whether querier functionality is enabled. IP multicast traffic groups are identified by IP addresses in the range of 224.0.0.0 to 239.255.255.255. Also, incoming IGMP packets intended for reserved, or “well-known” multicast addresses automatically flood through all ports (except the port on which the packets entered the switch).
PAGE 91
Multimedia Traffic Control with IP Multicast (IGMP) CLI: Configuring and Displaying IGMP Viewing the Current IGMP Configuration. This command lists the IGMP configuration for all VLANs configured on the switch or for a specific VLAN. Syntax: show ip igmp config IGMP configuration for all VLANs on the switch. show ip igmp < vid > config IGMP configuration for a specific VLAN on the switch, including per-port data.
PAGE 92
Multimedia Traffic Control with IP Multicast (IGMP) CLI: Configuring and Displaying IGMP IGMP Configuration for the Selected VLAN IGMP Configuration On the Individual Ports in the VLAN Figure 4-2. Example Listing of IGMP Configuration for A Specific VLAN Enabling or Disabling IGMP on a VLAN. You can enable IGMP on a VLAN, along with the last-saved or default IGMP configuration (whichever was most recently set), or you can disable IGMP on a selected VLAN.
PAGE 93
Multimedia Traffic Control with IP Multicast (IGMP) CLI: Configuring and Displaying IGMP You can also combine the ip igmp command with other IGMP-related commands, as described in the following sections. Configuring Per-Port IGMP Packet Control. Use this command in the VLAN context to specify how each port should handle IGMP traffic. Syntax: vlan < vid > ip igmp Enables IGMP on the specified VLAN. In a VLAN context, use only ip igmp without the VLAN specifier.
PAGE 94
Multimedia Traffic Control with IP Multicast (IGMP) CLI: Configuring and Displaying IGMP Configuring IGMP Traffic Priority. This command allows you to prioritize IGMP traffic as either “high” or “normal” (the default). Syntax: [no] vlan < vid > ip igmp high-priority-forward Assigns “high” priority to IGMP traffic. The “no” form returns a high-priority setting to (the default) “normal” priority. (The switch services the traffic at its inbound priority.
PAGE 95
Multimedia Traffic Control with IP Multicast (IGMP) Web: Enabling or Disabling IGMP Web: Enabling or Disabling IGMP In the web browser interface you can enable or disable IGMP on a per-VLAN basis. To configure other IGMP features, telnet to the switch console and use the CLI. To Enable or Disable IGMP 1. Click on the Configuration tab. 2. Click on the Device Features button. 3.
PAGE 96
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates assume this function in order to elicit group membership information from the hosts on the network. (If you need to disable the querier feature, you can do so through the CLI, using the IGMP configuration MIB. See “Configuring the Querier Function” on page 4-10.) ■ Report (Join): A message sent by a host to the querier to indicate that the host wants to be or is a member of a given group indicated in the report message.
PAGE 97
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates Supported Standards and RFCs ProCurve’s implementation of IGMP supports the following standards and operating capabilities: • RFC2236 (IGMP V.2, with backwards support for IGMP V.1) • IETF draft for IGMP and MLD snooping switches (for IGMP V1, V2 V3) • Full IGMPv2 support as well as full support for IGMPv1 Joins. • Ability to operate in IGMPv2 Querier mode on VLANs with an IP address.
PAGE 98
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates Table 4-1.Comparison of IGMP Operation With and Without IP Addressing IGMP Function Available With IP Addressing Available Operating Differences Configured on the VLAN Without IP Without an IP Address Addressing? Forward multicast group traffic to any port on Yes the VLAN that has received a join request for that multicast group. None Forward join requests (reports) to the Querier.
PAGE 99
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates 4-2.
PAGE 100
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates Querier's processing of that Leave. For more on this topic, refer to “Forced Fast-Leave IGMP” on page 4-17. ProCurve recommends that the following settings be used. ■ Use Delayed Group Flush on the Series 2610 switches whenever Fast Leave or Forced Fast Leave are set on a port (see page 4-17). ■ Forced fast leave can be used when there are multiple devices attached to a port. Automatic Fast-Leave Operation. If a switch port is: a.
PAGE 101
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates does not wait for the actual Querier to verify that there are no other group members on port A3. If the switch itself is the Querier, it does not query port A3 for the presence of other group members. Note that Fast-Leave operation does not distinguish between end nodes on the same port that belong to different VLANs.
PAGE 102
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates “X” member on that port. If the port does not receive a join request for that group within the forced-leave interval, the switch then blocks any further group “X” traffic to the port. Setting Fast-Leave and Forced Fast-Leave from the CLI In previous software versions, Fast-Leave and Forced Fast-Leave options for a port were set exclusively through the MIB.
PAGE 103
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates Note on VLAN Numbers In the ProCurve switches covered in this guide, the walkmib and setmib commands use an internal VLAN number (and not the VLAN ID, or VID) to display or change many per-vlan features, such as the Forced Fast-Leave state.
PAGE 104
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates To List the Forced Fast-Leave State for a Single Port. (See the “Note on VLAN Numbers” on page 4-19.) Go to the switch’s command prompt and use the getmib command, as shown below. Syntax: getmib hpSwitchIgmpPortForcedLeaveState.<.port number> - OR getmib 1.3.6.1.4.1.11.2.14.11.5.1.7.1.15.3.1.5.<.
PAGE 105
Multimedia Traffic Control with IP Multicast (IGMP) How IGMP Operates Syntax: setmib hpSwitchIgmpPortForcedLeaveState.< vlan number >< .port number > -i < 1 | 2 > - OR setmib 1.3.6.1.4.1.11.2.14.11.5.1.7.1.15.3.1.5.< vlan number >< .port number > -i <1|2> where: 1 = Forced Fast-Leave enabled 2 = Forced Fast-Leave disabled For example, suppose that your switch has a six-port gigabit module in slot A, and port C1 is a member of the default VLAN.
PAGE 106
Multimedia Traffic Control with IP Multicast (IGMP) Using the Switch as Querier Using the Switch as Querier Querier Operation The function of the IGMP Querier is to poll other IGMP-enabled devices in an IGMP-enabled VLAN to elicit group membership information. The switch performs this function if there is no other device in the VLAN, such as a multicast router, to act as Querier.
PAGE 107
Multimedia Traffic Control with IP Multicast (IGMP) Excluding Multicast Addresses from IP Multicast Filtering Excluding Multicast Addresses from IP Multicast Filtering Each multicast host group is identified by a single IP address in the range of 224.0.0.0 through 239.255.255.255. Specific groups of consecutive addresses in this range are termed “well-known” addresses and are reserved for predefined host groups.
PAGE 108
Multimedia Traffic Control with IP Multicast (IGMP) Excluding Multicast Addresses from IP Multicast Filtering 4-24
PAGE 109
5 Spanning-Tree Operation Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3 The RSTP (802.1w) and STP (802.1D) Spanning Tree Options . . . . . . . . . 5-7 RSTP (802.1w) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7 STP (802.1D) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-8 How STP and RSTP Operate . . . . . . . . . . . . . . . .
PAGE 110
Spanning-Tree Operation Contents How MSTP Operates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-49 MST Regions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-49 Regions, Legacy STP and RSTP Switches, and the Common Spanning Tree (CST) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-51 MSTP Operation with 802.1Q VLANs . . . . . . . . . . . . . . . . . . . . . . 5-51 Terminology . . . . .
PAGE 111
Spanning-Tree Operation Overview Overview This chapter describes the operation of the Spanning Tree Protocol (STP) and how to configure it with the switches’ built-in interfaces. Table 5-1. STP Support Spanning Tree Protocol 2610 2610-PWR 802.1D Yes Yes 802.1w Yes Yes 802.1s Yes Yes Table 5-2. 802.1D STP Features 802.
PAGE 112
Spanning-Tree Operation Overview 802.1w Spanning Tree Protocol Default Reconfiguring WholeSwitch Values Protocol Version: RSTP Force Version: RSTP-operation Switch Priority: 8 Hello Time: 2 s Max Age: 20 s Forward Delay: 15 s page 5-20 page 5-16 — Reconfiguring Per-Port Values Path Cost: Depends on port type Priority: 8 Edge Port: Yes Point-to-point: Force-true MCheck: Yes page 5-20 page 5-18 — Table 5-4. 5-4 Menu CLI Web 802.1s Features 802.
PAGE 113
Spanning-Tree Operation Overview Without spanning tree, having more than one active path between a pair of nodes causes loops in the network, which can result in duplication of mes sages, leading to a “broadcast storm” that can bring down the network. Single-Instance spanning tree operation (802.1D STP and 802.1w RSTP) ensures that only one active path at a time exists between any two nodes in a physical network.
PAGE 114
Spanning-Tree Operation Overview The logical and physical topologies resulting from these VLAN/Instance groupings result in blocking on different links for different VLANs: Region “A”: Logical Topology Path blocked for VLANs in instance 2.
PAGE 115
Spanning-Tree Operation The RSTP (802.1w) and STP (802.1D) Spanning Tree Options Note for 802.1D and 802.1w Spanning-Tree Operation You should enable spanning tree operation in any switch that is part of a redundant physical link (loop topology). (ProCurve recommends that you do so on all switches belonging to a loop topology.) This topic is covered in more detail under “How STP and RSTP Operate” on page 5-9. As recommended in the IEEE 802.
PAGE 116
Spanning-Tree Operation The RSTP (802.1w) and STP (802.1D) Spanning Tree Options RSTP (802.1w) The IEEE 802.1D version of spanning tree (STP) can take a fairly long time to resolve all the possible paths and to select the most efficient path through the network. The IEEE 802.1w Rapid Reconfiguration Spanning Tree (RSTP) significantly reduces the amount of time it takes to establish the network path. The result is reduced network downtime and improved network robustness.
PAGE 117
Spanning-Tree Operation The RSTP (802.1w) and STP (802.1D) Spanning Tree Options How STP and RSTP Operate The switch automatically senses port identity and type, and automatically defines spanning-tree parameters for each type, as well as parameters that apply across the switch. You can use the default values for these parameters, or adjust them as needed.
PAGE 118
Spanning-Tree Operation The RSTP (802.1w) and STP (802.1D) Spanning Tree Options dant links by using a port trunk. The following example shows how you can use a port trunk with 802.1Q (tagged) VLANs and spanning tree without unnecessarily blocking any links or losing any bandwidth. Problem: Solution: STP enabled with 2 separate (non-trunked) links blocks a VLAN link. STP enabled with one trunked link. Nodes 1 and 2 cannot communicate because STP is blocking the link.
PAGE 119
Spanning-Tree Operation Configuring Rapid Reconfiguration Spanning Tree (RSTP) Configuring Rapid Reconfiguration Spanning Tree (RSTP) This section describes the operation of the IEEE 802.1w Rapid Spanning Tree Protocol (RSTP).
PAGE 120
Spanning-Tree Operation Configuring Rapid Reconfiguration Spanning Tree (RSTP) Transitioning from STP to RSTP IEEE 802.1w RSTP is designed to be compatible with IEEE 802.1D STP. Even if all the other devices in your network are using STP, you can enable RSTP on your switch, and even using the default configuration values, your switch will interoperate effectively with the STP devices.
PAGE 121
Spanning-Tree Operation Configuring Rapid Reconfiguration Spanning Tree (RSTP) Configuring RSTP The default switch configuration has spanning tree disabled with RSTP as the selected protocol. That is, when spanning tree is enabled, RSTP is the version of spanning tree that is enabled, by default.
PAGE 122
Spanning-Tree Operation Configuring Rapid Reconfiguration Spanning Tree (RSTP) CLI: Configuring RSTP Spanning Tree Commands in This Section STP RSTP Page for RSTP Use show spanning-tree config Y Y Below on this page spanning-tree Y Y page 5-15 protocol-version Y Y page 5-16 force-version N Y page 5-16 forward-delay <4 - 30> Y Y page 5-16 hello-time <1 - 10> Y Y page 5-16 maximum-age <6 - 40> Y Y page 5-16 priority <0 - 15 | 0 - 6
PAGE 123
Spanning-Tree Operation Configuring Rapid Reconfiguration Spanning Tree (RSTP) Figure 5-4. Example of the Spanning Tree Configuration Display Enabling or Disabling RSTP. Issuing the command to enable spanning tree on the switch implements, by default, the RSTP version of spanning tree for all physical ports on the switch. Disabling spanning tree removes protec tion against redundant network paths.
PAGE 124
Spanning-Tree Operation Configuring Rapid Reconfiguration Spanning Tree (RSTP) Reconfiguring Whole-Switch Spanning Tree Values. You can configure one or more of the following parameters, which affect the spanning tree operation of the whole switch: Table 5-1. Whole-Switch RSTP Parameters Parameter Default Description protocol-version RSTP Identifies which of the spanning tree protocols will be used when spanning tree is enabled on the switch.
PAGE 125
Spanning-Tree Operation Configuring Rapid Reconfiguration Spanning Tree (RSTP) Note Executing the spanning-tree command alone enables spanning tree. Executing the command with one or more of the whole-switch RSTP parameters shown in the table on the previous page, or with any of the per-port RSTP parameters shown in the table on page 18, does not enable spanning tree. It only configures the spanning tree parameters, regardless of whether spanning tree is actually running (enabled) on the switch.
PAGE 126
Spanning-Tree Operation Configuring Rapid Reconfiguration Spanning Tree (RSTP) Reconfiguring Per-Port Spanning Tree Values. You can configure one or more of the following parameters, which affect the spanning tree operation of the specified ports only: Table 5-2. Per-Port RSTP Parameters Parameter Default Description edge-port Yes Identifies ports that are connected to end nodes. During spanning tree establishment, these ports transition immediately to the Forwarding state.
PAGE 127
Spanning-Tree Operation Configuring Rapid Reconfiguration Spanning Tree (RSTP) Syntax: Abbreviations: spanning-tree [ethernet] < port-list > path-cost < 1 - 200000000 > point-to-point-mac < force-true | force-false | auto > priority < 0 - 15 > span < port-list > path <1 - 200000000> force < force-t | force-f | auto > pri <0 - 15> [no] spanning-tree [ethernet] < port-list > edge-port mcheck [no] span < port-list > edge mch Defaults: see the table on the previous page.
PAGE 128
Spanning-Tree Operation Configuring Rapid Reconfiguration Spanning Tree (RSTP) Menu: Configuring RSTP 1. From the console CLI prompt, enter the menu command. ProCurve# menu 2. From the switch console Main Menu, select 2. Switch Configuration … 4. Spanning Tree Operation 3. Press [E] (for Edit) to highlight the Protocol Version parameter field. 4. Press the Space bar to select the version of spanning tree you wish to run: RSTP or STP.
PAGE 129
Spanning-Tree Operation Configuring Rapid Reconfiguration Spanning Tree (RSTP) Figure 5-5. Example of the RSTP Configuration Screen 7. Press the [Tab] key or use the arrow keys to go to the next parameter you want to change, then type in the new value or press the Space bar to select a value. (To get help on this screen, press [Enter] to select the Actions –> line, then press [H], for Help, to display the online help.) 8. Repeat step 6 for each additional parameter you want to change.
PAGE 130
Spanning-Tree Operation Configuring Rapid Reconfiguration Spanning Tree (RSTP) Web: Enabling or Disabling RSTP In the web browser interface, you can enable or disable spanning tree on the switch. If the default configuration is in effect such that RSTP is the selected protocol version, enabling spanning tree through the web browser interface will enable RSTP with its current configuration. To configure the other spanning tree features, telnet to the switch console and use the CLI or menu.
PAGE 131
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) 802.1D Spanning-Tree Protocol (STP) Menu: Configuring 802.1D STP 1. From the Main Menu, select: 2. Switch Configuration … 4. Spanning Tree Operation Use this field to select the 802.1D version of STP. Figure 5-6. The Default “Spanning Tree Operation” Screen 2. Press [E] (for Edit) to highlight the Protocol Version field. In the default configuration this field is set to RSTP. 3. Press the Space bar once to change the field to STP.
PAGE 132
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) Use this field to enable spanning tree. Read-Only Fields Figure 5-7. Enabling Spanning-Tree Operation 6. If the remaining STP parameter settings are adequate for your network, go to step 10. 7. Use [Tab] or the arrow keys to select the next parameter you want to change, then type in the new value or press the Space Bar to select a value.
PAGE 133
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) Figure 5-8. The Configuration Menu Indicating a Reboot Is Needed to Implement a Configuration Change 11. Press [0] to return to the Main menu. Figure 5-9. The Main Menu Indicating a Reboot Is Needed To Implement a Configuration Change 12. Press [6] to reboot the switch. This implements the Protocol Version change (steps 2 and 3 on page 5-23).
PAGE 134
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) CLI: Configuring 802.
PAGE 135
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) Configuring the Switch To Use the 802.1D Spanning Tree Protocol (STP). In the default configuration, the switch is set to RSTP (that is, 802.1w Rapid Spanning Tree), and spanning tree operation is disabled. To reconfigure the switch to 802.1D spanning tree, you must: 1. Change the spanning tree protocol version to stp. 2. Use write memory to save the change to the startup-configuration. 3. Reboot the switch. 4.
PAGE 136
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) Enabling STP implements the spanning tree protocol for all physical ports on the switch, regardless of whether multiple VLANs are configured. Disabling STP removes protection against redundant loops that can significantly slow or halt a network. This command enables STP with the current parameter settings or disables STP without losing the most-recently configured parameter settings.
PAGE 137
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) Note Executing spanning-tree alone enables STP. Executing spanning-tree with one or more of the above “STP Operating Parameters” does not enable STP. It only configures the STP parameters (regardless of whether STP is actually running (enabled) on the switch). Syntax: spanning-tree priority < 0 - 65355 > maximum-age < 6 - 40 seconds > hello-time < 1 - 10 seconds > forward-delay < 4 - 30 seconds > Default: Refer to table 5-3, above.
PAGE 138
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) You can also include STP general parameters in this command. See “Recon figuring General STP Operation on the Switch” on page 5-28.
PAGE 139
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) To Enable or Disable Fast Mode for a Switch Port: You can use either the CLI or the menu interface to toggle between STP Fast mode and STP Normal mode. (To use the menu interface, see “Menu: Configuring 802.1D STP” on page 5-23.
PAGE 140
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) Caution In general, fast-uplink spanning tree on the switch is useful when running STP in a tiered topology that has well-defined edge switches. Also, ensure that an interior switch is used for the root switch and for any logical backup root switches.
PAGE 141
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) Terminology Term Definition downlink port (downstream port) A switch port that is linked to a port on another switch (or to an end node) that is sequentially further away from the STP root device. For example, port “C” in figure 5-12, above, is a downlink port. edge switch For the purposes of fast-uplink STP, this is a switch that has no other switches connected to its downlink ports.
PAGE 142
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) In figure 5-13, STP is enabled and in its default configuration on all switches, unless otherwise indicated in table 5-5, below: Table 5-5. STP Parameter Settings for Figure 5-13 STP Parameter Switch “1” Switch “2” Switch “3” Switch “4” Switch Priority 1 0 12 32,768 (default) 32,768 (default) (Fast) Uplink No No No Ports 3 & 5 1This setting ensures that Switch “1” will be the primary root switch for STP in figure 5-13.
PAGE 143
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) ■ Edge switches cannot be directly linked together using fast-uplink ports. For example, the connection between switches 4 and 5 in figure 5-14 is not allowed for fast-uplink operation. Switch 2 The ports that make up this link cannot be configured as fastuplink ports. Switch 1 Switch 4 (5304-Edge) LAN (Root) Switch 3 Link blocked by STP: Switch 5 (5304-Edge) Figure 5-14.
PAGE 144
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) To View and/or Configure Fast-Uplink STP. This procedure uses the Spanning Tree Operation screen to enable STP and to set the Mode for fastuplink STP operation. 1. From the Main Menu select: 2. Switch Configuration … 4. Spanning Tree Operation 2. In the default STP configuration, RSTP is the selected protocol version.
PAGE 145
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) 3. If the Protocol Version is set to RSTP (as shown in figure 5-15), do the following: a. Press [E] (Edit) to move the cursor to the Protocol Version field. b. Press the Space bar once to change the Protocol Version field to STP. c. Press [Enter] to return to the command line. d. Press [S] (for Save) to save the change and exit from the Spanning Tree Operation screen.
PAGE 146
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) In this example, ports 2 and 3 have already been configured as a port trunk (Trk1), which appears at the end of the port listing. All ports (and the trunk) are in their default STP configuration. Note: In the actual menu screen, you must scroll the cursor down the port list to view the trunk configuration (ports A2 and A3). Figure 5-17. The Spanning Tree Operation Screen 4.
PAGE 147
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) STP is enabled. Port A1 and Trk1 are now configured for fast-uplink STP. Figure 5-18. Example of STP Enabled with Two Redundant Links Configured for Fast-Uplink STP 5. Press [S] (for Save) to save the configuration changes to flash (non-volatile) memory. To View Fast-Uplink STP Status.
PAGE 148
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) Indicates which uplink is the active path to the STP root device. Note: A switch using fast-uplink STP must never be the STP root device. Figure 5-19. Example of STP Status with Trk1 (Trunk 1) as the Path to the STP Root Device 2. Press [S] (for Show ports) to display the status of individual ports. Redundant STP Link in (Fast) Uplink Mode Links to PC or Workstation End Nodes Redundant STP Link in (Fast) Uplink Mode Figure 5-20.
PAGE 149
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) In figure 5-20: • Port A1 and Trk1 (trunk 1; formed from ports 2 and 3) are redundant fast-uplink STP links, with trunk 1 forwarding (the active link) and port A1 blocking (the backup link). (To view the configuration for port A1 and Trk1, see figure 5-18 on page 5-39.) • If the link provided by trunk 1 fails (on both ports), then port A1 begins forwarding in fast-uplink STP mode.
PAGE 150
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) Indicates that Trk1 (Trunk 1) provides the currently active path to the STP root device. Redundant STP link in the Blocking state. Links to PC or Workstation End Nodes Redundant STP link in the Forwarding state. (See the “Root Port field, above. This is the currently active path to the STP root device.) Figure 5-22.
PAGE 151
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) STP Enabled on the Switch Fast-Uplink STP Configured on Port 1 and Trunk 1 (Trk1) Figure 5-23. Example of a Configuration Supporting the STP Topology Shown in Figure 5-21 Using the CLI To Configure Fast-Uplink STP. This example uses the CLI to configure the switch for the fast-uplink operation shown in figures 5 21, 5-22, and 5-23.
PAGE 152
Spanning-Tree Operation 802.1D Spanning-Tree Protocol (STP) Lists STP configuration. Shows the default STP protocol 1. Changes the Spanning-Tree protocol to STP (required for Fast-Uplink). 2. Saves the change to the startup-configuration 3. Reboots the switch. (Required for this configuration Figure 5-24. Example of Changing the STP Configuration from the Default RSTP (802.1w) to STP (802.
PAGE 153
Spanning-Tree Operation Web: Enabling or Disabling STP Note When you add a port to a trunk, the port takes on the STP mode configured for the trunk, regardless of which STP mode was configured on the port before it was added to the trunk. Thus, all ports belonging to a trunk configured with Uplink in the STP Mode field will operate in the fast-uplink mode. (If you remove a port from a trunk, the port reverts to the STP Mode setting it had before you added the port to the trunk.
PAGE 154
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) 802.1s Multiple Spanning Tree Protocol (MSTP) The 802.1D and 802.1w spanning tree protocols operate without regard to a network’s VLAN configuration, and maintain one common spanning tree throughout a bridged network. Thus, these protocols map one loop-free, logical topology on a given physical topology. The 802.
PAGE 155
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) MSTP Structure MSTP maps active, separate paths through separate spanning tree instances and between MST regions. Each MST region comprises one or more MSTP switches. Note that MSTP recognizes an STP or RSTP LAN as a distinct spanning-tree region.
PAGE 156
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) MST Region: An MST region comprises the VLANs configured on physically connected MSTP switches. All switches in a given region must be configured with the same VLANs and Multiple Spanning Tree Instances (MSTIs). Internal Spanning Tree (IST): The IST administers the topology within a given MST region.
PAGE 157
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Caution When you enable MSTP on the switch, the default MSTP spanning tree configuration settings comply with the values recommended in the IEEE 802.1s Multiple Spanning Tree Protocol (MSTP) standard. Note that inappro priate changes to these settings can result in severely degraded network performance.
PAGE 158
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) How Separate Instances Affect MSTP Operation. Assigning different groups of VLANs to different instances ensures that those VLAN groups use independent forwarding paths. For example, in figure 5-26 each instance has a different forwarding path. Path through IST Instance to Other Regions Region “X” Switch 1 IST Root VLAN Memberships: • IST Instance: VLANs 1, 2 • MSTI “A”: 4, 5 • MSTI “B”: 7, 9 Blocks redundant link for MSTI “B”.
PAGE 159
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Within a region, traffic routed between VLANs in separate instances can take only one physical path. To ensure that traffic in all VLANs within a region can travel between regions, all of the boundary ports for each region should belong to all VLANs configured in the region. Otherwise, traffic from some areas within a region could be blocked from moving to other regions.
PAGE 160
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) an instance by using a port trunk. The following example shows how you can use a port trunk with 802.1Q (tagged) VLANs and MSTP without unnecessarily blocking any links or losing any bandwidth. Problem: Solution: An MST instance with two separate (non-trunked) links blocks a VLAN link. Configure one trunked link for the two VLAN memberships. Nodes 1 and 2 cannot communicate because MSTP is blocking the link.
PAGE 161
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) and designated port for each region. The CIST includes the Common Spanning Tree (CST), the Internal Spanning Tree (IST) within each region, and any multiple spanning-tree instances (MSTIs) in a region. Common Spanning Tree (CST): Refers to the single forwarding path the switch calculates for STP (802.1D) and RSTP (802.1w) topologies, and for inter-regional paths in MSTP (802.1s) topologies.
PAGE 162
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Operating Rules 5-54 ■ All switches in a region must be configured with the same set of VLANs, as well as the same MST configuration name and MST configuration number. ■ Within a region, a VLAN can be allocated to either a single MSTI or to the region’s IST instance. ■ All switches in a region must have the same VID-to-MST instance and VIDto-IST instance assignments. ■ There is one root MST switch per configured MST instance.
PAGE 163
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) the same instance, all but one of those paths will be blocked for that instance. However, if there are different paths in different instances, all such paths are available for traffic. Separate forwarding paths exist through separate spanning tree instances. ■ ■ ■ A port can have different states (forwarding or blocking) for different instances (which represent different forwarding paths).
PAGE 164
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) incompatibility between devices running the older 802.1D STP and your switch running MSTP or RSTP. Please see the “Note on Path Cost” on page 5-19 for more information on adjusting to this incompatibility. Tips for Planning an MSTP Application 5-56 ■ Ensure that the VLAN configuration in your network supports all of the forwarding paths necessary for the desired connectivity.
PAGE 165
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Note on MSTP Rapid State Tr a n s i t i o n s Under some circumstances the rapid state transitions employed by MSTP (and RSTP) can increase the rates of frame duplication and misordering in the switched LAN.
PAGE 166
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) 3. – Force-Version operation spanning-tree force-version – Forward Delay spanning-tree forward-delay – Hello Time (used if the switch operates as the root device.) spanning-tree hello-time – Maximum age to allow for STP packets before discarding spanning-tree max-age – Device spanning-tree priority. Specifies the priority value used along with the switch MAC address to determine which device is root.
PAGE 167
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Configuring MSTP Operation Mode and Global Parameters Command Page spanning-tree protocol-version mstp page 5-60 spanning-tree config-name < ascii-string > page 5-60 spanning-tree config-revision < revision-number > page 5-61 spanning-tree max-hops < hop-count > page 5-61 spanning-tree force-version < stp-compatible | rstp-operation | mstp-operation> page 5-62 spanning-tree hello-time < 1..
PAGE 168
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: spanning-tree-protocol-version mstp Changes the current spanning-tree protocol on the switch to 802.1s Multiple Spanning Tree. Must be followed by write mem and reboot to activate the change. After rebooting, the switch is ready to operate as an MSTP bridge. Note that this command does not enable spanning-tree operation. To activate the configured spanning-tree operation on the switch, execute spanning-tree.
PAGE 169
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: spanning-tree config-revision < revision-number > This command configures the revision number you designate for the MST region in which you want the switch to reside. This setting must be the same for all switches residing in the same region.
PAGE 170
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: spanning-tree force-version < stp-compatible | rstp-operation | mstp operation > Sets the spanning-tree compatibility mode. When the switch is configured with MSTP mode, this command forces the switch to emulate behavior of earlier versions of spanning tree protocol or return to MSTP behavior.
PAGE 171
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Configuring Basic Port Connectivity Parameters Command Page spanning-tree < port-list > edge-port below spanning-tree mcheck below hello-time < global | 1..
PAGE 172
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) [ mcheck ] Forces a port to send RSTP BPDUs for 3 seconds. This allows for another switch connected to the port and running RSTP to establish its connection quickly and for identifying switches running 802.1D STP. If the wholeswitch force-version parameter is set to stp-compatible, the switch ignores the mcheck setting and sends 802.1D STP BPDUs out all ports.
PAGE 173
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) [ path-cost < auto | 1..200000000 > ] Assigns an individual port cost that the switch uses to determine which ports are forwarding ports in a given spanning tree. In the default configuration ( auto ) the switch determines a port’s path cost by the port’s type: – 10 Mbps: 2000000 – 100 Mbps: 200000 – 1 Gbps: 20000 Refer to “Note on Path Cost” on page 5-19 for information on compatibility with devices running 802.
PAGE 174
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: spanning-tree < port-list > root-guard MSTP only. When a port is enabled as root-guard, it cannot be selected as the root port even if it receives superior STP BPDUs. The port is assigned an “alternate” port role and enters a blocking state if it receives superior STP BPDUs. The BPDUs received on a port enabled as root-guard are ignored.
PAGE 175
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: spanning-tree instance < 1..16 > priority < 0 .. 15 > This command sets the switch (bridge) priority for the designated instance. This priority is compared with the priorities of other switches in the same instance to determine the root switch for the instance. The lower the priority value, the higher the priority. (If there is only one switch in the instance, then that switch is the root switch for the instance.
PAGE 176
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: spanning-tree priority < 0 .. 15 > This command sets the switch (bridge) priority for the designated region in which the switch resides. The switch compares this priority with the priorities of other switches in the same region to determine the root switch for the region. The lower the priority value, the higher the priority. (If there is only one switch in the region, then that switch is the root switch for the region.
PAGE 177
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Configuring MST Instance Per-Port Parameters Command Page spanning-tree instance < 1..16 > < port-list > path-cost < auto | 1..200000000 > page 5-69 spanning-tree instance < 1..16 > < port-list > priority < priority-multiplier > page 5-70 spanning-tree < port-list > priority < priority-multiplier > page 5-71 Syntax: spanning-tree instance < 1..16 > [e] < port-list > path-cost < auto | 1..
PAGE 178
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: spanning-tree instance < 1..16 > [e] < port-list > priority This command sets the priority for the specified port(s) in the specified MST instance. (For a given port, the priority setting can be different for different MST instances to which the port may belong.) The priority range for a port in a given MST instance is 0-255. However, this command specifies the priority as a multiplier (0 - 15 ) of 16.
PAGE 179
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Syntax: spanning-tree [e] < port-list > priority < priority-multiplier > This command sets the priority for the specified port(s) for the IST (that is, Instance 0) of the region in which the switch resides. This priority is compared with the priorities of other ports in the IST to determine which port is the root port for the IST instance. The lower the priority value, the higher the priority.
PAGE 180
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Enabling or Disabling Spanning Tree Operation This command enables or disables spanning tree operation for any spanning tree protocol enabled on the switch. Before using this command to enable spanning tree, ensure that the version you want to use is active on the switch.
PAGE 181
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) 1. Configure the VLANs you want included in any instances in the new region. When you create the pending region, all VLANs configured on the switch will be assigned to the pending IST instance unless assigned to other, pending MST instances. 2. Configure MSTP as the spanning-tree protocol, then execute write mem and reboot. (The pending option is available only with MSTP enabled.) 3.
PAGE 182
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) 9. To view the current pending MSTP configuration, use the show spanningtree pending command (page page 5-80). Displaying MSTP Statistics and Configuration Command Page MSTP Statistics: show spanning-tree [< port-list >] show spanning-tree instance < ist | 1..16 > below 76 MSTP Configuration show spanning-tree [ port-list ] config 77 show spanning-tree [ port-list ] config instance < ist | 1..
PAGE 183
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Switch’s Spanning Tree Configuration and Identity of VLANs Configured in the Switch for the IST Instance Identifies the overall spanning-tree root for the network. Lists the switch’s MSTP root data for connectivity with other regions and STP or RSTP devices. Identifies the spanning-tree root for the IST Instance for the region.
PAGE 184
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Displaying Switch Statistics for a Specific MST Instance. Syntax: show spanning-tree instance < ist | 1..16 > This command displays the MSTP statistics for either the IST instance or a numbered MST instance running on the switch. Figure 5-29.
PAGE 185
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Displaying the MSTP Configuration Displaying the Global MSTP Configuration. This command displays the switch’s basic and MST region spanning-tree configuration, including basic port connectivity settings. Syntax: show spanning-tree config The upper part of this output shows the switch’s global spanning-tree configuration that applies to the MST region.
PAGE 186
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Displaying Per-Instance MSTP Configurations. These commands dis plays the per-instance port configuration and current state, along with instance identifiers and regional root data. Syntax: show spanning-tree config instance < ist | 1..16 > The upper part of this output shows the instance data for the specified instance. The lower part of the output lists the spanning-tree port settings for the specified instance.
PAGE 187
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Displaying the Region-Level Configuration in Brief. This command output is useful for quickly verifying the allocation of VLANs in the switch’s MSTP configuration and for viewing the configured region identifiers. Syntax: show spanning-tree mst-config This command displays the switch’s regional configuration. Note: The switch computes the MSTP Configuration Digest from the VID to MSTI configuration mappings on the switch itself.
PAGE 188
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Displaying the Pending MSTP Configuration. This command displays the MSTP configuration the switch will implement if you execute the span ning-tree pending apply command (Refer to “Enabling an Entire MST Region at Once or Exchanging One Region Configuration for Another” on page 5-72.) Syntax: show spanning-tree pending < instance | mst-config > instance < 1..16 | ist > Lists region, instance I.D.
PAGE 189
Spanning-Tree Operation 802.1s Multiple Spanning Tree Protocol (MSTP) Operating Notes SNMP MIB Support for MSTP. MSTP is a superset of the STP/802.1D and RSTP/802.1w protocols and uses the MIB objects defined for these two protocols. Troubleshooting Duplicate packets on a VLAN, or packets not arriving on a LAN at all. The allocation of VLANs to MSTIs may not be identical among all switches in a region. A Switch Intended To Operate Within a Region Does Not Receive Traffic from Other Switches in the Region.
PAGE 190
Spanning-Tree Operation 802.
PAGE 191
6 Quality of Service (QoS): Managing Bandwidth More Effectively Contents Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-3 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-6 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-7 Classifiers for Prioritizing Outbound Packets . . . . . . . . . . . . . . . . . . . .
PAGE 192
Quality of Service (QoS): Managing Bandwidth More Effectively Contents QoS IP Type-of-Service (ToS) Policy and Priority . . . . . . . . . . . . . . . 6-34 Assigning an 802.1p Priority to IPv4 Packets on the Basis of the ToS Precedence Bits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-35 Assigning an 802.1p Priority to IPv4 Packets on the Basis of Incoming DSCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 193
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Introduction QoS Feature Default Menu CLI Web TCP/UDP Priority Disabled — page 6-21 Refer to the Online Help.
PAGE 194
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Quality of Service is a general term for classifying and prioritizing traffic throughout a network. That is, QoS enables you to establish an end-to-end traffic priority policy to improve control and throughput of important data. You can manage available bandwidth so that the most important traffic goes first. For example, you can use Quality of Service to: Edge Switch ■ Upgrade or downgrade traffic from various servers.
PAGE 195
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction QoS is implemented in the form of rules or policies that are configured on the switch. While you can use QoS to prioritize only the outbound traffic while it is moving through the switch, you derive the maximum benefit by using QoS in an 802.1Q VLAN environment (with 802.
PAGE 196
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Terminology Term Use in This Document 802.1p priority A traffic priority setting carried by a VLAN-tagged packet moving from one device to another through ports that are tagged members of the VLAN to which the packet belongs. This setting can be from 0 7. The switch handles an outbound packet on the basis of its 802.1p priority.
PAGE 197
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Term Use in This Document outbound port queue For any port, a buffer that holds outbound traffic until it can leave the switch through that port. There are four outbound queues for each port in the switch: high, medium, normal, and low. Traffic in a port’s high priority queue leaves the switch before any traffic in the port’s medium priority queue, and so-on.
PAGE 198
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction ■ Configuring a priority for outbound packets and a service (prior ity) policy for use by downstream devices: • DSCP Policy: This feature enables you to set a priority policy in outbound IP packets. (You can configure downstream devices to read and use this policy.) This method is not dependent on VLAN-tagged ports to carry priority policy to downstream devices, and can: – Change the codepoint (the upper six bits) in the ToS byte.
PAGE 199
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction But if the packet is in a VLAN-tagged environment, then the above setting is also added to the packet as an 802.1p priority for use by downstream devices and applications (shown in table 6-3). In either case, an IP packet can also carry a priority policy to downstream devices by using DSCP-marking in the ToS byte. Table 6-3.
PAGE 200
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Table 6-4. Switch Classifier Search Order and Precedence Search Order Precedence QoS Classifier 1 6 (lowest) Incoming 802.
PAGE 201
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Table 6-5.Precedence Criteria for QoS Classifiers Precedence Criteria 1 UDP/TCP Overview Takes precedence based on a layer 4 UDP or TCP application, with a user-specified application port number (for example, Telnet). Default state: Disabled If a packet does not meet the criteria for UDP/TCP priority, then precedence defaults to the Device Priority classifier, below.
PAGE 202
Quality of Service (QoS): Managing Bandwidth More Effectively Introduction Precedence Criteria 6 Incoming 802.1p Priority Overview Where a VLAN-tagged packet enters the switch through a port that is a tagged member of that VLAN, if QoS is not configured to override the packet’s priority setting, the switch uses the packet’s existing 802.1p priority (assigned by an upstream device or application) to determine which inbound and outbound port queue to use.
PAGE 203
Quality of Service (QoS): Managing Bandwidth More Effectively Preparation for Configuring QoS Preparation for Configuring QoS QoS operates in VLAN-tagged and VLAN-untagged environments. If your network does not use multiple VLANs, you can still implement the 802.1Q VLAN capability for packets to carry their 802.1p priority to the next downstream device. To do so, configure ports as VLAN-tagged members on the links between switches and routers in your network infrastructure. Table 6-6.
PAGE 204
Quality of Service (QoS): Managing Bandwidth More Effectively Preparation for Configuring QoS For more on how QoS operates with the preceding traffic types, see ‘‘Precedence Criteria for QoS Classifiers’’, on page 6-11.) 2. Select the QoS option you want to use. Table 6-7 lists the traffic types (QoS classifiers) and the QoS options you can use for prioritizing or setting a policy on these traffic types: Table 6-7.
PAGE 205
Quality of Service (QoS): Managing Bandwidth More Effectively Preparation for Configuring QoS Planning a QoS Configuration QoS uses resources in a way that requires attention to rule usage when planning a QoS configuration. Otherwise, there is an increased possibility of oversubscribing resources, which means that at some point the switch would not support further QoS configuration.
PAGE 206
Quality of Service (QoS): Managing Bandwidth More Effectively Preparation for Configuring QoS QoS Classifier Rules Used ToS Diff-Services QoS Up to 64 rules per switch, depending on how the switch is configured VLAN QoS 1 rule per port membership in a QoS-specified VLAN. If a port belongs to multiple, QoS-specified VLANs, then 1 rule is used for each such VLAN membership. Source-Port QoS 1 rule for each port configured for source-port QoS.
PAGE 207
Quality of Service (QoS): Managing Bandwidth More Effectively Preparation for Configuring QoS Configuring a Policy When There Are Not Enough Rules Available. Attempting to configure a QoS policy on the switch or a VLAN when there are not enough rules available results in the following: ■ The policy is not configured. ■ The CLI displays a message similar to the following: Unable to add this QoS rule. Maximum number (max-num) already reached.
PAGE 208
Quality of Service (QoS): Managing Bandwidth More Effectively Preparation for Configuring QoS 2. Use the show qos commands to identify the currently configured QoS policies. 3. Determine which of the existing policies you can remove to free up rule resources for the QoS policy you want to implement. Depending on your network topology and configuration, you can free up rule resources by moving some policies to other devices.
PAGE 209
Quality of Service (QoS): Managing Bandwidth More Effectively Preparation for Configuring QoS How the Switch Uses Resources in DSCP Configurations. In the default configuration, the DSCP map is configured with one DSCP policy (Expedited Forwarding; 101110 with a “7” priority) but, because no ToS DiffServices options are configured, no rules are used. If ToS Diff-Services mode is enabled, then one rule is immediately used for this codepoint.
PAGE 210
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Using QoS Classifiers To Configure QoS for Outbound Traffic Note QoS Feature Default UDP/TCP Priority Disabled IP-Device Priority Disabled Menu CLI Web — page 6-21 Refer to Online Help.
PAGE 211
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic vlan-priority Displays the current VLAN priority configuration. Refer to figure 6-23 on page 6-48. port-priority Displays the current source-port priority configuration. Refer to figure 6-28 on page 6-53. No Override By default, the IP ToS, VLAN-ID, and (source) port show outputs automatically list No-override for priority options that have not been configured.
PAGE 212
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Options for Assigning Priority. Priority control options for TCP or UDP packets carrying a specified TCP or UDP port number include: ■ 802.1p priority ■ DSCP policy (Assigning a new DSCP and an associated 802.1p priority; inbound packets must be IPv4.) For a given TCP or UDP port number, you can use only one of the above options at a time.
PAGE 213
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic no qos < udp-port | tcp-port > < tcp-udp port number > Deletes the specified UDP or TCP port number as a QoS classifier. show qos tcp-udp-port-priority Displays a listing of all TCP and UDP QoS classifiers currently in the running-config file. For example, configure and list 802.1p priority for the following UDP and TCP port prioritization: TCP/UDP Port 802.1p Priority for TCP 802.
PAGE 214
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Assigning a DSCP Policy Based on TCP or UDP Port Number This option assigns a previously configured DSCP policy (codepoint and 802.1p priority) to (IPv4) TCP or UDP packets having the specified port number. That is, the switch: Note on Combining P o l i c y Ty p e s 1.
PAGE 215
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Note A codepoint must have an 802.1p priority assignment (0 - 7) before you can configure a policy for prioritizing packets by TCP or UDP port numbers. If a codepoint you want to use shows No-override in the Priority column of the DSCP map (show qos dscp-map), then you must assign a 0 - 7 priority before proceeding. 4.
PAGE 216
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic For example, suppose you wanted to assign these DSCP policies to the packets identified by the indicated UDP and TDP port applications: Port Applications DSCP Policies DSCP 1. Priority 23-UDP 000111 7 80-TCP 000101 5 914-TCP 000010 1 1001-UDP 000010 1 Determine whether the DSCPs already have priority assignments, which could indicate use by existing applications.
PAGE 217
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic DSCP Policies Configured in this Step Figure 6-8. Assign Priorities to the Selected DSCPs 3. Assign the DSCP policies to the selected UDP/TCP port applications and display the result. Classifier DSCP Policy Figure 6-9.
PAGE 218
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic QoS IP-Device Priority QoS Classifier Precedence: 2 The IP device option, which applies only to IPv4 packets, uses two rules per IP address on all ports in the switch.
PAGE 219
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Assigning a Priority Based on IP Address This option assigns an 802.1p priority to all IPv4 packets having the specified IP address as either a source or destination. (If both match, the priority for the IP destination address has precedence.) Syntax: qos device-priority < ip-address > priority < 0 - 7 > Configures an 802.1p priority for outbound packets having the specified IP address.
PAGE 220
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Figure 6-10. Example of Configuring and Listing 802.1p Priority Assignments for Packets Carrying Specific IP Addresses Assigning a DSCP Policy Based on IP Address This option assigns a previously configured DSCP policy (codepoint and 802.1p priority) to outbound IP packets having the specified IP address (either source or destination).
PAGE 221
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic 2. 3. Notes Determine the DSCP policy for packets carrying the selected IP address: a. Determine the DSCP you want to assign to the selected packets. (This codepoint will be used to overwrite the DSCP carried in packets received from upstream devices.) b. Determine the 802.1p priority you want to assign to the DSCP.
PAGE 222
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic no qos device-priority < ip-address > Deletes the specified IP address as a QoS classifier. show qos device-priority Displays a listing of all QoS Device Priority classifiers currently in the running-config file. For example, suppose you wanted to assign these DSCP policies to the packets identified by the indicated IP addresses: IP Address 1. DSCP Policies DSCP Priority 10.28.31.
PAGE 223
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic 2. Configure the priorities for the DSCPs you want to use. DSCP Policies Configured in this step. Figure 6-12. Assigning 802.1p Priorities to the Selected DSCPs 3. Assign the DSCP policies to the selected device IP addresses and display the result. Figure 6-13.
PAGE 224
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic QoS IP Type-of-Service (ToS) Policy and Priority QoS Classifier Precedence: 3 This feature applies only to IPv4 traffic and performs either of the following: ■ ToS IP-Precedence Mode: All IP packets generated by upstream devices and applications include precedence bits in the ToS byte. Using this mode, the switch uses these bits to compute and assign the corresponding 802.1p priority.
PAGE 225
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Assigning an 802.1p Priority to IPv4 Packets on the Basis of the ToS Precedence Bits If a device or application upstream of the switch sets the precedence bits in the ToS byte of IPv4 packets, you can use this feature to apply that setting for prioritizing packets for outbound port queues. If the outbound packets are in a tagged VLAN, this priority is carried as an 802.
PAGE 226
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic To replace this option with the ToS diff-services option, just configure diff services as described below, which automatically disables IP-Precedence. To disable IP-Precedence without enabling the diff-services option, use this command: ProCurve(config)# no qos type-of-service Assigning an 802.
PAGE 227
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Note on DSCP Use Different applications may use the same DSCP in their IP packets. Also, the same application may use multiple DSCPs if the application originates on different clients, servers, or other devices.
PAGE 228
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic . Syntax: qos type-of-service diff-services < codepoint > Causes the switch to read the < codepoint > (DSCP) of an incoming IPv4 packet and, when a match occurs, assign a corresponding 802.1p priority, as configured in the switch’s DSCP table (page 6-59). no qos type-of-service Disables all ToS classifier operation. no qos dscp-map < codepoint > Disables direct 802.
PAGE 229
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Executing this command displays the current ToS configuration and shows that the selected DSCP is not currently in use. The 000110 codepoint is unused, and thus available for directly assigning an 802.1p priority without changing the packet’s DSCP. Note: All codepoints without a “DSCP Policy” entry are available for direct 802.1p priority assignment. Figure 6-16.
PAGE 230
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Assigning a DSCP Policy on the Basis of the DSCP in IPv4 Packets Received from Upstream Devices The preceding section describes how to forward a policy set by an edge (or upstream) switch. This option changes a DSCP policy in an IPv4 packet by changing its IP ToS codepoint and applying the priority associated with the new codepoint.
PAGE 231
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic no qos type-of-service Disables all ToS classifier operation. Current ToS DSCP policies and priorities remain in the configuration and will become available if you re-enable ToS diff-services. no qos type-of-service [diff-services < codepoint >] Deletes the DSCP policy assigned to the < codepoint > and returns the < codepoint > to the 802.
PAGE 232
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic The DSCPs for this example have not yet been assigned an 802.1p priority level. Figure 6-18. Display the Current DSCP-Map Configuration 2. Configure the policies in the DSCP table: Figure 6-19. Example of Policies Configured (with Optional Names) in the DSCP Table 3. 6-42 Assign the policies to the codepoints in the selected packet types.
PAGE 233
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic The specified DSCP policies overwrite the original DSCPs on the selected packets, and use the 802.1p priorities previously configured in the DSCP policies in step 2. Figure 6-20. Example of Policy Assignment to Outbound Packets on the Basis of the DSCP in the Packets Received from Upstream Devices Details of QoS IP Type-of-Service IP packets include a Type of Service (ToS) byte.
PAGE 234
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic b. Configure the switch to mark a specific type of inbound traffic with that DSCP (and thus create a policy for that traffic type). c. Configure the internal switches in your LAN to honor the policy.
PAGE 235
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Table 6-9.
PAGE 236
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic QoS VLAN-ID (VID) Priority QoS Classifier Precedence: 5 The QoS VLAN-ID option supports up to 120 VLAN IDs (VIDs) as QoS classifiers, depending on rule use by other QoS options. Where a particular VLAN-ID classifier has the highest precedence in the switch for traffic in that VLAN, then traffic received in that VLAN is marked with the VID classifier’s configured priority level.
PAGE 237
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Syntax: vlan < vid > qos priority < 0 - 7 > Configures an 802.1p priority for outbound packets belonging to the specified VLAN. This priority determines the packet’s queue in the outbound port to which it is sent. If the packet leaves the switch on a tagged port, it carries the 802.1p priority with it to the next downstream device. You can configure one QoS classifier for each VLAN-ID.
PAGE 238
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Figure 6-23. Configuring and Displaying QoS Priorities on VLANs If you then decided to remove VLAN_20 from QoS prioritization. In this instance, No- override indicates that VLAN 20 is not prioritized by QoS. Figure 6-24.
PAGE 239
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Note On switches covered in this guide, “mixing” ToS DSCP policies and 802.1p priorities is not recommended. Refer to the Note on page 6-10. For more on DSCP, refer to “Terminology” on page 6-6. Steps for Creating a Policy Based on VLAN-ID Classifier. 1. Determine the VLAN-ID classifier to which you want to assign a DSCP policy. 2.
PAGE 240
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Syntax: vlan < vid > qos dscp < codepoint > Assigns a DSCP policy to packets carrying the specified IP address, and overwrites the DSCP in these packets with the assigned < codepoint > value. This policy includes an 802.1p priority and determines the packet’s queue in the outbound port to which it is sent. If the packet leaves the switch on a tagged port, it carries the 802.
PAGE 241
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic 2. Configure the priorities for the DSCPs you want to use. Priorities Configured in this step. Figure 6-26. Assign Priorities to the Selected DSCPs 3. Assign the DSCP policies to the selected VIDs and display the result. Figure 6-27.
PAGE 242
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic QoS Source-Port Priority QoS Classifier Precedence: 6 The QoS source-port option enables you to use a packet’s source-port on the switch as a QoS classifier. Where a particular source-port classifier has the highest precedence in the switch for traffic entering through that port, then traffic received from the port is marked with the source-port classifier’s configured priority level.
PAGE 243
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic For example, suppose that you want to prioritize inbound traffic on the following source-ports: Source-Port Priority 1-3 2 4 3 5, 8 5 9 - 11 6 1. Execute the following commands to prioritize traffic received on the above ports. Figure 6-28. Configuring and Displaying Source-Port QoS Priorities 2. Remove port 1 from QoS prioritization.
PAGE 244
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Assigning a DSCP Policy Based on the Source-Port This option assigns a previously configured DSCP policy (codepoint and 802.1p priority) to outbound IP packets (received from the specified sourceports). That is, the switch: Note 1. Selects an incoming IP packet on the basis of its source-port on the switch. 2.
PAGE 245
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Note A codepoint must have an 802.1p priority assignment (0 - 7) before you can configure that codepoint as a criteria for prioritizing packets by source-port. If a codepoint shows No-override in the Priority column of the DSCP Policy Table (show qos dscp-map), then you must assign a 0 - 7 priority before proceeding. 4.
PAGE 246
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic For example, suppose you wanted to assign this set of priorities: Source-Port DSCP Priority 2 000111 7 5-7 000101 5 8, 10 000010 1 1. Determine whether the DSCPs already have priority assignments, which could indicate use by existing applications. This is not a problem as long as the configured priorities are acceptable for all applications using the same DSCP.
PAGE 247
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Priorities Configured in this step. Figure 6-31. Assign Priorities to the Selected DSCPs 3. Assign the DSCP policies to the selected source-ports and display the result. Figure 6-32.
PAGE 248
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Differentiated Services Codepoint (DSCP) Mapping The DSCP Policy Table associates an 802.1p priority with a specific ToS byte codepoint in an IPv4 packet. This enables you to set a LAN policy that operates independently of 802.1Q VLAN-tagging. In the default state, most of the 64 codepoints do not assign an 802.1p priority, as indicated by No-override in table 6-11 on page 6-59.
PAGE 249
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Table 6-11.The Default DSCP Policy Table DSCP Policy 000000 000001 000010 000011 000100 000101 000110 000111 001000 001001 001010 001011 001100 001101 001110 001111 010000 010001 010010 010011 010100 010101 802.
PAGE 250
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Quickly Listing Non-Default Codepoint Settings Table 6-11 lists the switch’s default codepoint/priority settings. If you change the priority of any codepoint setting to a non-default value and then execute write memory, the switch will list the non-default setting in the show config display.
PAGE 251
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Effect of “No-override” In the QoS Type-of-Service differentiated services mode, a No-override assignment for the codepoint of an outbound packet means that QoS is effectively disabled for such packets. That is, QoS does not affect the packet queuing priority or VLAN tagging.
PAGE 252
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Example of Changing the Priority Setting on a Policy When One or More Classifiers Are Currently Using the Policy Suppose that codepoint 000001 is in use by one or more classifiers. If you try to change its priority, you see a result similar to the following: Figure 6-34.
PAGE 253
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic Three classifiers use the codepoint that is to be changed. Two classifiers do not use the codepoint that is to be changed. Figure 6-35. Example of a Search to Identify Classifiers Using a Codepoint You Want To Change 2. Change the classifier configurations by assigning them to a different DSCP policy, or to an 802.1p priority, or to No-override. For example: a.
PAGE 254
Quality of Service (QoS): Managing Bandwidth More Effectively Using QoS Classifiers To Configure QoS for Outbound Traffic 3. c. Assign the port-priority classifier to the new DSCP policy. d. Assign the udp-port 1260 classifier to an 802.1p priority. Reconfigure the desired priority for the 000001 codepoint. ProCurve(config)# qos dscp-map 000001 priority 4 4. 6-64 You could now re-assign the classifiers to the original policy codepoint or leave them as currently configured.
PAGE 255
Quality of Service (QoS): Managing Bandwidth More Effectively IP Multicast (IGMP) Interaction with QoS IP Multicast (IGMP) Interaction with QoS IGMP high-priority-forward causes the switch to service the subscribed IP multicast group traffic at high priority, even if QoS on the switch has relegated the traffic to a lower priority. This does not affect any QoS priority settings, so the QoS priority is honored by downstream devices. However, QoS does take precedence over IGMP normal-priority traffic.
PAGE 256
Quality of Service (QoS): Managing Bandwidth More Effectively QoS Operating Notes and Restrictions QoS Operating Notes and Restrictions Table 6-12. Details of Packet Criteria and Restrictions for QoS Support Packet Criteria or Restriction QoS Classifiers UDP/TCP IP Type-of- VLAN Device Priority (IP Service Address) Source Port Incoming 802.
PAGE 257
Quality of Service (QoS): Managing Bandwidth More Effectively QoS Operating Notes and Restrictions ■ Maximum QoS Configuration Entries: The switches covered in this guide accept the maximum outbound priority and/or DSCP policy config uration entries of 128 rules per QoS feature. Attempting to exceed the above limits generates the following message in the CLI: Unable to add this QoS rule. Maximum number (entry-#) already reached. ■ All Switches—Not Supported: Use of an inbound 802.
PAGE 258
Quality of Service (QoS): Managing Bandwidth More Effectively QoS Operating Notes and Restrictions 6-68
PAGE 259
7 IP Routing Features Contents Overview of IP Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3 IP Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3 IP Tables and Caches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ARP Cache Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . IP Route Table . . . . . . . . . . . . . . . . . . . . . .
PAGE 260
IP Routing Features Contents Enabling IRDP Globally . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-23 Enabling IRDP on an Individual VLAN Interface . . . . . . . . . . . . . . . . 7-23 Displaying IRDP Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-25 Configuring DHCP Relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-26 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 261
IP Routing Features Overview of IP Routing Overview of IP Routing The switches covered in this guide offer IP static routing, supporting up to 16 static routes. IP static routing is configurable through the switch’s console CLI. This chapter refers the switch as a “routing switch”. When IP routing is enabled on your switch, it behaves just like any other IP router. Basic IP routing configuration consists of adding IP addresses and enabling IP routing.
PAGE 262
IP Routing Features Overview of IP Routing Note Your ProCurve switch supports IP addresses in classical sub-net format, which includes the IP address and the subnet mask (example: 192.168.1.1 255.255.255.0), and Classless Interdomain Routing (CIDR) format (example: 192.168.1.1/24). You can use either format when configuring IP address information. IP addresses are displayed in classical sub-net format only, with or without the subnet mask.
PAGE 263
IP Routing Features Overview of IP Routing IP Route Table The IP route table contains routing paths to IP destinations. Note The default gateway, which is configured as part of the IP address configura tion described in chapter 7, “IP Addressing”, is used only when routing is not enabled on the switch.
PAGE 264
IP Routing Features Overview of IP Routing ■ If the cache contains an entry with the destination IP address, the device uses the information in the entry to forward the packet out the ports listed in the entry. The destination IP address is the address of the packet’s final destination. The port numbers are the ports through which the destination can be reached. ■ If the cache does not contain an entry, the software can create an entry in the forwarding cache.
PAGE 265
IP Routing Features Overview of IP Routing Parameter Description Default See page ICMP Router Discovery Protocol (IRDP) An IP protocol that a router can use to advertise the IP addresses of its router interfaces to directly attached hosts. You can enable or disable the protocol at the Global CLI Config level. You also can enable or disable IRDP and configure the following protocol parameters on an individual VLAN interface basis at the VLAN Interface CLI Config level.
PAGE 266
IP Routing Features Configuring IP Parameters for Routing Switches Configuring IP Parameters for Routing Switches The following sections describe how to configure IP parameters. Some param eters can be configured globally while others can be configured on individual VLAN interfaces. Some parameters can be configured globally and overridden for individual VLAN interfaces. Note This section describes how to configure IP parameters for routing switches.
PAGE 267
IP Routing Features Configuring IP Parameters for Routing Switches table or forwarding cache. The routing switch needs to know the MAC address that corresponds with the IP address of either the packet’s locally attached destination or the next-hop router that leads to the destination.
PAGE 268
IP Routing Features Configuring IP Parameters for Routing Switches routers, including ProCurve routing switches, can be configured to reply to ARP requests from one network on behalf of devices on another network. See “Enabling Proxy ARP” below.
PAGE 269
IP Routing Features Configuring IP Parameters for Routing Switches ProCurve(config)# show ip Internet (IP) Service IP Routing : Disabled Default Gateway Default TTL Arp Age Domain Suffix DNS server : 15.255.120.1 : 64 : 1000 : : VLAN | IP Config IP Address Subnet Mask Proxy ARP -------------------- + ---------- --------------- --------------- -------DEFAULT_VLAN | Manual 15.255.111.13 255.255.248.0 No Figure 7-4.
PAGE 270
IP Routing Features Configuring IP Parameters for Routing Switches You can set or display the arp-age value using the menu interface (Menu > Switch Configuration > IP Config). ProCurve 12-June-2007 14:45:31 ===========================- TELNET - MANAGER MODE ====================== Switch Configuration - Internet (IP) Service IP Routing : Disabled Default Gateway : 15.255.120.1 Default TTL : 64 Arp Age : 1000 IP Config [Manual] : Manual IP Address : 15.255.111.11 Subnet Mask : 255.255.248.
PAGE 271
IP Routing Features Configuring IP Parameters for Routing Switches An ARP request from one subnet can reach another subnet when both subnets are on the same physical segment (Ethernet cable), since MAC-layer broad casts reach all the devices on the segment. Proxy ARP is disabled by default on ProCurve routing switches.
PAGE 272
IP Routing Features Configuring IP Parameters for Routing Switches To enable forwarding of IP directed broadcasts, enter the following CLI command: ProCurve(config)# ip directed-broadcast Syntax: [no] ip directed-broadcast ProCurve software makes the forwarding decision based on the routing switch's knowledge of the destination network prefix. Routers cannot deter mine that a message is unicast or directed broadcast apart from the destina tion network prefix.
PAGE 273
IP Routing Features Configuring IP Parameters for Routing Switches Disabling Replies to Broadcast Ping Requests By default, ProCurve devices are enabled to respond to broadcast ICMP echo packets, which are ping requests. You can disable response to ping requests on a global basis using the following CLI method.
PAGE 274
IP Routing Features Configuring Static IP Routes Note ■ Protocol – The TCP or UDP protocol on the destination host is not running. This message is different from the Port Unreachable message, which indicates that the protocol is running on the host but the requested protocol port is unavailable. ■ Source-route-failure – The device received a source-routed packet but cannot locate the next-hop IP address indicated in the packet’s SourceRoute option.
PAGE 275
IP Routing Features Configuring Static IP Routes ■ Default network route – This is a specific static route that the routing switch uses if other routes to the destination are not available. Refer to “Configuring the Default Route” in the chapter titled “IP Routing Features” in the Management and Configuration Guide for your switch.
PAGE 276
IP Routing Features Configuring Static IP Routes This feature allows the routing switch to adjust to changes in network topology. The routing switch does not continue trying to use routes on unavailable paths but instead uses routes only when their paths are available. Configuring a Static IP Route To configure an static IP route with a destination network of 192.0.0.0 255.0.0.0 and a next-hop router IP address of 195.1.1.1, you would enter the following commands: ProCurve(config)# ip route 192.0.0.0 255.
PAGE 277
IP Routing Features Configuring Static IP Routes Configuring a “Null” Route You can configure the routing switch to drop IP packets to a specific network or host address by configuring a “null” static route for the address. When the routing switch receives a packet destined for the address, the routing switch drops the packet instead of forwarding it. To configure a null static route to drop packets destined for network 209.157.22.0, enter the following commands: ProCurve(config)# ip route 209.157.22.
PAGE 278
IP Routing Features Configuring Static IP Routes For example, Figure 7-7 illustrates a routing topology with two possible gateways to support a static route from switch “A” to the 10.31.224.0 network in switch “C”. Switch “A” Switch “B” VLAN 29: 10.29.224.1 VLAN 29: 10.29.224.2 VLAN 30: 10.30.224.3 VLAN 30: 10.30.224.1 In this example, a static route to the 10.31.224.0 network has been configured in switch “A”. In this case, 10.30.224.1 is the configured gateway. Switch “C” VLAN 30: 10.30.224.
PAGE 279
IP Routing Features Configuring Static IP Routes Default Loopback Network Default Loopback Interface Configured Static Route Default Null Route Destinations Directly Connected to the Switch Lists the Data for the Specified Route Figure 7-8.
PAGE 280
IP Routing Features Configuring IRDP Configuring IRDP The ICMP Router Discovery Protocol (IRDP) is used by ProCurve routing switches to advertise the IP addresses of its router interfaces to directly attached hosts. IRDP is enabled by default. You can enable the feature on a global basis or on an individual VLAN interface basis. When IRDP is enabled, the routing switch periodically sends Router Adver tisement messages out the IP interfaces on which the feature is enabled.
PAGE 281
IP Routing Features Configuring IRDP messages from other routers at the same time. The interval on each IRDPenabled routing switch interface is independent of the interval on other IRDP-enabled interfaces. The default maximum message interval is 600 seconds. The default minimum message interval is 450 seconds. ■ Preference - If a host receives multiple Router Advertisement messages from different routers, the host selects the router that send the message with the highest preference as the default gateway.
PAGE 282
IP Routing Features Configuring IRDP Syntax: [no] ip irdp Enables or disables (the default) ip irdp on the specified VLAN. [broadcast | multicast] This parameter specifies the packet type the routing switch uses to send the Router Advertisement: broadcast - The routing switch sends Router Advertisements as IP broadcasts. multicast - The routing switch sends Router Advertisements as multicast packets addressed to IP multicast group 224.0.0.1. This is the default.
PAGE 283
IP Routing Features Configuring IRDP [ minadvertinterval < seconds > ] This parameter specifies the minimum amount of time the routing switch can wait between sending Router Advertisements. Default: three-fourths (0.75) the value of the maxadvertinterval parameter. If you change the maxadvertinterval parameter, the software automatically adjusts the minadvertinterval parameter to be three-fourths the new value of the maxadvertinterval parameter.
PAGE 284
IP Routing Features Configuring DHCP Relay Configuring DHCP Relay Overview The Dynamic Host Configuration Protocol (DHCP) is used for configuring hosts with IP address and other configuration parameters without human intervention. The protocol is composed of three components: the DHCP client, the DHCP server, and the DHCP relay agent.
PAGE 285
IP Routing Features Configuring DHCP Relay Minimum Requirements for DHCP Relay Operation In order for the DHCP Relay agent to work, the following steps must be completed: 1. DHCP Relay is enabled on the routing switch 2. A DHCP server is servicing the routing switch 3. IP Routing is enabled on the routing switch 4. There is a route from the DHCP server to the routing switch and back 5.
PAGE 286
IP Routing Features Configuring DHCP Relay DHCP Option 82 DHCP operation modifies client IP address request packets to the extent needed to forward the packets to a DHCP server. Option 82 enhances this operation by enabling the routing switch to append an Option 82 field to such client requests. This field includes two suboptions for identifying both the routing switch (by MAC address or IP address) and the routing switch port the client is using to access the network.
PAGE 287
IP Routing Features Configuring DHCP Relay However, Option 82 relay agents should be positioned at the DHCP policy boundaries in a network to provide maximum support and security for the IP addressing policies configured in the server. Option 82 Server Support To apply DHCP Option 82, the routing switch must operate in conjunction with a server that supports Option 82. (DHCP servers that do not support Option 82 typically ignore Option 82 fields.
PAGE 288
IP Routing Features Configuring DHCP Relay DHCP Policy Boundary: For Option 82 applications, an area of a network as defined by connection to a given routing switch or subnet and/or a specific port belonging to the routing switch or subnet. DHCP relay agent: See Relay Agent. Forwarding Policy: The Option 82 method the routing switch uses to process incoming client DHCP requests.
PAGE 289
IP Routing Features Configuring DHCP Relay ■ routing switch access to an Option 82 DHCP server on a different subnet than the clients requesting DHCP Option 82 support ■ one IP Helper address configured on each VLAN supporting DHCP clients General DHCP-Relay Operation with Option 82.
PAGE 290
IP Routing Features Configuring DHCP Relay Option 82 Field Content The Remote ID and Circuit ID subfields comprise the Option 82 field a relay agent appends to client requests. A DHCP server configured to apply a different IP addressing policy to different areas of a network uses the values in these subfields to determine which DHCP policy to apply to a given client request.
PAGE 291
IP Routing Features Configuring DHCP Relay ■ Circuit ID: This nonconfigurable subfield identifies the port number of the physical port through which the routing switch received a given DHCP client request, and is necessary to identify if you want to configure an Option 82 DHCP server to use the Circuit ID to select a DHCP policy to assign to clients connected to the port. This number is the identity of the inbound port.
PAGE 292
IP Routing Features Configuring DHCP Relay For example, suppose you wanted port 10 on a given relay agent to support no more than five DHCP clients simultaneously, you could configure the server to allow only five IP addressing assignments at any one time for the circuit ID (port) and remote ID (MAC address) corresponding to port 10 on the selected relay agent.
PAGE 293
IP Routing Features Configuring DHCP Relay Option 82 Configuration DHCP Client Request Packet Inbound to the Routing Switch Packet Has No Option 82 Field Packet Includes an Option 82 Field Replace Append an Option 82 Field Replace replaces any existing Option 82 fields from downstream relay agents (and/ or the originating client) with an Option 82 field for the current relay agent..
PAGE 294
IP Routing Features Configuring DHCP Relay the next two relay agent hops (“B” and “C”). The server can then enforce an IP addressing policy based on the Option 82 field generated by the edge relay agent (“A”). In this example, the DHCP policy boundary is at relay agent 1. Relay Agent “A” Client VLAN 20 VLAN 10 DROP Relay Agent “B” VLAN 20 VLAN 30 APPEND Relay Agent “C” VLAN 10 VLAN 20 APPEND DHCP Option 82 Server Figure 7-15.
PAGE 295
IP Routing Features Configuring DHCP Relay Server response validation is an option you can specify when configuring Option 82 DHCP for append, replace, or drop operation. (Refer to “Forwarding Policies” on page 7-34.) Enabling validation on the routing switch can enhance protection against DHCP server responses that are either from untrusted sources or are carrying invalid Option 82 information.
PAGE 296
IP Routing Features Configuring DHCP Relay Multinetted VLANs On a multinetted VLAN, each interface can form an Option 82 policy boundary within that VLAN if the routing switch is configured to use IP for the remote ID suboption.
PAGE 297
IP Routing Features Configuring DHCP Relay drop: Configures the routing switch to unconditionally drop any client DHCP packet received with existing Option 82 field(s). This means that such packets will not be forwarded. Use this option where access to the routing switch by untrusted clients is possible. If the routing switch receives a client DHCP packet without an Option 82 field, it adds an Option 82 field to the client and forwards the packet.
PAGE 298
IP Routing Features Configuring DHCP Relay Operating Notes ■ 7-40 This implementation of DHCP relay with Option 82 complies with the following RFCs: • RFC 2131 • RFC 3046 ■ Moving a client to a different port allows the client to continue operating as long as the port is a member of the same VLAN as the port through which the client received its IP address.
PAGE 299
IP Routing Features Configuring DHCP Relay ■ Relay agents without Option 82 can exist in the path between Option 82 relay agents and an Option 82 server. The agents without Option 82 will forward client requests and server responses without any effect on Option 82 fields in the packets.
PAGE 300
IP Routing Features UDP Broadcast Forwarding UDP Broadcast Forwarding Overview Some applications rely on client requests sent as limited IP broadcasts addressed to a UDP application port. If a server for the application receives such a broadcast, the server can reply to the client.
PAGE 301
IP Routing Features UDP Broadcast Forwarding Table 7-5. Interface VLAN 1 Example of a UDP Packet-Forwarding Environment IP Address Subnet Mask 15.75.10.1 255.255.255.0 Forwarding Address UDP Port Notes 15.75.11.43 1188 15.75.11.255 1812 15.75.12.255 1813 Unicast address for forwarding inbound UDP packets with UDP port 1188 to a specific device on VLAN 2. Broadcast address for forwarding inbound UDP packets with UDP port 1812 to any device in the 15.75.11.0 network.
PAGE 302
IP Routing Features UDP Broadcast Forwarding Configuring and Enabling UDP Broadcast Forwarding To configure and enable UDP broadcast forwarding on the switch: 1. Enable routing. 2. Globally enable UDP broadcast forwarding. 3. On a per-VLAN basis, configure a forwarding address and UDP port type for each type of incoming UDP broadcast you want routed to other VLANs.
PAGE 303
IP Routing Features UDP Broadcast Forwarding — Continued from the preceding page. — < ip-address >: This can be either of the following: • The unicast address of a destination server on another subnet. For example: 15.75.10.43. • The broadcast address of the subnet on which a destination server operates. For example, the following address directs broadcasts to All hosts in the 15.75.11.0 subnet: 15.75.11.255.
PAGE 304
IP Routing Features UDP Broadcast Forwarding Displaying the Current IP Forward-Protocol Configuration Syntax show ip forward-protocol [ vlan < vid >] Displays the current status of UDP broadcast forwarding and lists the UDP forwarding address(es) configured on all static VLANS in the switch or on a specific VLAN. Global Display Showing UDP Broadcast Forwarding Status and Configured Forwarding Addresses for Inbound UDP Broadcast Traffic for All VLANs Configured on the routing switch. Figure 7-17.
PAGE 305
IP Routing Features UDP Broadcast Forwarding Operating Notes for UDP Broadcast Forwarding Maximum Number of Entries. The number of UDP broadcast entries and IP helper addresses combined can be up to 16 per VLAN, with an overall maximum of 2048 on the switch. (IP helper addresses are used with the switch’s DHCP Relay operation. For more information, refer to “Configuring DHCP Relay” on page 7-26.
PAGE 306
IP Routing Features UDP Broadcast Forwarding 7-48
PAGE 307
8 ProCurve Stack Management Contents Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3 Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-4 Which Devices Support Stacking? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5 Components of ProCurve Stack Management . . . . . . . . . . . . . . . . . . . . 8-6 General Stacking Operation . . . . . . . . . . . . . .
PAGE 308
ProCurve Stack Management Contents Using the CLI To Disable or Re-Enable Stacking . . . . . . . . . . . . . . . . 8-46 Transmission Interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-46 Stacking Operation with Multiple VLANs Configured . . . . . . . . . . . . 8-46 Web: Viewing and Configuring Stacking . . . . . . . . . . . . . . . . . . . . . . . 8-47 Status Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 309
ProCurve Stack Management Overview Overview This chapter describes how to use your network to stack switches without the need for any specialized cabling. For an overview of stacking features, refer to the table on page 8-4.
PAGE 310
ProCurve Stack Management Operation Operation Stacking Features Feature Default Menu CLI Web view status of a single switch n/a page 8-27 thru page 8-29 page 8-32 page 8-46 view candidate status n/a page 8-32 view status of commander and its stack n/a page 8-33 view status of all stacking-enabled switches in the ip subnet n/a page 8-33 view stack status configure stacking enable/disable candidate Auto-Join enabled/Yes page 8-16 page 8-38 “push” a candidate into a stack n/a page 8-
PAGE 311
ProCurve Stack Management Operation ■ Simplify management of small workgroups or wiring closets while scaling your network to handle increased bandwidth demand. ■ Eliminate any specialized cables for stacking connectivity and remove the distance barriers that typically limit your topology options when using other stacking technologies. ■ Add switches to your network without having to first perform IP addressing tasks.
PAGE 312
ProCurve Stack Management Operation Components of ProCurve Stack Management Table 8-1. Stacking Definitions Stack Consists of a Commander switch and any Member switches belonging to that Commander’s stack. Commander A switch that has been manually configured as the controlling device for a stack. When this occurs, the switch’s stacking configuration appears as Commander. Candidate A switch that is ready to join (become a Member of) a stack through either automatic or manual methods.
PAGE 313
ProCurve Stack Management Operation Use the Commander’s console or web browser interface to access the user interface on any Member switch in the same stack. Wiring Closet "A" Member Switch 1 Candidate Switch IP Address: None Assigned IP Address: None Assigned Manager Password: leader Manager Password: francois Commander Switch 0 Non-Member Switch Member Switch 2 IP Address: 14.28.227.100 IP Address: 14.28.227.
PAGE 314
ProCurve Stack Management Operation ■ If multiple VLANs are configured, stacking uses only the primary VLAN on any switch. In the factory-default configuration, the DEFAULT_VLAN is the primary VLAN. (See “Stacking Operation with Multiple VLANs Configured” on page 8-45 and “The Primary VLAN” on page 2-7.) ■ Stacking allows intermediate devices that do not support stacking. This enables you to include switches that are distant from the Commander.
PAGE 315
ProCurve Stack Management Operation IP Addressing and Stack Name Member Note Number Allowed Per Stack IP Addr: Optional. Up to 15 Members Configuring an IP per stack. address allows access via Telnet or web browser interface without going through the Commander switch. This is useful, for example, if the stack Commander fails and you need to convert a Member switch to operate as a replace ment Commander.
PAGE 316
ProCurve Stack Management Configuring Stack Management Configuring Stack Management Overview of Configuring and Bringing Up a Stack This process assumes that: ■ All switches you want to include in a stack are connected to the same subnet (broadcast domain). ■ If VLANs are enabled on the switches you want to include in the stack, then the ports linking the stacked switches must be on the primary VLAN in each switch (which, in the default configuration, is the default VLAN).
PAGE 317
ProCurve Stack Management Configuring Stack Management Table 8-3. Stacking Configuration Guide Join Method1 Commander Candidate (IP Addressing Required) (IP Addressing Optional) Auto Grab Auto Join Passwords Automatically add Candidate to Stack (Causes the first 15 eligible, discovered switches in the subnet to automatically join a stack.
PAGE 318
ProCurve Stack Management Configuring Stack Management General Steps for Creating a Stack This section describes the general stack creation process. For the detailed configuration processes, see pages 8-13 through 8-37 for the menu interface and pages 8-30 through 8-42 for the CLI. 1. Determine the naming conventions for the stack. You will need a stack name. Also, to help distinguish one switch from another in the stack, you can configure a unique system name for each switch.
PAGE 319
ProCurve Stack Management Configuring Stack Management join the stack, assign IP addresses to these devices. Otherwise, IP addressing is optional for Candidates and Members. (Note that once a Candidate becomes a member, you can access it through the Commander to assign IP addressing or make other configuration changes.) 4. Make a record of any Manager passwords assigned to the switches (intended for your stack) that are not currently members.
PAGE 320
ProCurve Stack Management Configuring Stack Management Figure 8-5. The Default Stacking Menu 3. Display the Stack Configuration menu by pressing [3] to select Stack Configuration. Figure 8-6. The Default Stack Configuration Screen 8-14 4. Move the cursor to the Stack State field by pressing [E] (for Edit). Then use the Space bar to select the Commander option. 5. Press the downarrow key to display the Commander configuration fields in the Stack Configuration screen.
PAGE 321
ProCurve Stack Management Configuring Stack Management Figure 8-7. The Default Commander Configuration in the Stack Configuration Screen 6. Enter a unique stack name (up to 15 characters; no spaces) and press the downarrow key. 7. Ensure that the Commander has the desired Auto Grab setting, then press the downarrow key: • No (the default) prevents automatic joining of Candidates that have their Auto Join set to Yes.
PAGE 322
ProCurve Stack Management Configuring Stack Management ■ Convert the Candidate to a Commander ■ Disable stacking on the Candidate so that it operates as a standalone switch In its default stacking configuration, a Candidate switch can either automati cally join a stack or be manually added (“pulled”) into a stack by a Commander, depending on the Commander’s Auto Grab setting. The following table lists the Candidate’s configuration options: Table 8-4.
PAGE 323
ProCurve Stack Management Configuring Stack Management Figure 8-8. The Default Stack Configuration Screen 3. Move the cursor to the Stack State field by pressing [E] (for Edit). 4. Do one of the following: • To disable stacking on the Candidate, use the Space bar to select the Disabled option, then go to step 5. Note: Using the menu interface to disable stacking on a Candidate removes the Candidate from all stacking menus. • To insert the Candidate into a specific Commander’s stack: i.
PAGE 324
ProCurve Stack Management Configuring Stack Management 5. press [Enter] to return the cursor to the Actions line. 6. Press [S] (for Save) to save your configuration changes and return to the Stacking menu. Using the Commander To Manage The Stack The Commander normally operates as your stack manager and point of entry into other switches in the stack.
PAGE 325
ProCurve Stack Management Configuring Stack Management For status descriptions, see the table on page 8-47. Figure 8-9. Example of the Stack Management Screen 2. Press [A] (for Add) to add a Candidate. You will then see this screen listing the available Candidates: The Commander automatically selects an available switch number (SN). You have the option of assigning any other available number. Candidate List Figure 8-10. Example of Candidate List in Stack Management Screen 3.
PAGE 326
ProCurve Stack Management Configuring Stack Management 6. • If the desired Candidate has a Manager password, press the downarrow key to move the cursor to the Candidate Password field, then type the password. • If the desired Candidate does not have a password, go to step 6. Press [Enter] to return to the Actions line, then press [S] (for Save) to complete the Add process for the selected Candidate.
PAGE 327
ProCurve Stack Management Configuring Stack Management 2. To learn or verify the MAC address of the Member you want to move, display a listing of all Commanders, Members, and Candidates in the subnet by selecting: 2. Stacking Status (All) You will then see the Stacking Status (All) screen: For status descriptions, see the table on page 8-47. This column lists the MAC Addresses for switches discovered (in the local subnet) that are configured for Stacking.
PAGE 328
ProCurve Stack Management Configuring Stack Management 7. Use the downarrow key to move the cursor to the MAC Address field, then type the MAC address of the desired Member you want to move from another stack. 8. Do one of the following: 9. Note • If the stack containing the Member you are moving has a Manager password, press the downarrow key to select the Candidate Password field, then type the password.
PAGE 329
ProCurve Stack Management Configuring Stack Management To remove a Member from a stack, use the Stack Management screen. 1. From the Main Menu, select: 9. Stacking... 4. Stack Management You will then see the Stack Management screen: For status descriptions, see the table on page 8-47. Stack Member List Figure 8-13. Example of Stack Management Screen with Stack Members Listed 2. Use the downarrow key to select the Member you want to remove from the stack. Figure 8-14.
PAGE 330
ProCurve Stack Management Configuring Stack Management 4. To continue deleting the selected Member, press the Space bar once to select Yes for the prompt, then press [Enter] to complete the deletion. The Stack Management screen updates to show the new stack Member list.
PAGE 331
ProCurve Stack Management Configuring Stack Management Main Menu for stack Member named “Coral Sea” (SN = 1 from figure 8-16) Figure 8-17. The eXecute Command Displays the Console Main Menu for the Selected Stack Member 2. You can now make configuration changes and/or view status data for the selected Member in the same way that you would if you were directly connected or telnetted into the switch. 3.
PAGE 332
ProCurve Stack Management Configuring Stack Management 4. To display Stack Configuration menu for the switch you are moving, select 3. Stack Configuration 5. Press [E] (for Edit) to select the Stack State parameter. 6. Use the Space bar to select Member, then press [v] to move to the Com mander MAC Address field. 7. Enter the MAC address of the destination Commander and press [Enter]. 8. Press [S] (for Save).
PAGE 333
ProCurve Stack Management Configuring Stack Management Using Any Stacked Switch To View the Status for All Switches with Stacking Enabled. This procedure displays the general status of all switches in the IP subnet (broadcast domain) that have stacking enabled. 1. Go to the console Main Menu for any switch configured for stacking and select: 9. Stacking ... 2. Stacking Status (All) You will then see a Stacking Status screen similar to the following: For status descriptions, see the table on page 8-47.
PAGE 334
ProCurve Stack Management Configuring Stack Management Figure 8-19. Example of the Commander’s Stacking Status Screen Viewing Member Status. This procedure displays the Member’s stacking information plus the Commander’s status, IP address, and MAC address. To display the status for a Member: 1. Go to the console Main Menu of the Commander switch and select 9. Stacking ... 5. Stack Access 2. Use the downarrow key to select the Member switch whose status you want to view, then press [X] (for eXecute).
PAGE 335
ProCurve Stack Management Configuring Stack Management Figure 8-20. Example of a Member’s Stacking Status Screen Viewing Candidate Status. This procedure displays the Candidate’s stacking configuration. To display the status for a Candidate: 1. Use Telnet (if the Candidate has a valid IP address for your network) or a direct serial port connection to access the menu interface Main Menu for the Candidate switch and select 9. Stacking ... 1.
PAGE 336
ProCurve Stack Management Configuring Stack Management Using the CLI To View Stack Status and Configure Stacking The CLI enables you to do all of the stacking tasks available through the menu interface.) Table 8-6. CLI Commands for Configuring Stacking on a Switch CLI Command Operation show stack [candidates | view | all] Commander: Shows Commander’s stacking configuration and lists the stack members and their individual status.
PAGE 337
ProCurve Stack Management Configuring Stack Management CLI Command Operation [no] stack member mac-address [password ] Commander: Adds a Candidate to stack membership. “No” form removes a Member from stack membership. To easily determine the MAC address of a Candidate, use the show stack candidates command. To determine the MAC address of a Member you want to remove, use the show stack view command.
PAGE 338
ProCurve Stack Management Configuring Stack Management Using the CLI To View Stack Status You can list the stack status for an individual switch and for other switches that have been discovered in the same subnet. Syntax: show stack [candidates | view | all] Viewing the Status of an Individual Switch. The following example illustrates how to use the CLI in a to display the stack status for that switch. In this case, the switch is in the default stacking configuration. Syntax: show stack Figure 8-22.
PAGE 339
ProCurve Stack Management Configuring Stack Management Viewing the Status of all Stack-Enabled Switches Discovered in the IP Subnet. The next example lists all the stack-configured switches discovered in the IP subnet. Because the switch on which the show stack all command was executed is a candidate, it is included in the “Others” category. Syntax: show stack all Figure 8-24.
PAGE 340
ProCurve Stack Management Configuring Stack Management Using the CLI To Configure a Commander Switch You can configure any stacking-enabled switch to be a Commander as long as the intended stack name does not already exist on the broadcast domain. (When you configure a Commander, you automatically create a corresponding stack.) Before you begin configuring stacking parameters: 1. Note Configure IP addressing on the switch intended for stack commander and, if not already configured, on the primary VLAN.
PAGE 341
ProCurve Stack Management Configuring Stack Management The stack commander command configures the Commander and names the stack. The Commander appears in the stack as Switch Number (SN) 0. Figure 8-26. Example of the Commander’s Show Stack Screen with Only the Commander Discovered Using a Member’s CLI to Convert the Member to the Commander of a New Stack. This procedure requires that you first remove the Member from its current stack, then create the new stack.
PAGE 342
ProCurve Stack Management Configuring Stack Management The output from this command tells you the MAC address of the current stack Commander. Removes the Member from the “Big_Waters” stack. Converts the former Member to the Com mander of the new “Lakes” stack. Figure 8-27.
PAGE 343
ProCurve Stack Management Configuring Stack Management Using the Commander’s CLI To Manually Add a Candidate to the Stack. To manually add a candidate, you will use: ■ A switch number (SN) to assign to the new member. Member SNs range from 1 to 15. To see which SNs are already assigned to Members, use show stack view. You can use any SN not included in the listing. (SNs are viewable only on a Commander switch.) ■ The MAC address of the discovered Candidate you are adding to the stack.
PAGE 344
ProCurve Stack Management Configuring Stack Management For example, if the ProCurve 8000M in the above listing did not have a Manager password and you wanted to make it a stack Member with an SN of 2, you would execute the following command: ProCurve(config)# stack member 2 mac-address 0060b0 dfla00 The show stack view command then lists the Member added by the above command: The new member did not have a System Name configured prior to joining the stack, and so receives a System Name composed of the sta
PAGE 345
ProCurve Stack Management Configuring Stack Management Using a Candidate CLI To Manually “Push” the Candidate Into a Stack . Use this method if any of the following apply: ■ The Candidate’s Auto Join is set to Yes (and you do not want to enable Auto Grab on the Commander) or the Candidate’s Auto Join is set to No. ■ Either you know the MAC address of the Commander for the stack into which you want to insert the Candidate, or the Candidate has a valid IP address and is operating in your network.
PAGE 346
ProCurve Stack Management Configuring Stack Management Syntax: stack member < switch-number > mac-address < mac-addr > [ password < password-str >] In the destination Commander, use show stack all to find the MAC address of the Member you want to pull into the destination stack. For example, suppose you created a new Commander with a stack name of “Cold_Waters” and you wanted to move a switch named “Bering Sea” into the new stack: Move this switch into the “Cold Waters” stack. Figure 8-32.
PAGE 347
ProCurve Stack Management Configuring Stack Management Syntax: no stack name < stack name> stack join < mac-address > If you don’t know the MAC address of the destination Commander, you can use show stack all to identify it. For example, suppose you have a switch operating as the Commander for a temporary stack named “Test”.
PAGE 348
ProCurve Stack Management Configuring Stack Management Use show stack view to list the stack Members. For example, suppose that you wanted to use the Commander to remove the “North Sea” Member from the following stack: Remove this Member from the stack. Figure 8-34.
PAGE 349
ProCurve Stack Management Configuring Stack Management You would then execute this command in the “North Sea” switch’s CLI to remove the switch from the stack: North Sea(config)# no stack join 0030c1-7fec40 Using the CLI To Access Member Switches for Configuration Changes and Traffic Monitoring After a Candidate becomes a Member, you can use the telnet command from the Commander to access the Member’s CLI or console interface for the same configuration and monitoring that you would do through a Telnet or
PAGE 350
ProCurve Stack Management Configuring Stack Management SNMP Community Operation in a Stack Community Membership In the default stacking configuration, when a Candidate joins a stack, it automatically becomes a Member of any SNMP community to which the Commander belongs, even though any community names configured in the Commander are not propagated to the Member’s SNMP Communities listing.
PAGE 351
ProCurve Stack Management Configuring Stack Management Note that in the above example (figure 8-37) you cannot use the public community through the Commander to access any of the Member switches. For example, you can use the public community to access the MIB in switches 1 and 3 by using their unique IP addresses. However, you must use the red or blue community to access the MIB for switch 2. snmpget < MIB variable > 10.31.29.
PAGE 352
ProCurve Stack Management Configuring Stack Management When using stacking in a multiple-VLAN environment, the following criteria applies: ■ Stacking uses only the primary VLAN on each switch in a stack. ■ The primary VLAN can be tagged or untagged as needed in the stacking path from switch to switch. ■ The same VLAN ID (VID) must be assigned to the primary VLAN in each stacked switch. Web: Viewing and Configuring Stacking Figure 8-38.
PAGE 353
ProCurve Stack Management Configuring Stack Management Status Messages Stacking screens and listings display these status messages: Message Candidate Auto-join Condition Action or Remedy Indicates a switch configured with Stack State set to None required Candidate, Auto Join set to Yes (the default), and no Manager password. Candidate Candidate cannot automatically join the stack because one or both of the following conditions apply: • Candidate has Auto Join set to No.
PAGE 354
ProCurve Stack Management Configuring Stack Management 8-48
PAGE 355
Index Numerics C 802.1p priority (QoS) definition … 6-6 802.1Q VLAN standard … 5-7 802.
PAGE 356
DHCP-Relay operation with Option 82 … 7-31 directed broadcasts … 7-13 disclaimer … 1-ii displaying information IRDP … 7-25 domain … 2-15, 2-21 downstream device (QoS) definition … 6-6 effect of priority settings … 6-9 DSCP Policy Table … 6-59 policy, defined … 6-6 See also priority.
PAGE 357
configuration … 4-11 configure per VLAN … 4-5 data-driven … 4-15 delayed group flush … 4-17 Exclude Source … 4-13 Fast-Leave … 4-14 forced fast-leave … 4-17 high-priority forwarding … 4-5 Include Source … 4-13 leave group … 4-12 multicast group … 4-11 multimedia … 4-3 operation … 4-11, 4-12 port states … 4-5 query … 4-11 report … 4-12 status … 4-12 supported standards and RFCs … 4-13 traffic … 4-5 Version 3 … 4-13 inbound port (QoS) definition … 6-6 Include Source See IGMP.
PAGE 358
multiple … 2-10 multiple forwarding database … 2-10 N notes on using VLANs … 2-10 notices … 1-ii null static route … 7-19 O optimizing RSTP configuration … 5-13 Option 82 (DHCP) … 7-28 outbound port (QoS) definition … 6-6 outbound port queue (QoS) definition … 6-7 overview, IP routing … 7-3 P parameters IP global … 7-6 IP interface … 7-7 path cost … 5-9 Perlman, Interconnections … 5-32 policy enforcement engine described … 6-15 displaying resource usage … 6-15 port auto, IGMP … 4-5 blocked by STP operati
PAGE 359
quick start … 1-5 R reboot … 3-10 redundant path … 5-9, 5-50 spanning tree … 5-9 region … 5-49 See spanning-tree, 802.1s.
PAGE 360
activation … 5-60 active path … 5-50 active paths … 5-54 bandwidth loss … 5-51 blocked traffic … 5-51 boundary port, region … 5-53, 5-54 boundary port, VLAN membership … 5-51 BPDU … 5-51, 5-57, 5-61, 5-62, 5-64 BPDU requirement … 5-53 BPDU, function … 5-53 bridge … 5-53 bridge, designated for region … 5-53 caution … 5-46, 5-49 CIST … 5-47, 5-52, 5-54 CIST per-port hello time … 5-54 CIST root … 5-64 common and internal spanning tree See CIST. common spanning tree See CST.
PAGE 361
rapid state transitions … 5-55, 5-57 redundant links … 5-51 region … 5-5, 5-47, 5-48 region name … 5-53, 5-60 region root switch … 5-48 region, configuration name … 5-81 region, Configuration Revision number … 5-81 region, defined … 5-53 region, enabling … 5-72 region, root bridge … 5-52 region, RSTP bridge … 5-54 region, switch configuration … 5-54 region, switch excluded … 5-81 region, view configuration … 5-79 region, VLAN assignments … 5-53 regional boundary port … 5-53 regional root bridge per-instance
PAGE 362
configure … 7-44 global enable … 7-44 invalid entry … 7-43 IP helper address, effect … 7-42 maximum entries … 7-42 port-number ranges … 7-47 show command … 7-46 subnet address … 7-42 subnet masking … 7-43 UDP/TCP port number listing … 7-47 unicast address … 7-42 VLAN, subnetted … 7-42 upstream device QoS) definition … 6-7 V VID See VLAN. Viewing spanning tree configuration … 5-14 virtual stacking transmission interval range … 8-17 VLAN … 2-4, 2-39 802.
PAGE 363