HP 2500 manuals

Computer Equipment > Switch

When we buy new device such as HP 2500 we often through away most of the documentation but the warranty. Very often issues with HP 2500 begin only after the warranty period ends and you may want to find how to repair it or just do some service work. Even oftener it is hard to remember what does each function in Switch HP 2500 is responsible for and what options to choose for expected result. Fortunately you can find all manuals for Switch on our side using links below.

HP 2500 Manual

270 pages1.64 Mb

1Release Notes:
- for the ProCurve Series 2300 and 2500 Switches
4Contents
- Software Management
- Enhancements in Release F.05.05 through F.05.70
- 6Enhancements in Release F.04.08
- 7Enhancements in Release F.02.11
- Enhancements in Release F.02.02
- 9Updates and Corrections for the Management and Configuration Guide
- Software Fixes
12Software Management
- View or Download the Software Manual Set
- Downloading Software to the Switch
- 13N o t e
- TFTP Download from a Server
- Validating and Writing System Software to FLASH
- Logon Default
- 14Xmodem Download From a PC or Unix Workstation
- This procedure assumes that:
- The switch is connected via the Console
- ■The switch software is stored on a disk drive in the PC
- Send File
- ransfer
- Syntax:copy xmodem flash <unix | pc
- For example, to download a software file from a PC:
- HP2512(config)# console baud-rate57600
- 2.Execute the following command in the CLI:
- 3.Execute the terminal emulator commands to begin the Xmodem transfer
- 4.To confirm that the software downloaded correctly:
- HP2512> show system
- Check the Firmware revision line
- Check the
- line
- 15Saving Configurations While Using the CLI
- Running-Config
- File:
- Startup-Config
- save configuration
- 16ProCurve Switch, Routing Switch, and Router Software Keys
17Enhancements in Release F.05.05 through F.05.70
18Implementation of LLDP
LLDP Terminology
Adjacent Device:
Advertisement: See LLDPDU
Active Port:
LLDP:
LLDP-Aware:
LLDP Device:
LLDP Neighbor:
LLDPDU (LLDP Data Unit):
19Packet Boundaries in a Network Topology
20Table 1. Viewable Data Available for LLDP Advertisements
LLDP Standards Compatibility
IEEE
■RFC 2922 (PTOPO, or Physical Topology MIB)
■RFC 2737 (Entity MIB)
■RFC 2863 (Interfaces MIB)
21LLDP Operating Rules
Port Trunking
IP Address Advertisements
Spanning-Tree
Blocking
802.1X Blocking
22Viewing the Current LLDP Configuration
23Viewing LLDP-detectedDevices
24Figure 3. Example of Viewing the LLDP Remote Device Information Details
Enabling or Disabling LLDP Operation on the Switch
lldp run
Syntax [ no ] lldp run
For example, to disable LLDP on the switch, use the command:
ProCurve(config)# no lldp run
25Configuring Per-PortLLDP Transmit/Receive
26New Console Option
console
local-terminal
console local-terminalvt100
Clarification of Time Zone Issue
+480
27Syslog Overview
Syslog
Figure 4. A Syslog server collecting Event Log Messages from Multiple Switches
Syslog Operation
Syntax: [no] logging < syslog-ip-addr
Syntax:
[no] logging
no logging
28no logging
syslog-ip-address
29Syntax: [no] logging facility < facility-name
user
user (the default) — Random user-levelmessages kern — Kernel messages
auth — Security/Authorization messages
syslog — Messages generated internally by Syslog lpr — Line-Printersubsystem
facility
facility-name
■Switch Series 5300XL (software release E.08.xx or greater)
■Switch Series 4100GL (software release G.07.50 or greater)
■Switch Series
■Switch Series 2600 and the Switch 6108 (software release H.07.30 or greater)
30Viewing the Syslog Configuration
Syntax: show debug
show debug
Configuring Syslog Logging
1.If you want to use a Syslog server for recording Event Log messages:
ProCurve(config)# logging < ip-addr
Figure 5. Example of Configuring Syslog Operation
31See Figure 6 below for an example of adding an additional Syslog server
Figure 6. Configuring multiple Syslog Servers
Operating Notes for Syslog
Isolated Port Groups (Enhanced)
32group1
group2
Caution
Options for Isolated Port Groups
Uplink (the default)
Group2
Group1
33Table 2. Communication Allowed Between Port-IsolationTypes within a Switch
Figure 7. Communication Allowed Between Port-IsolationTypes within a Switch
34Operating Rules for Port Isolation
Trunking is supported
only
LACP is allowed only on the Uplink ports
no int e < port-numbers > lacp
GVRP must be disabled (the default)
A Series 2500 switch with
Enabling port isolation and configuring individual ports to specific
35Configuring Port Isolation on the Switch
Steps for Configuring Port Isolation
Remove all
2.Identify the devices you will connect to the switch’s ports
7.Enable port isolation on the switch
configure in public, local, or private mode. To do so, > lacp
Configure the
9.Connect the switch ports to the other devices in your port-isolationplan
Test the operation of all ports you are using for links to the other devices
When you are satisfied that your
write mem
36Configuring and Viewing Port-Isolation
Syntax: [ no ] port-isolation
uplink
public, group1, group2, private, local
show port-isolation
show running-config
Lists the switch’s running configuration, including port-isolationsettings
Lists the switch’s startup configuration, including port-isolationsettings
Uplink mode
mode
37Table 3. Port Isolation Plan
38Figure 8. Example of Isolating Ports on a Series 2500 Switch
39Figure 9. Example of Port-IsolationConfiguration
Messages Related to Port-IsolationOperation
Port Isolation is
disabled. It must be
enabled first
40Troubleshooting Port-IsolationOperation
Configuring Port-BasedAccess Control (802.1X)
Overview
Why Use Port-BasedAccess Control
41General Features
802.1X on the Series 2500 switches includes the following:
Switch operation as both an authenticator (for supplicants having a
■Prevention of traffic flow in either direction on unauthorized ports
Temporary
■Use of Show commands to display session counters
With
“802.1X Open VLAN Mode” on page
-44.)
42Figure 10. Example of an 802.1X Application
Accounting
How 802.1X Operates
Authenticator Operation
2.The switch responds with an identity request
4.The switch responds in one of the following ways:
iii.The RADIUS server then checks the credentials provided by the client
43Switch-PortSupplicant Operation
■Switch “A” has port 1 configured for 802.1X supplicant operation
■You want to connect port 1 on switch “A” to port 5 on switch “B”
Figure 11. Example of Supplicant Operation
44•A “success” response unblocks port 5 to normal traffic from port
Terminology
802.1X-Aware:
Authenticator:
CHAP (MD5): Challenge Handshake Authentication Protocol
Client:
45EAP
EAPOL:
Friendly Client:
MD5:
PVID (Port VID):
Static VLAN:
vlan
<vid > command or the Menu interface
Supplicant:
Unauthorized-Client
VLAN:
46General Operating Rules and Notes
Error configuring port X: LACP and 802.1X cannot be run together
Note on 802.1X and LACP
47General Setup Procedure for Port-BasedAccess Control (802.1X)
Do These Steps Before You Configure 802.1X Operation
Overview: Configuring 802.1X Authentication on the Switch
48eap-radius
chap-radius
radius host
49Configuring Switch Ports as 802.1X Authenticators
501. Enable 802.1X Authentication on Selected Ports
Syntax: aaa port-accessauthenticator < port-list
[control < authorized | auto | unauthorized >]
Controls authentication mode on the specified port:
authorized:
51Syntax: aaa port-accessauthenticator < port-list > (Syntax Continued)
[quiet-period< 0 - 65535 >]
(Default: 60 seconds)
[tx-period< 0 - 65535 >]
[supplicant-timeout< 1 - 300 >]
[server-timeout< 1 - 300 >]
max-requests
[max-requests< 1 - 10 >]
quiet-period
52control auto
Note:
control authorized
port- security
533. Configure the 802.1X Authentication Method
Figure 12. Example of 802.1X (Port-Access)Authentication
544. Enter the RADIUS Host IP Address(es)
5. Enable 802.1X Authentication on the Switch
55802.1X Open VLAN Mode
Introduction
■Acquiring IP addressing from a DHCP server
Unauthorized-Client
VLAN
one
untagged
1st Priority:
2nd Priority:
Authorized-Client
563rd Priority:
Use Models for 802.1X Open VLAN Modes
Authorized-Client
57Table 4. 802.1X Open VLAN Mode Options
802.1X Per-PortConfiguration
Port Response
No Open VLAN mode:
tication session
Open VLAN mode with both of the following configured:
Unauthorized-ClientVLAN
• When the port detects a client, it automatically becomes an
port as a static, tagged member of the VLAN, membership
temporarily changes to untagged while the client remains
unauthenticated
• If the port already has a statically configured, untagged
authenticated. Refer to the Caution on page
Authorized-ClientVLAN
this VLAN
Note: If RADIUS authentication assigns a VLAN, the port
connected
port returns to tagged membership in this VLAN
VLAN. Refer to the Caution on page
58Open VLAN Mode with Only an Unauthorized-ClientVLAN Configured:
Open VLAN Mode with Only an Authorized-ClientVLAN Configured:
59Operating Rules for Authorized-Clientand Unauthorized-ClientVLANs
Condition
Rule
command or the VLAN Menu screen in the Menu interface.)
VLAN Assignment Received from a RADIUS Server
Temporary VLAN Membership During a Client Session
Effect of Unauthorized-ClientVLAN session on untagged port VLAN membership
Effect of Authorized-ClientVLAN session on untagged port VLAN membership
Port membership in a VLAN assigned to operate as the
60Multiple Authenticator Ports Using
the Same Unauthorized-Clientand
Authorized-ClientVLANs
all 802.1X authenticator ports configured on the switch
Attempt
client that cannot be authenticated.)
Note:
61Setting Up and Configuring 802.1X Open VLAN Mode
Preparation
Before you configure the 802.1X Open VLAN mode on a port:
i.Port 5 is an untagged member of VLAN 1 (the default VLAN)
ii.You configure port 5 as an 802.1X authenticator port
iii.You configure port 5 to use an Authorized-ClientVLAN
62Configuring General 802.1X Operation:
Syntax: aaa port-accessauthenticator e < port-list > control auto
2.Configure the 802.1X authentication type. Options include:
63If you selected either
Adds a server to the RADIUS configuration
4.Activate authentication on the switch
64Configuring 802.1X Open VLAN Mode
rad4all
65802.1X Open VLAN Operating Notes
not
While an
When a client’s authentication attempt on an
66Syntax: port-security[ethernet] < port-list
learn-mode port-access
action < none | send-alarm| send-disable
67Note on Blocking a Non-802.1XDevice
control
authorized
68For example, suppose that you want to connect two switches, where:
■Switch “A” has port 1 configured for 802.1X supplicant operation
Figure 13. Example of Supplicant Operation
69Syntax: [no] aaa port-accesssupplicant [ethernet] < port-list
70Configuring a Supplicant Switch Port
identity
secret
Syntax: aaa port-accesssupplicant [ethernet] < port-list
[identity < username >]
[secret]
Enter secret: < password
Repeat secret: < password
71max-start
start-period
start- period
72Displaying 802.1X Configuration, Statistics, and Counters
Show Commands for Port-AccessAuthenticator
Without
displays whether
port-access
authenticator is active
With
displays the
only, displays the
data for all ports enabled as authenticators
For descriptions of
refer to the next section of this table
73supplicant
74Viewing 802.1X Open VLAN Mode Status
port-access
authenticator
show vlan
Figure 14. Example Showing Ports Configured for Open VLAN Mode
Thus, in the show port-accessauthenticator output:
Thus, in the
output:
When the
Auth VLAN ID
Current VLAN ID
75Table 5. Open VLAN Mode Status
76Syntax: show vlan < vlan-id
Figure 15. Example of Showing a VLAN with Ports Configured for Open VLAN Mode
77Show Commands for Port-AccessSupplicant
port- list
Connecting - Starting authentication
Authenticated
Acquired
Authenticating
Held
show port-accesssupplicant [[e] < port-list >] statistics
■The supplicant port detects a different authenticator device
You use the
command to clear the statistics for the supplicant port
■The switch reboots
78How RADIUS/802.1X Authentication Affects VLAN Operation
Static VLAN Requirement
(This is because a port can be an untagged member of only one VLAN at a time.)
Figure 16. Example of an Active VLAN Configuration
79You can see the temporary VLAN assignment by using the
81Notes
■Eliminates and ceases to advertise the temporary VLAN assignment
■Re-activatesand resumes advertising the temporarily disabled VLAN assignment
Messages Related to 802.1X Operation
Table 6. 802.1X Operating Messages
HPswitch(config)# aaa port-accessauthenticator e
message Can’t reach RADIUS server
82LACP has been disabled on 802.1X port(s)
Error configuring port < port-number>: LACP and 802.1X cannot be run together
IGMP Version 3 Support
83Enhancements in Release F.04.08
84Using Friendly (Optional) Port Names
- Show
- augments
- does not replace
- Configuring and Operating Rules for Friendly Port Names
- The friendly port names you configure appear in the output of the
- show name
- show interface
- port-number
- ■A friendly port name can have up to 64 contiguous alphanumeric characters
- Blank spaces within friendly port names are not allowed, and if used, cause an
- invalid input
- In a port listing
- not assigned
- To retain friendly port names across reboots, you must save the current
- 85Configuring Friendly Port Names
- Configuring a Single Port Name
- Figure 20. Example of Configuring a Friendly Port Name
- Figure 21. Example of Configuring One Friendly Port Name on Multiple Ports
- 86Displaying Friendly Port Names with Other Port Data
- You can display friendly port name data in the following combinations:
- This command lists
- names assigned to a specific port
- show name [ port-list ]
- Lists the friendly port name with its corresponding
- port number and port type. show name alone lists
- this data for all ports on the switch
- For example:
- Figure 22. Example of Friendly Port Name Data for All Ports on the Switch
- 87Figure 23. Example of Friendly Port Name Data for Specific Ports on the Switch
- show interface <port-number
- statistics listing
- Figure 24. Example of a Friendly Port Name in a Per-PortStatistics Listing
- 88Name
- Name : not assigned
- This option tells you which friendly port names have been saved to the
- startup-config
- file. (The
- command does not include ports that have only default settings in the
- file.)
- Includes friendly port names in a listing of all interfaces (ports)
- configured with non-defaultsettings. Excludes ports that have
- neither a friendly port name nor any other non-default
- configuration settings
- For example, if you configure port 1 with a friendly port name:
89Configuring Secure Shell (SSH)
- ■Client public-keyauthentication
- ■Switch SSH and user password authentication
- Figure 26. Client Public Key Authentication Model
- 90Note
- on OpenSSH, visit http://www.openssh.com
- on OpenSSH, visit
- Figure 27. Switch/User Authentication
- SSH on the Series 2500 switches supports these data encryption methods:
- ■3DES (168-bit)
- ■DES (56-bit)
- 91■SSH Server: An HP Series 2500 switch with SSH enabled
- Key Pair:
- PEM (Privacy Enhanced Mode):
- Public Key:
- ■Enable Level: Manager privileges on the switch
- ■Login Level: Operator privileges on the switch
- Local password or username:
- Prerequisite for Using SSH
- Public Key Format Requirement
- 92Steps for Configuring and Using SSH for Switch and Client Authentication
- SSH Options
- 93The general steps for configuring SSH include:
- A. Client Preparation
- Optional—If
- B.Switch Preparation
- Assign a login (Operator) and enable (Manager) password on the switch (page
- 2.Generate a public/private key pair on the switch (page 85)
- 4.Enable SSH on the switch (page 89)
- •SSH Login (Operator) options:
- –OptionA:
- Primary: Local, TACACS+, or RADIUS password
- Secondary: Local password or none
- –OptionB:
- Primary: Client public-keyauthentication (login rsa — page 95)
- •SSH Enable (Manager) options:
- Primary: Local, TACACS+, or RADIUS
- 94erase
- Once you generate a key pair on the switch you should avoid
- the session is not secure
- 95Configuring the Switch for SSH Operation
- 961. Assigning a Local Login (Operator) and Enable (Manager) Password
- 2. Generating the Switch’s Public and Private Key Pair
- 97Figure 31. Example of Generating a Public/Private Host Key Pair for the Switch
- IP SSH
- 983. Providing the Switch’s Public Key to Clients
- 99Figure 33. Example of a Correctly Formatted Public Key (Unbroken ASCII String)
- Displaying the Public Key
- Non-encoded
- ASCII numeric string:
- Phonetic hash:
- Hexadecimal hash:
- 1004. Enabling SSH on the Switch and Anticipating SSH Client Contact Behavior
- 101SSH Client Contact Behavior
- To enable SSH on the switch
- Generate a public/private key pair if you have not already done so. (Refer to
- 2.Execute the ip ssh command
- To disable SSH on the switch, do either of the following:
- ■Execute no ip ssh
- ■Zeroize the switch’s existing key pair. (page 86)
- [no] ip ssh
- Enables or disables SSH on the switch
- larger key provides greater security; a smaller key
- results in faster authentication (default: 512 bits)
- See the following Note
- [port < 1-65535| default >]
- The IP port number for SSH connections
- (default: 22)
- [timeout < 5 - 120 >]
- The SSH login timeout value (default: 120 seconds)
- 102Note on Port Number
- key-size
- ip ssh port
- web-management
- no telnet
- snmp security
- 1035. Configuring the Switch for SSH Authentication
- 104Syntax: copy tftp pub-key-file< ip-address > < filename
- aaa authentication ssh login rsa
- Configures the switch to authenticate
- < local | none
- a client public-keyat the login level
- with an optional secondary password
- method (default: none)
- must
- aaa authentication ssh enable
- Configures a password method for the
- primary and secondary enable (Mana
- ger) access. If you do not specify an
- optional secondary method, it defaults
- to none
- Client-Keys.pub
- Client-Keys.pub
- 1056. Use an SSH Client To Access the Switch
- 106Further Information on SSH Client Public-KeyAuthentication
- 4.If there is a match, the switch:
- a.Generates a random sequence of bytes
- b.Uses the client’s public key to encrypt this sequence
- c.Send these encrypted bytes to the client
- 5.The client uses its private key to decrypt the byte sequence
- 6.The client then:
- a.Combines the decrypted byte sequence with specific session data
- 107b.Uses MD5 to create a hash version of this information
- c.Returns the hash version to the switch
- The switch computes its own hash version of the data in step
- Using client public-keyauthentication requires these steps:
- Copy the public key for each client into a
- Use
- aaa authentication ssh
- These steps describe how to copy
- client-public-keys
- into the switch for RSA
- challenge-response
- Figure 39. Example of a Client Public Key
- 108Copy the client’s public key (in ASCII
- .txt
- 3.Copy the client-public-keyfile into a TFTP server accessible to the switch
- Copying a client-public-keyinto the switch requires the following:
- One or more
- To use the client
- feature, you will need to convert the key to a
- non-encoded
- ASCII format
- 109Note on Public Keys
- Syntax: copy tftp pub-key-file <ip-address><filename
- Copies a public key file from a TFTP
- show ip client-public-key[ babble | fingerprint ]
- switch’s current client-public-keyfile
- to a phonetic hash that is easier
- for visual comparisons
- data to a hexadecimal hash for the
- same purpose
- clientkeys.txt
- 110You can replace the existing client
- You can remove the existing client
- clear
- public-key
- Syntax: clear public-key
- After you TFTP a
- client-public-key
- If an SSH client’s public key does not have a match in the switch’s
- Syntax: aaa authentication ssh login rsa none
- Allows SSH client access only if the switch
- detects a match between the client’s public
- key and an entry in the client-public-keyfile
- most recently copied into the switch
- aaa authentication ssh login rsa local
- Allows SSH client access if there is a public
- key match (see above) or if the client’s user
- login rsa local
- 111Messages Related to SSH Operation
- 00000K Peer unreachable
- 00000K Transport error
- Indicates the switch experienced a problem when
- may be wrong
- Cannot bind reserved TCP port
- <port-number
- Client public key file corrupt or
- not found. Use 'copy tftp pub-key
- tftp to download the key from a TFTP server
- file <ip-addr><filename>' to down
- load new file
- Download failed: overlength key in
- key file
- file
- Download failed: one or more keys is
- not a valid RSA public key
- Error: Requested keyfile does not exist
- 112Generating new RSA host key. If the
- After you execute the crypto key generate [rsa]
- cache is depleted
- this could take
- up to two minutes
- is generating the key
- Host RSA key file corrupt or not
- found. Use 'crypto
- key generate
- for the switch
- rsa' to create new
- host key
- host_ssh1 is not a
- valid key file
- Key does not exist
- or is corrupt
- show_client_public-key:cannot stat keyfile
- Troubleshooting SSH Operation
- See also “Messages Related to SSH Operation” on page
- Download failed: overlength key in key file
- Download failed: too many keys in key file
- Download failed: one or more keys is not a valid RSA public key
113Configuring RADIUS Authentication and Accounting
- Remote Authentication
- Dial-In
- User Service
- Authentication
- ■Serial port (Console)
- ■Telnet
- ■SSH
- ■Port-Access
- 114Accounting
- EAP(Extensible Authentication Protocol):
- Host: See RADIUS Server
- NAS (Network Access Server):
- RADIUS (Remote Authentication Dial In User Service):
- RADIUS Client:
- RADIUS Host:
- RADIUS Server:
- RADIUS host
- Shared Secret Key:
- 115Preparation:
- 116Configuring the Switch for RADIUS Authentication
- 117Outline of the Steps for Configuring RADIUS Authentication
- 1181.Configure Authentication for the Access Methods You Want RADIUS To Protect
- 119Figure 42. Example Configuration for RADIUS Authentication
- 1202. Configure the Switch To Access a RADIUS Server
- 1211.Change the encryption key for the server at 10.33.18.127 to "source0127
- Add a RADIUS server with an IP address of 10.33.18.119 and a
- To make the changes listed prior to figure 43, you would do the following:
- 1223. Configure the Switch’s Global RADIUS Parameters
- 123radius-serverretransmit < 1 .. 5
- If a RADIUS server fails to respond to an
- authentication request, specifies how many
- retries to attempt before closing the session
- (Default: 3; Range: 1 - 5)
- ■Allow only two tries to correctly enter username and password
- Use a
- ■Allow three seconds for request timeouts
- ■Allow two retries following a request that did not receive a response
- Figure 45. Example of Global Configuration Exercise for RADIUS Authentication
- 124Local Authentication Process
- 125Controlling Web Browser Interface Access When Using RADIUS Authentication
- 126This section assumes you have already:
- ■Configured RADIUS authentication on the switch for one or more access methods
- ■Configured one or more RADIUS servers to support the switch
- Exec accounting:
- 127System accounting:
- Operating Rules for RADIUS Accounting
- ■RADIUS servers used for accounting are also used for authentication
- ■The switch must be configured to access at least one RADIUS server
- 128Outline of the Steps for Configuring RADIUS Accounting
- 1291. Configure the Switch To Access a RADIUS Server
- 130Select the Accounting Type(s):
- Exec:
- exec
- ■System: Use system if you want to collect accounting data when:
- •A system boot or reload occurs
- •System accounting is turned on or off
- Network:
- 1313. (Optional) Configure Session Blocking and Interim Updating Options
- 132General RADIUS
- 135RADIUS Authentication
- 136RADIUS Accounting
- 137Changing RADIUS-ServerAccess Order
- Figure 57. Search Order for Accessing a RADIUS Server
- Re-enter
- 138Figure 58. Example of New RADIUS Server Search Order
- Messages Related to RADIUS Operation
- 139Troubleshooting RADIUS Operation
140IP Preserve: Retaining VLAN-1IP Addressing Across Configuration File Downloads
- Operating Rules for IP Preserve
- ip preserve
- The
- Figure 59. Example of Implementing IP Preserve in a Configuration File
- 141For example, consider Figure 60:
- Figure 60. Example of IP Preserve Operation
- 142To summarize the IP Preserve effect on IP addressing:
143The Role of 802.1Q VLAN Tagging
144Outbound Port Queues and Packet Priority Settings
145Operating Rules for Port-BasedPriority on Series 2500 Switches
Configuring and Viewing Port-BasedPriority
146Messages Related to Prioritization
Troubleshooting Prioritization
147Using the "Kill" Command To Terminate Remote Sessions
- Syntax: kill [<session-number>]
- kill
- Figure 64. Example of Using the "Kill" Command To Terminate a Remote Session
148Overview
149Transitioning from STP to RSTP
150Configuring RSTP
151CLI: Configuring RSTP
Abbreviation:
152Figure 65. Example of the Spanning Tree Configuration Display
Enabling or Disabling RSTP
Abbreviation: [no] span
Enabling STP Instead of RSTP
Abbreviation: span prot stp
153You can configure one or more of the
Table 9. Whole-SwitchRSTP Parameters
154Abbreviations:
span
protocol-version<rstp | stp
force-version <rstp-operation| stp-compatible
priority <0 - 15
pri <0 - 15
maximum-age<6 - 40 seconds
max <6 - 40
hello-time<1- 10 seconds
hello <1 - 10
forward-delay<4 - 30 seconds
forw <4 - 30
Defaults: see the table on the previous page
155Reconfiguring
Per-Port
Spanning Tree Values
Table 10. Per-PortRSTP Parameters
156spanning-tree[ethernet] <port-list
span <port-list
path-cost<1 - 200000000
path <1 - 200000000
point-to-point-mac <force-true| force-false| auto
[no] spanning-tree[ethernet] <port-list
[no] span <port-list
edge
mcheck
mch
Defaults
Note on Path Cost
157Menu: Configuring RSTP
menu
2.Switch Configuration
4.Spanning Tree Operation
dit
Protocol Version
RSTP
STP
STP Enabled
Figure 66. Example of the RSTP Configuration Screen
1588.Repeat step 6 for each additional parameter you want to change
6. Reboot Switch
Web: Enabling or Disabling RSTP
To enable or disable Spanning Tree using the Web browser interface:
1.Click on the Configuration tab
Click on
3.Enable or disable Spanning Tree
4.Click on [Apply Changes] to implement the configuration change
159Enhancements in Release F.02.11
Fast-UplinkSpanning Tree Protocol (STP)
- ■Used as a wiring closet switch (also termed an edge switch or a leaf switch)
- Configured for
- 160Terminology
- 161(2 x (forward delay) + link down detection)
- Table 11. STP Parameter Settings for Figure
- With the above-indicatedtopology and configuration:
- Scenario 1:
- ■Scenario 2: If Switch "1" fails, then:
- •Switch "2" becomes the root switch
- •The link between Switch "3" and Switch "2" begins forwarding
- •The link between Switch "2" and the LAN begins forwarding
- 162Operating Rules for Fast Uplink
- 163Menu: Viewing and Configuring Fast-UplinkSTP
- 164a.Press [E] (Edit) to move the cursor to the Protocol Version field
- b.Press the Space bar once to change the Protocol Version field to STP
- c.Press [Enter] to return to the command line
- Figure 71. Changing from RSTP to STP Requires a System Reboot
- e.Press [0] (zero) to return to the Main Menu, then [6] to reboot the switch
- 165Figure 72. The Spanning Tree Operation Screen
- b.Use [Tab] to move to the Mode field for port
- c.Use the Space bar to select Uplink as the mode for port
- d.Use [v] to move to the Mode field for Trk1
- e.Use the Space bar to select Uplink as the Mode for Trk1
- f.Press [Enter] to return the cursor to the Actions line
- 1671.From the Main Menu, select:
- 1.Status and Counters
- 7.Spanning Tree Information
- 2. Press [S] (for Show ports) to display the status of individual ports
- Figure 75. Example of STP Port Status with Two Redundant STP Links
- 168CLI: Viewing and Configuring Fast-UplinkSTP
- 171Operating Notes
- 172Fast-UplinkTroubleshooting
173The Show Tech Command for Listing Switch
Configuration and Operating Details
- 1741.In Hyperterminal, click on Transfer | Capture Text
- In the
- 3.Click [Start] to create and open the text file
- 4.Execute show tech:
- HP2512# show tech
- Each time the resulting listing halts and displays
- MORE
175Enhancements in Release F.02.02
176TACACS+ Authentication for Centralized Control of Switch Access Security
- A3 or
- A2 or
- Figure 82. Example of TACACS+ Operation
- 177Series 2500 Switch Authentication Options
- Local:
- TACACS+:
- 178Terminology Used in TACACS Applications:
- communication server
- remote access server
- terminal server
- Local Authentication:
- Configuration and Management Guide
- 179General System Requirements
- To use TACACS+ authentication, you need the following:
- HP2512> show version
- Menu Interface:
- From the Main Menu, click on
- (Check the version number on the Firmware revision line.)
- Web Browser Interface:
- Click on the Identity tab
- 180TACACS+ Operation
- General Authentication Setup Procedure
- 1813.Determine the following:
- Note on Privilege Levels
- 183Configuring TACACS+ on the Switch
- The switch offers three command areas for TACACS+ operation:
- CLI Commands Described in this Section
- 184Viewing the Switch’s Current Authentication Configuration
- This example shows the default authentication configuration
- Figure 83. Example Listing of the Switch’s Authentication Configuration
- Viewing the Switch’s Current TACACS+ Server Contact Configuration
- Syntax: show tacacs
- Figure 84. Example of the Switch’s TACACS+ Configuration Listing
- 185Configuring the Switch’s Authentication Methods
- Table 12. AAA Authentication Parameters
- 186Table 13. Primary/Secondary Authentication Table
- 187HP2512(config)#aaa authenticationconsole login tacacs local
- HP2512(config)#aaa authenticationconsole enable tacacs local
- local
- HP2512(config)#aaa authenticationtelnet enable tacacs local
- HP2512(config)#
- aaa authentication num-attempts2
- 188Configuring the Switch’s TACACS+ Server Access
- The tacacs-servercommand configures these parameters:
- The host IP address(es)
- An optional encryption key
- The timeout value
- [no]
- tacacs-server
- host
- tacacs-serverkey <key-string
- Enters the optional global encryption key
- [no] tacacs-serverkey
- Removes the optional global encryption
- key. (Does not affect any server-specific
- encryption key assignments.)
- tacacs-servertimeout < 1 . . 255
- Changes the wait period for a TACACS
- server response. (Default: 5 seconds.)
- 190first-choice
- server:
- Figure 85. Example of the Switch with Two TACACS+ Server Addresses Configured
- The servers would then be listed with the new "first-choice"server, that is:
- Figure
- HP2512(config)# no tacacs-serverhost
- Configuring an Encryption Key
- global encryption key
- per-server
- encryption key
- 191To configure westside as a global encryption key:
- HP2512(config) tacacs-serverkey westside
- To configure westside as a per-serverencryption key:
- HP2512(config)tacacs-serverhost 10.28.227.63 key westside
- To delete a global encryption key from the switch, use this command:
- HP2512(config)# no tacacs-serverkey
- HP2512(config)# tacacs-serverhost
- HP2512(config)# tacacs-servertimeout
- 192How Authentication Operates
- General Authentication Process Using a TACACS+ Server
- Figure 87. Using a TACACS+ Server for Authentication
- The switch queries the
- If the switch does not receive a response from the
- 193Local Authentication Process
- (For a listing of authentication options, see Table 13 on page 175.)
- 194Using the Encryption Key
- General Operation
- Global key:
- Individual key:
- Encryption Options in the Switch
- 195HP2512(config)# tacacs-serverkey north40campus
- HP2512(config)# tacacs-serverhost 10.28.227.87 key south10campus
- Controlling Web Browser Interface Access When Using TACACS+ Authentication
- 196Messages
- Table 14. Tacacs Messages
- Operating Notes
- When TACACS+ is not enabled on the
- manager-level
- access by unauthorized persons
- 197Troubleshooting TACACS+ Operation
- If the switch can access the server device (that is, it can
- ■The account has expired
- ■The access attempt is through a port that is not allowed for the account
- 198■The time quota for the account has been exhausted
- ■The time credit for the account has expired
- ■The access attempt is outside of the timeframe allowed for the account
- ■The allowed number of concurrent logins for the account has been exceeded
- default user
199CDP (Updated by Software Version F.05.50)
- http://www. procurve.com
New Time Synchronization Protocol Options
- 200TimeP Time Synchronization
- SNTP Time Synchronization
- SNTP provides two operating modes:
- Unicast Mode:
- General Steps for Running a Time Protocol on the Switch:
- 1.Select the time synchronization protocol: SNTP or TimeP (the default)
- 2.Enable the protocol. The choices are:
- • SNTP:
- 201• TimeP: DHCP or Manual
- 3.Configure the remaining parameters for the time protocol you selected
- Disabling Time Synchronization
- In the System Information screen of the Menu interface, set the
- ■In the config level of the CLI, execute no timesync
- SNTP: Viewing, Selecting, and Configuring
- 202Table 15. SNTP Parameters
- Menu: Viewing and Configuring SNTP
- To View, Enable, and Modify SNTP Time Protocol:
- 203Figure 88. The System Information Screen (Default Values)
- 204iv.Press [>] to move the cursor to the Poll Interval field, then go to step
- CLI: Viewing and Configuring SNTP
- 205Viewing the Current SNTP Configuration
- Configuring (Enabling or Disabling) the SNTP Mode
- 206Enabling SNTP in Broadcast Mode
- sntp broadcast
- Configures Broadcast as the SNTP mode
- For example, suppose:
- Time synchronization is in the
- ■You want to:
- 1.View the current time synchronization
- 2.Select SNTP as the time synchronization mode
- 3.Enable SNTP for Broadcast mode
- 4.View the SNTP configuration again to verify the configuration
- The commands and output would appear as follows:
- Figure 91. Example of Enabling SNTP Operation in Broadcast Mode
- 207Syntax: timesync sntp
- Selects SNTP as the time synchronization method
- sntp unicast
- Configures the SNTP mode for Unicast operation
- sntp server
- version
- no sntp server <ip-addr
- Deletes the specified SNTP server
- HP2512(config)# timesync sntp
- Selects SNTP
- HP2512(config)# sntp unicast
- HP2512(config)# sntp server
- Specifies the SNTP server and
- accepts the current SNTP server
- version (default: 3)
- Figure 92. Example of Configuring SNTP for Unicast Operation
- 208Figure 93. Example of Specifying the SNTP Protocol Version Number
- Changing the SNTP Poll Interval
- Figure 94. Example of SNTP with Time Sychronization Disabled
- 209no sntp
- Figure 95. Example of Disabling Time Synchronization by Disabling the SNTP Mode
- TimeP: Viewing, Selecting, and Configuring
- 210Table 16. Timep Parameters
- Menu: Viewing and Configuring TimeP
- To View, Enable, and Modify the TimeP Protocol:
- 211Figure 96. The System Information Screen (Default Values)
- 212Viewing the Current TimeP Configuration
- 213Configuring (Enabling or Disabling) the TimeP Mode
- 214■Time synchronization is configured for SNTP
- 2.Select TimeP as the time synchronization mode
- 3.Enable TimeP for DHCP mode
- 4.View the TimeP configuration
- Figure 99. Example of Enabling TimeP Operation in DHCP Mode
- Enabling Timep in Manual Mode
- Selects Timep
- ip timep manual <ip-addr
- Activates TimeP in Manual mode with a
- specified TimeP server
- Disables TimeP
- 215timesync
- timep
- Selects TimeP
- ip timep
- manual
- Activates TimeP in Manual
- mode
- Figure 100. Example of Configuring Timep for Manual Operation
- Changing the TimeP Poll Interval
- For example, to change the poll interval to 60 minutes:
- HP2512(config)# ip timep interval
- If you then viewed the TimeP configuration, you would see the following:
- Figure 101. Example of TimeP with Time Sychronization Disabled
- 216Disabling the TimeP Mode
- SNTP Unicast Time Polling with Multiple SNTP Servers
- Address Prioritization
- 217Adding and Deleting SNTP Server Addresses
- Adding Addresses
- Figure 103. Example of SNTP Server Address Prioritization
- Deleting Addresses
- 218Menu Interface Operation with Multiple SNTP Server Addresses Configured
- SNTP Messages in the Event Log
219Operation and Enhancements for Multimedia Traffic Control (IGMP)
- How Data-DrivenIGMP Operates
- This section uses the following terms to describe IGMP operation:
- Querier:
- ■IGMP Device: A switch or router running IGMP traffic control features
- IGMP Host:
- 220Figure 104. Example of Data-DrivenIGMP Operation
- IGMP Operates With or Without IP Addressing
- 221Fast-LeaveIGMP
- 222Automatic Fast-LeaveOperation. If a Series 2500 switch port is :
- a.Connected to only one end node
- b.The end node currently belongs to a multicast group; i.e. is an IGMP client
- c.The end node subsequently leaves the multicast group
- Figure 105. Example of Automatic Fast-LeaveIGMP Criteria
- 223To list the Forced Fast-Leavestate for all ports in the switch:
- 224Figure 106. Listing the Forced Fast-LeaveState for Ports in an HP2512 Switch
- To list the Forced Fast-Leavestate for a single port
- getmib hpSwitchIgmpPortForcedLeaveState.1. <port-number
- (Not case-sensitive.)
- Figure 107. Listing the Forced Fast-LeaveState for a Single Port
- 225CLI: Configuring Per-PortForced Fast-LeaveIGMP
- Syntax: setmib hpSwitchIgmpPortForcedLeaveState.1.<port-number> -i< 1 | 2
- setmib 1.3.6.1.4.1.11.2.14.11.5.1.7.1.15.3.1.5.1.<port-number> -i< 1 | 2
- where:
- 1 = Forced Fast-Leaveenabled
- 2 = Forced Fast-Leavedisabled
- For example, to enable Forced Fast-Leaveon ports 7 and 8:
- 226Querier Operation
- Table 17. Well-KnownIP Multicast Address Groups Excluded from IGMP Filtering
227Switch Memory Operation
228Port Security: Changes to Retaining Learned Static Addresses Across a Reboot
- Recommended Port Security Procedures
- Retention of Static Addresses
- 229Delete the address by using the
- command
- •Reset the switch to its factory-defaultconfiguration
- Delete it by using the
230Username Assignment and Prompt
231Updates and Corrections for the Management and Configuration Guide
- 232At the Interface Context Level
- At the Global Configuration Level
- 233This change affects the following commands:
- Restoring the Factory-DefaultConfiguration, Including Usernames and Passwords
- ■Execute the no password command in the CLI
- Select the
- ■Press and hold the Clear button on the switch for one second
- Incomplete IP Multicast (IGMP) Filtering Data
- 234GVRP Does Not Require a Common VLAN
- Incomplete Information on Saving Configuration Changes
- Update to Information on Duplicate MAC Addresses Across VLANs
- 235Incorrect Command Listing for Viewing Configuration Files
- ■show config : Displays the startup-configfile
- ■show config run : Displays the running-configfile
- (The write terminal command also displays the running-configfile.)
- ■Daylight Time Rule setting
- ■Hostname (system name)
- ■SNMP server community name and status
- ■The default VLAN and its IP address setting
- Any other configuration settings that differ from the switch’s
- New and Corrected Information on Primary VLAN Usage
- 236Misleading Statement About VLANs
237Software Fixes
- 240Release F.01.08
- Fixed in release F.01.08:
- 100/1000-T
- transceiver —
- Web-Browser
- Interface —
- Release F.01.09
- Fixed in release F.01.09:
- Console/Management —
- Release F.01.10
- Fixed in release F.01.10:
- Port Security —
- Release F.02.02
- 241Fixed in release F.02.02:
- Transceiver —
- Config —
- a.SNMP community parameter unrestricted is changed to (null)
- b.forbid commands are added to the VLAN configuration
- Console —
- Fault-Finder
- IP —
- 242->Software Exception at woody_dev.c: 450 in AdMgrCtrl
- ->ppmgr_setDefaultPriority: invalid port number
- Link —
- Monitor Port —
- Ping —
- SNMP —
- For ports with no transceiver present, any SNMP sets to the
- fail and an SNMP get of
- , or
- returns an illegal value of zero (0)
- Stack Management —
- STP —
- TFTP/XMODEM —
- VLAN —
- forbid
- Release F.02.03
- Fixed in release F.02.03:
- ■Stack Management — Cannot access member switches via SNMPv2c
- 243Release F.02.04 (Beta Release Only)
- Fixed in release F.02.04:
- Buffer Leak —
- ■CDP — The switch sends the wrong MAC address for itself in CDP packets
- Console/TELNET —
- Continuous Reboot —
- ■Crash — The switch may crash with a message similar to:
- ->Software exception at infTrunks.c:264 in 'mAdMgrCtrl
- This crash may occur if both the following conditions exist:
- –All ports of a dynamic trunk are off-line(for example, disconnected); and
- –The trunk is a member of the default VLAN
- ->Software exception at xcvr_util.c:1387 --in 'mPmSlvCtrl
- DHCP —
- 244LED —
- Port security —
- TELNET —
- Web-browser
- interface —
- Release F.02.05 (Beta Release Only)
- ■Public
- ■Private
- ■Local
- ■Uplink
- 245Release F.02.06 (Beta Release Only)
- Textual modifications made to the Isolated Port Groups feature
- Release F.02.07 (Beta Release Only)
- This release adds two new features:
- ■Spanning Tree fast "uplink" mode
- ■show tech command (Captures information to help with troubleshooting.)
- Fixed in F.02.07:
- Bus Error —
- Performance —
- I 01/01/90 00:00:19 ports: port 13: Xcvr Hot-Swapdetected. Need reboot
- 246XRMON —
- Release F.02.08 (Beta Release Only)
- Fixed in F.02.08:
- ->Software exception at woodyDma_recv.c:154 --in 'eDrvPoll
- Release F.02.09
- Fixed in F.02.09:
- Configuration download —
- line: 6. Error setting configuration tree. Corrupted download file
- Release F.02.10
- Fixed in release F.02.10:
- LEDs/Port toggling —
- Release F.02.11
- Fixed in release F.02.11
- Auto-TFTP
- Transceivers —
- ->Software exception in ISR at buffers.c:1627
- 247Release F.02.12
- Fixed in release F.02.12
- Release F.02.13
- Fixed in release F.02.13
- Monitoring Port —
- Release F.04.01 (Beta Release Only)
- Fixed in release F.04.01
- CLI —
- ->Software exception at woodyDma_rev.c154 --in 'eDrv
- ->Software exception in ISR at buffers.c:1627
- ->Software exception at woodyDma_recv.c:154 --in 'eDrv
- a.The "reload" CLI command is issued; and
- b.A 100/1000-Ttransceiver is installed
- Flow Control —
- Menu/Web-Browser
- 248Port Configuration —
- Port Monitoring —
- TFTP —
- VARIOUS: Crash/Bus Error —
- Release F.04.02
- Fixed in release F.04.02
- Corrupted Flash —
- Release F.04.03
- Fixed in release F.04.03
- Release F.04.04
- Fixed in release F.04.04
- 249Release F.04.08
- Fixed in release F.04.08
- Release F.04.09
- Fixed in release F.04.09
- Agent Hang —
- STP/RSTP —
- Release F.05.05
- Time Zone Issue
- 250Fixed in release F.05.05
- ARP —
- ■GARP/Event log — Garp event log messages may be garbled
- show arp
- show trunks
- getmib
- Incomplete input: - EOI
- ■CLI — Command "no qos" did not reset port priority to "0
- CLI/Timezone —
- 251Event Log —
- GVRP —
- LACP/802.1X —
- 252Loop/VTP —
- Menu —
- Menu/CLI — Modified help message for RSTP
- Menu/VLAN — The VLAN help text has been modified
- NNM/Stacking —
- Performance/Crash —
- ■STP — Switch does not forward STP BPDUs when STP is disabled
- STP Fast Mode —
- STP/Running-Config
- 253TACACS+ —
- Time Zone —
- VTP/ISL —
- Release F.05.09 (Beta Release Only)
- Fixed in release F.05.09
- Release F.05.10 (Beta Release Only)
- Fixed in release F.05.10
- 254Release F.05.12 (Beta Release Only)
- Adds the following enhancement:
- ■Changes to 802.1X to support Open VLAN Mode
- Release F.05.13 (Beta Release Only)
- ■Changes to Isolated Port Groups to add two new groups: group1 and group2
- Release F.05.14
- Fixed in release F.05.14
- Crash (PR_3711) —
- ->Software exception at alloc_free.c:353 - in 'mLpmgrCtrl', ->No msg buffer
- Performance (PR_3104) —
- Performance (PR_3120) —
- 255Performance/Crash (PR_4967) —
- Transceiver
- hot-swap
- (PR_3138) —
- Transceivers (PR_3167) —
- Release F.05.15
- show ip igmp
- Fixed in release F.05.15
- Bcast limit —
- Configuration file —
- port-security1 learn-modecontinuous action send-alarm
- Counters —
- 256crash with a bus error similar to:
- ->Bus error: HW Addr=0x29283030 IP=0x002086ac Task='mSnmpCtrl
- Task ID=0x165ae00
- Flow control —
- software exception at alloc_free.c ... buf_free: corrupted buffer
- Memory Leak —
- 257■SNMP — The switch does not support community names other than PUBLIC in traps
- SNMP/Crash —
- ->Bus error: HW Addr=0x5265766d IP=0x002592e8 Task='mSnmpCtrl
- Task ID=0x12c2158 fp: 0x00000005 sp:0x012c1e28 lr:0x00259430
- ■TACACS+ — The TACACS server IP is shown on the 'splash screen
- ■TELNET — TCP port 1506 is always open
- UI —
- Web —
- Web/Security —
- ■Web/Security —
- 2.Send the following URL to the Series 2500 switch (Commander):
- http://<IP ADDRESS>/sw2/cgi/device_reset
- Release F.05.16 (Beta Release Only)
- Fixed in release F.05.16
- IP Stack Mgmt/Web —
- 258Example output:
- ■Web — Sun java v1.3.x and v1.4.x interoperability issue: high CPU utilization
- ■Web/Stack Mgmt — Software version isn't displayed in Web-agentidentity screen
- Release F.05.17
- Modification of Manufacturing test commands
- Release F.05.18
- Fixed in release F.05.18
- IGMP (PR_90376) —
- RSTP-802.1w
- (PR_90412) —
- 259Release F.05.19 (Never Released)
- Fixed in release F.05.19
- ■Counters (PR_92221) — Counters for J4834A 100/1000 xcvr do not clear
- ■Crash/Bus Error (PR_92466) — Bus error related to 802.1X/unauthorized VLAN
- Agent Hang (PR_92802) —
- Release F.05.20 (Never Released)
- Fixed in release F.05.20
- Crash/Bus Error (PR_98514) —
- Release F.05.21 (Never Released)
- Fixed in release F.05.21
- Release F.05.22
- Fixed in release F.05.22
- Agent Hang (PR_1000003867)
- Counters (PR_92221)
- ■Console Hang (PR_97705) — Console lockup, due to the LAND.C attack
- ■Counters (PR_98241) — Multicast MIB-2counters are inaccurate
- ■DHCP (PR_1000002032) — DHCP Enhancement: Send Host Name with DHCP Messages
- GVRP (PR_1000003124)
- SSH (PR_1000005026)
- 260■Syslog (PR_1000003656) — The syslog capability added to F.05.22
- ■Syslog (PR_1000004080) — A timep event log message on syslog is truncated
- Web (PR_81848)
- Web (PR_82039)
- Web (PR_82199)
- Web (PR_92078)
- Web/IP Stack Management (PR_92826)
- Web (PR_97671) —
- Web (PR_98500)
- ■Web (PR_1000000452) — Resetting the Switch leads to the URL aol.co.uk
- Release F.05.23 (Not a General Release)
- Fixed in release F.05.23
- GVRP (PR_1000005082)
- SNMP (PR_1000004345)
- Telnet (PR_92019)
- 261Release F.05.24 (Not a General Release)
- Fixed in release F.05.24
- Web (PR_1000007144)
- Release F.05.25 (Not a General Release)
- Fixed in release F.05.25
- Web/IP Stack Management (PR_1000011548)
- Release F.05.26 (Not a General Release)
- Fixed in release F.05.26
- CLI (PR_82086)
- Release F.05.27 (Not a General Release)
- Fixed in release F.05.27
- (PR_1000020802)
- Release F.05.28 (Not a General Release)
- Fixed in release F.05.28
- SNMP (PR_83255)
- Web (PR_89899)
- Release F.05.29 (Not a General Release)
- Fixed in release F.05.29
- Config/SNMP (PR_1000197097)
- IGMP (PR_1000191237)
- 262SNMP (PR_1000190654)
- Web/Crash (PR_1000092011)
- exception.c:356 --in 'mHttpCtrl', task ID = 0x139ba42
- Web UI/Port Security (PR_1000195894)
- port-security
- Release F.05.30 (Not a General Release)
- Fixed in release F.05.30
- Crash (PR_1000201614)
- RSTP (PR_1000199687)
- Release F.05.31 (Not a General Release)
- Fixed in release F.05.31
- 802.1X (PR_1000208530)
- Crash/Web UI (PR_1000205768)
- Web UI (PR_1000191635, PR_80875)
- — The Port column may be sorted incorrectly in Web user interface screens
- Web UI/Port Status (PR_93721)
- 263Release F.05.32 (Not a General Release)
- Fixed in release F.05.32
- TFTP/Config (PR_1000215024)
- Release F.05.33
- Fixed in release F.05.33
- Config (PR_1000216051)
- Web (PR_1000080857)
- Release F.05.34
- Fixed in release F.05.34
- Web UI (PR_1000214188)
- Release F.05.35 (Never Released)
- (Never Released)
- Release F.05.36 (Never Released)
- Fixed in release F.05.36
- Crash (PR_1000217354)
- RSTP (PR_1000001612) —
- 264Release F.05.37 (Not a General Release)
- CLI (PR_83354)
- show mac vlan <VID
- Release F.05.38 (Never Released)
- Fixed in release F.05.38
- ■TCP (PR_1000246186) — Switch is susceptible to VU#498440
- Web UI (PR_1000284653)
- Release F.05.39 (Never Released)
- Fixed in release F.05.39
- ■RSTP (PR_1000286883) — Slow RSTP fail-overand fall-backtime
- Web UI (PR_1000211978)
- Release F.05.40 (Never Released)
- Fixed in release F.05.40
- RSTP (PR_1000297195)
- Releases F.05.41 through F.05.49 were never built
- Release F.05.50 (Never Released)
- Fixed in release F.05.50
- ■FEC/CDP (PR_1000285111) — CDP transmit and FEC Trunk negotiation removed
- 265Release F.05.51 (Never Released)
- Fixed in release F.05.51
- Crash (PR_1000297510)
- Release F.05.52
- Fixed in release F.05.52
- Event Log (PR_1000306769)
- LLDP (PR_1000285649)
- Release F.05.53 (Never Released)
- Fixed in release F.05.53
- STP (PR_1000307280)
- Telnet (PR_1000311257)
- Web (PR_ 1000308933)
- Release F.05.54 (Never Released)
- Fixed in release F.05.54
- 266Release F.05.55
- Fixed in release F.05.55
- LLDP (PR_1000310666)
- Menu (PR_1000318531)
- RSTP (PR_99049)
- Release F.05.56
- Fixed in release F.05.56
- CLI (PR_1000330553)
- Web UI (PR_1000302713)
- Release F.05.57
- Fixed in release F.05.57
- CLI (PR_1000358129)
- Hang (PR_1000346328)
- Web-UI
- (PR_1000354124)
- Release F.05.58 (Never Released)
- Fixed in release F.05.58
- Enhancement (PR_1000340292)
- 267Release F.05.59
- Fixed in release F.05.59
- Release F.05.60
- Fixed in release F.05.60
- RSTP (PR_10004013943)
- Enhancement (PR_1000376193)
- Release F.05.61
- Fixed in release F.05.61
- Crash (PR_1000407542)
- CLI (PR_1000426818)
- Incomplete input: LLDP
- Release F.05.62 (Never Released)
- No issues fixed in release F.05.62
- Release F.05.63 (Never Released)
- Fixed in release F.05.63
- 268Daylight Savings (PR_1000467724)
- Release F.05.64 (Never Released)
- No issues fixed in release F.05.64
- Release F.05.65
- Fixed in release F.05.65
- Security (PR_1000388616)
- Release F.05.66 (Never Released)
- Fixed in release F.05.66
- LLDP (PR_1000779182)
- Release F.05.67
- Fixed in release F.05.67
- LLDP (PR_1000772828)
- show LLDP info remote
- show CDP neighbor
- Release F.05.68
- Fixed in release F.05.68
- Crash (PR_0000001756)
- set
- 802.1X (PR_1000446227)
- 269Release F.05.69
- Fixed in release F.05.69
- ProCurve Manager (PR_1000768253)
- Stacking Transceivers (PR_1000784489)
- TACACS+ (PR_0000003839)
- Release F.05.70
- Fixed in release F.05.70
- Auto-Negotiation
- (PR_0000017424)