HP 6600 manuals

Computer Equipment > Switch

When we buy new device such as HP 6600 we often through away most of the documentation but the warranty. Very often issues with HP 6600 begin only after the warranty period ends and you may want to find how to repair it or just do some service work. Even oftener it is hard to remember what does each function in Switch HP 6600 is responsible for and what options to choose for expected result. Fortunately you can find all manuals for Switch on our side using links below.

HP 6600 Manual

854 pages10.12 Mb

3HP ProCurve
3500 Switches
3500yl Switches
5400zl Switches
6200yl Switch
6600 Switches
8200zl Switches
Management and Configuration Guide
- 5Product Documentation
- 1 Getting Started
- 62 Selecting a Management Interface
- 3 Using the Menu Interface
- 74 Using the Command Line Interface (CLI)
- 5 Using the ProCurve Web Browser Interface
- 86 Switch Memory and Configuration
- 9Viewing the Startup-ConfigFile Status with Multiple
- Using the Clear + Reset Button Combination To Reset the
- Xmodem: Copying a Configuration File to a Serially
- Xmodem: Copying a Configuration from a Serially
- 107 Interface Access and System Information
- 8 Configuring IP Addressing
- 119 Time Protocols
- 1210 Port Status and Configuration
- 1311 Power Over Ethernet (PoE/PoE+) Operation
- 1412 Port Trunking
- 1513 Port Traffic Controls
- 1614 Configuring for Network Management Applications
  - 17Menu: Viewing and Configuring non-SNMPversion
- 1815 Redundancy (Switches 8200zl)
  - Software Version Mismatch Between Active
  - Potential Software Version Mismatches
- 19Downloading a Software Version
- Serially if the Management Module is Corrupted
- Management Module LED Behavior
- 20A File Transfers
  - Xmodem: Copying a Software Image from the Switch to a
  - Xmodem: Copying a Configuration File from a Serially
  - USB: Uploading an ACL Command File from a USB Device . . A-38
- 21Copying Diagnostic Data to a Remote
- 22B Monitoring and Analyzing Switch Operation
  - 232. Configure a Mirroring Destination on a Remote Switch . . . . . . . B-50
  - 3. Configure a Mirroring Session on the Source Switch . . . . . . . . . . B-52
- 24C Troubleshooting
- Using Log Throttling to Reduce Duplicate Event
- 25Debug/Syslog Operation
  - 26Configuring the Severity Level for Event Log
  - Configuring the System Module Used to Select the Event Log
  - Messages Sent to a Syslog Server
  - Web: Executing Ping or Link Tests
  - Saving show tech Command Output to a Text File
  - Customizing show tech Command Output
  - CLI: Viewing More Information on Switch Operation
  - Pattern Matching When Using the Show Command
  - CLI: Useful Commands for Troubleshooting Sessions
  - CLI: Resetting to the Factory-DefaultConfiguration
  - Clear/Reset: Resetting to the Factory-DefaultConfiguration
  - Configuring and Using DNS Resolution with
- 27D MAC Address Management
- E Monitoring Resources
- FDaylight Savings Time on ProCurve Switches
- GScalability: IP Address, VLAN, and Routing Maximum Values
- HSwitch Licensing
- I Power-SavingFeatures
- 28JNetwork Out-of-BandManagement (OOBM) for the 6600 Switch
- Index
29Product Documentation
30Software Feature Index
- and MLD Snooping), refer to the IPv6 Configuration Guide
- included on all switches
- the HP ProCurve 6200yl switches.)
- Premium License Software
- Features
- Intelligent Edge Software
37Getting Started
38Introduction
- www.hp.com/go/ procurve/manuals
Conventions
- Command Syntax Statements
  - copy tftp
    - Syntax: aaa port-accessauthenticator < port-list
- 39Command Prompts
  - ProCurve 8212zl#
  - ProCurve
    - (You can use the hostname command to change the text in the CLI prompt.)
  - hostname
- Screen Simulations
  - Displayed Text
    - ProCurve> show version
    - Image stamp:
    - /sw/code/build/info
    - March 1, 2007 13:43:13
    - K.12.01
    - ProCurve
  - Figure 1-1.Example of a Figure Showing a Simulated Screen
- Configuration and Operation Examples
- Keys
40Sources for More Information
- below, including Release Notes covering recently added features, visit the
- ■ Software Release Notes—ReleaseNotes are posted on the HP ProCurve
- •new features and how to configure and use them
- •software management, including downloading software to the switch
- •software fixes addressed in current and previous releases
- Read Me First
- Management and Configuration
- —Use
- this guide for information on topics such as:
- •various interfaces available on the switch
- •memory and configuration operation
- •interface access
- •IP addressing
- •time protocols
- •port configuration, trunking, traffic control, and PoE operation
- •Redundant management
- •SNMP, LLDP, and other network management topics
- 42Getting Documentation From the Web
  - www.hp.com/go/ procurve/manuals
- Online Help
  - Menu Interface
  - Figure 1-2.Online Help for Menu Interface
    - Command Line Interface
  - 43help
  - Figure 1-3.Example of CLI Help
    - Web Browser Interface
  - Figure 1-4.Web Browser Interface Online Help
44Need Only a Quick Start
- IP Addressing
  - setup
  - 8.Run Setup
To Set Up and Install the Switch in Your
Network
- Physical Installation
45Selecting a Management Interface
46Understanding Management Interfaces
- Menu
- ProCurve Manager
- (PCM)—
- ProCurve Manager Plus
  - complete
  - windows-based
  - in-depth
  - in-box
  - for a free
  - 30-day
  - trial.)
47Advantages of Using the Menu Interface
- Figure 2-1.Example of the Console Interface Display
- Provides quick, easy management access
  - to a
  - menu-driven
  - subset of switch configuration and performance features:
  - The menu interface also provides access for:
- Offers
- out-of-band
- access
- ■Enables Telnet (in-band)access to the menu functionality
- Allows faster navigation
- Provides more security
48Advantages of Using the CLI
- Figure 2-2.Command Prompt Examples
  - General Benefits
  - Information on Using the CLI
49Advantages of Using the Web Browser
Interface
- 50■Display of acceptable ranges of values available in configuration list boxes
51Advantages of Using ProCurve Manager or ProCurve Manager Plus
- Figure 2-4.Example of the Home Page for ProCurve Manager Plus
- Device Software Updates:
- 53Custom Login Banners for the Console and Web Browser Interfaces
  - ■Telnet
  - ■serial connection
  - ■SSHv2
  - ■Web browser
  - Banner Operation with Telnet, Serial, or SSHv2 Access
  - Press any key to continue prompt
    - Banner Operation with Web Browser Access
    - Configuring and Displaying a Non-DefaultBanner
    - Enable
    - 2.Enter the desired banner text, including any specific line breaks you want
    - 3.Enter the endpoint delimiter
    - Use show banner motd to display the current banner status
  - 54show banner motd
    - Syntax: banner motd < delimiter
    - delimiter
    - no banner motd
    - <banner-text-string
  - 55Figure 2-5.Example of Configuring a Login Banner
  - show running
  - Figure 2-6.Example of show banner motd Output
  - 56Figure 2-7.The Current Banner Appears in the Switch’s Running-ConfigFile
  - Figure 2-8.Example of CLI Result of the Login Banner Configuration
    - Operating Notes
  - 57no banner motd
  - ssh version
  - 1-or-2
    - Warning: SSH version has been set to
  - 1-or-2
    - Banner has to be disabled first
  - Notice to all users
59Using the Menu Interface
- 60This chapter describes the following features:
- ■Overview of the Menu Interface (page 3-2)
- ■Starting and ending a Menu session (page 3-3)
- ■The Main Menu (page 3-7)
- ■Screen structure and navigation (page 3-9)
- ■Rebooting the switch (page 3-12)
- ■Configure these features:
- Manager and Operator
- A network monitoring port
- passwords
- SNMP community names
- System parameters
- IP authorized managers
- •Time protocol
- •Ports
- •Trunk groups
- ■View status, counters, and Event Log information
- ■Update switch software
- ■Reboot the switch
- For a detailed list of menu features, see the “Menu Features List” on page
- Menu Interaction with Other Interfaces
  - The menu interface displays the current
61Starting and Ending a Menu Session
- You can access the menu interface using any of the following:
- 62How To Start a Menu Interface Session
  - 1.Use one of these methods to connect to the switch:
  - •A PC terminal emulator or terminal
  - •Telnet
  - 2.Do one of the following:
  - •If you are using Telnet, go to step
  - If you are using a PC terminal emulator or a terminal, press
  - 3.When the switch screen appears, do one of the following:
  - •If a password has been configured, the password prompt appears
  - Password:
  - Refer to the Access Security Guide for your switch.)
  - When the CLI prompt appears, display the Menu interface by entering the
  - menu
    - ProCurve# menu [Enter]
    - results in the following display:
  - Figure 3-1.Example of the Main Menu with Manager Privileges
- 63How To End a Menu Session and Exit from the Console:
  - Switch Configuration
  - 64Figure 3-2.Example Indication of a Configuration Change Requiring a Reboot
  - Reboot Switch
65Main Menu Features
- Figure 3-3.The Main Menu View with Manager Privileges
  - The Main Menu gives you access to these Menu interface features:
- Status and Counters:
- Switch Configuration:
- Event Log:
- 66Reboot Switch:
- Download OS:
- Run Setup:
- Logout:
67Screen Structure and Navigation
- Menu interface screens include these three elements:
- ■Parameter fields and/or read-onlyinformation such as statistics
- ■Navigation and configuration actions, such as Save, Edit, and Cancel
- For example, in the following System Information screen:
- Figure 3-4.Elements of the Screen Structure
  - 1.Press [E] to select the Edit action
- dit
- 68Table 3-1.How To Navigate in the Menu Interface
  - In most screens there is a
- 69Help
  - option in the
- Figure 3-5.Example Showing How To Display Help
  - 9.)
70Rebooting the Switch
- Figure 3-6.The Reboot Switch Option in the Main Menu
- 71Rebooting To Activate Configuration Changes
  - . (To access this parameter, go to the Main Menu and select:
- 2.Switch Configuration
- 8.VLAN Menu
- Maximum VLANs to support
- VLAN Support
- Figure 3-7.Indication of a Configuration Change Requiring a Reboot
- the Reboot Switch option
72Menu Features List
73Where To Go From Here
75Using the Command Line Interface (CLI)
76Accessing the CLI
- Command Line (CLI)
Using the CLI
- 77Privilege Levels at Logon
  - Figure 4-1.Example of CLI Log-OnScreen with Password(s) Set
    - ProCurve#
  - C a u t i o n
- 78Privilege Level Operation
  - Operator Privileges
  - Manager Privileges
  - Figure 4-2.Access Sequence for Privilege Levels
    - Operator Privileges
  - 79config
    - ProCurve(config)#
  - Context Configuration level:
    - ProCurve(eth-1)#
    - ProCurve(vlan-10)#
    - ProCurve(config)# vlan
  - 80Table 4-1.Privilege Level Hierarchy
- 81How To Move Between Levels
  - Password:
  - # config
  - (vlan-10)#
  - interface e
  - (int-3)#
  - ProCurve(int-3)#exit
  - ProCurve(config)# exit
  - # exit
  - end
  - (config)# end
  - Command Line Interface (CLI)
    - option from the Main Menu, the CLI prompt appears at the Operator level
- 82Listing Commands and Command Options
  - Listing Commands Available at Any Privilege Level
  - Typing ? at the Manager level produces this listing:
  - 83Figure 4-4.Exampleof the Manager-LevelCommand Listing
  - - - MORE
    - ProCurve(config)# t [Tab] tacacs-server telnet-server
    - time timesync trunk telnet terminal traceroute ProCurve(config)# t
    - ProCurve(config)# port-[Tab]
    - ProCurve(config)# port-security
    - ProCurve(config)# qos [Tab]
    - (Differentiated-ServicesCodepoint) value and 802.1p priority
    - type-of-serviceConfigurethe Type-of-Servicemethod the device uses to
    - prioritize IP traffic
    - Listing Command Options
  - 84Figure 4-5.Example of How To List the Options for a Specific Command
- 85Displaying CLI “Help”
  - Displaying Command-ListHelp
  - Syntax: help
  - help
  - Figure 4-6.Example of Context-Sensitive Command-ListHelp
  - Displaying Help for an Individual Command
  - 86Figure 4-7.Exampleof How To Display Help for a Specific Command
- 87Configuration Commands and the Context Configuration Modes
  - Port or
  - Trunk-Group
  - Context
    - ProCurve(config)# interface c3-c6
    - ProCurve(eth-C5-C8)#
    - ProCurve(config)# interface trk1
    - ProCurve(eth-Trk1)#
  - trk1
    - ProCurve(eth-C5-C8)#
  - 88Figure 4-8. Context-SpecificCommands Affecting Port Context
  - 89VLAN Context
    - ProCurve(config)# vlan
    - Command executed at configuration level to enter VLAN 100 context
    - ProCurve(vlan-100)#
    - Resulting prompt showing VLAN 100 context
    - ProCurve(vlan-100)#
  - Figure 4-9. Context-SpecificCommands Affecting VLAN Context
90CLI Control and Editing
- Executing a Prior Command—Redo
  - The redo command executes a prior command in the history list
  - Syntax: redo [number | command-str]
  - Re-executesa command from history. Executes the last command by default
  - command-str:
  - command-str
  - Figure 4-10.Example of the redo Command
- Repeating Execution of a Command
  - The repeat command executes a previous command in the history list
  - repeat
    - 91For example:
- 92Using a Command Alias
  - alias
  - name:
  - command:
  - show interface custom
    - Remember to enclose the command being aliased in quotes
    - ProCurve(config)# alias sc “show config”
    - ProCurve(config)# sc status
  - 93show alias
  - Figure 4-13.Example of Alias Commands and Their Configurations
- 94CLI Shortcut Keystrokes
95Using the ProCurve Web Browser Interface
- ■Optimize your network uptime by using the Alert Log and other diagnostic tools
- ■Make configuration changes to the switch
- ■Maintain security by configuring usernames and passwords
- This chapter covers the following:
- ■General features (page 5-4)
- ■Starting a web browser interface session (page 5-5)
- ■Tasks for your first web browser interface session (page 5-8):
- •Creating usernames and passwords in the web browser interface (page 5-9)
- Selecting the fault detection configuration for the Alert Log operation (page
- •Getting access to online help for the web browser interface (page 5-12)
- ■Description of the web browser interface:
- •Overview window and tabs (page 5-17)
- •Port Utilization and Status displays (page 5-18)
- •Alert Log and Alert types (page 5-21)
- •Setting the Fault Detection Policy (page 5-24)
- 97web-management
- Web Agent Enabled
- No
98General Features
99Starting a Web Browser Interface Session with the Switch
- You can start a web browser session in the following ways:
- •Directly connected to your network
- •Connected through remote access to your network
- ■Using a network management station running ProCurve Manager on your network
- Using a Standalone Web Browser in a PC or UNIX Workstation
  - Ensure that the Java
  - Location
  - Address
  - http:
    - switch5308 [Enter] (example of a DNS-typename)
  - switch5308
    - 10.11.12.195 [Enter] (example of an IP address)
- 100Using ProCurve Manager (PCM) or
- ProCurve Manager Plus (PCM+)
  - This procedure assumes that:
  - Make sure the Java
  - listing under
  - (in the PCM/PCM+ sidebar)
  - right-click
  - on the model number of the device you want to access
  - 101Figure 5-1.Example of Status Overview Screen
102Tasks for Your First ProCurve Web
Browser Interface Session
- ■Review the “First Time Install” window
- ■Set Manager and Operator passwords
- ■Set access to the web browser interface online help
- Viewing the “First Time Install” Window
  - Figure 5-2. First-TimeInstall Window
    - This window is the launching point for the basic configuration you need to
    - Log displays
    - to display the Device Passwords screen, and then go to the next page. (You
    - can also access the password screen by clicking on the Security tab.)
    - the Configuration tab, and then the [Fault Detection] key.)
- 103Security: Creating Usernames and Passwords
- in the Browser Interface
  - rity Guide for your switch
  - Operator Setting
  - Manager Setting
  - 104Figure 5-3.TheDevice Passwords Window
  - secure access to the device
  - Device Passwords
    - Entering a User Name and Password
  - 105Figure 5-4.Example of the Password Prompt in the Web Browser Interface
    - Using a User Name
    - If You Lose the Password
- 106Online Help for the Web Browser Interface
  - Figure 5-5.TheHelp Button
107Support/Mgmt URLs Feature
- ■Support URL – A support information site for your switch
- Support URL
  - ■Management Server URL – The web site for web browser online Help
- Management Server URL
- Figure 5-6.The Default Support/Mgmt URLs Window
- 108Support URL
  - Support
- Help and the Management Server URL
  - Management Server URL
  - www.hp.com/rnd/device_help
  - Figure 5-7.How To Access Web Browser Interface Online Help
- 109Using the PCM Server for Switch Web Help
  - Go to the ProCurve Support web site to get the Device Help files:
  - www.hp.com//rnd/device_help
    - 2.Copy the Web help files to the PCM server, under:
  - 110http://15.29.37.12.8040/rnd/device_help
111Status Reporting Features
- Browser elements covered in this section include:
- ■The Overview window (below)
- ■Port utilization and status (page 5-18)
- ■The Alert log (page 5-21)
- ■The Status bar (page 5-23)
- The Overview Window
  - Figure 5-8.The Status Overview Window
    - PCM can perform
    - network-wide
    - (page
    - 5-14)
- 112The Port Utilization and Status Displays
  - Figure 5-9.The Graphs Area
    - Port Utilization
  - % Unicast Rx & All Tx:
  - 113Maximum Activity Indicator:
  - Utilization Guideline
  - To change the amount of bandwidth the Port Utilization bar graph
  - Figure 5-10.Changing the Graph Area Scale
    - Hold the mouse cursor over any of the bars in the graph, and a
    - pop-up
    - figure
    - (next)
  - 114Figure 5-11.Display of Numerical Values for the Bar
    - Port Status
  - Figure 5-12.The Port Status Indicators and Legend
  - Port Connected
  - Port Not Connected
  - Port Disabled
  - Port
  - Fault-Disabled
- 115The Alert Log
  - Figure 5-13.Example of the Alert Log
    - Each alert has the following fields of information:
    - ■Alert – The specific event identification
  - Alert
  - Description
  - Excessive CRC/Alignment errors on port:
    - Sorting the Alert Log Entries
  - Bold
  - Alert
  - 116Acknowledge Event
  - Delete Event
  - Cancel
  - 117Status Indicators
- 118Setting Fault Detection Policy
  - Figure 5-15.The Fault Detection Window
  - 119Log Network Problems
  - High Sensitivity
  - Medium Sensitivity
  - Low Sensitivity
  - Never
  - Apply Changes
  - Clear Changes
  - Reset to Default Settings
121Switch Memory and Configuration
- 122Changing or Overriding the Reboot Configuration Policy
- Renaming an Existing Startup-ConfigFile
- Transferring Startup-ConfigFiles To or From a Remote Server
- TFTP: Copying a Configuration File to a Remote Host
- TFTP: Copying a Configuration File from a Remote Host
- Operating Notes for Multiple Configuration Files
123Configuration File Management
- running-config
- Figure 6-1.Conceptual Illustration of Switch Memory Operation
- Running Config File:
- 124Startup-config
- File:
  - Any of the following actions boots the switch:
  - • Executing the boot or the reload command in the CLI
  - • Executing the boot command in the menu interface
  - • Pressing the Reset button on the front of the switch
  - • Removing, then restoring power to the switch
  - Primary and Secondary Flash Image Options” on page
- In the menu interface:
- In the web browser interface:
  - button or other appropriate button. This overwrites
  - file and the
  - file with the changes you have specified in the web browser interface window
  - ProCurve(config)# interface ethernet 5 disable
- Show config
- How To Use the CLI To Reconfigure Switch Features
  - file)
  - file
  - 2. Use the appropriate
  - commands to verify that you have correctly made the desired changes
126Using the CLI To Implement
Configuration Changes
- The CLI offers these capabilities:
- ■Access to the full set of switch configuration features
- ■The option of testing configuration changes before making them perma nent
- ■show config — Displays a listing of the current startup-configfile
- show config
  - ■show running-config— Displays a listing of the current running-configfile
  - ■write terminal — Displays a listing of the current running-configfile
- write terminal
- show config status
  - •If the two configurations are the same you will see:
  - –Running configuration is the same as the startup configuration
  - •If the two configurations are different, you will see:
  - –Running configuration has been changed and needs to be saved
  - Syntax: write memory
  - ProCurve(config)# interface e a5 speed-duplex auto-10
- 127auto-10
- 128How To Cancel Changes You Have Made to the Running-ConfigFile
  - Update the
  - ProCurve(config)# interface e 1 disable ProCurve(config)# boot
  - Device will be rebooted, do you want to continue [y/n]? y
- Figure 6-2.Boot Prompt for an Unsaved Configuration
  - If you want to discard the changes you made to the
  - If you use the CLI to make a change to the running-configfile, you should
  - from either the CLI or the menu interface without first executing the write
  - running-configfile, and any changes in the running-configfile will be lost
  - to the running config by the CLI unless you have also made a configuration
  - as indicated above, unless you also make a configuration change in the
  - the change to the startup-configfile
- 129How To Reset the startup-configand running-configFiles to the
  - Factory Default Configuration. This command reboots the switch
- Factory Default Configuration
  - with the factory-defaultstartup configuration
  - ProCurve(config)# erase startup-config
  - Configuration will be deleted and device rebooted, continue [y/n]
- Figure 6-3.Example of erase startup-configCommand
  - prevent a reboot
  - file on both the active and the standby management modules as long as
  - in standby mode or has failed selftest, the startup config file is not erased
130Using the Menu and Web Browser
Interfaces To Implement Configuration
Changes
- The menu and web browser interfaces offer these advantages:
- ■Quick, easy menu or window access to a subset of switch configuration features
- Immediately changing both the
- Menu: Implementing Configuration Changes
  - Using Save and Cancel in the Menu Interface
  - ancel
    - For any configuration screen in the menu interface, the Save command:
    - 1.Implements the changes in the running-configfile
    - 2.Saves your changes to the startup-configfile
  - Cancel
    - 131Rebooting from the Menu Interface
    - ■Terminates the current session and performs a reset of the operating system
    - ■Activates any configuration changes that require a reboot
  - 132Figure 6-5.The Reboot Switch Option in the Main Menu
    - parameter
  - 2. Switch Configuration
  - 8. VLAN Menu
  - Figure 6-6.Indication of a Configuration Change Requiring a Reboot
- 133Web: Implementing Configuration Changes
  - config file and the startup-configfile
  - browser interface
134Using Primary and Secondary Flash
Image Options
- Displaying the Current Flash Image Data
  - 135show version
  - Figure 6-7.Example Showing the Identity of the Current Flash Image
  - Figure 6-8.Example Showing Different Flash Image Versions
  - Determining Which Flash Image Versions Are Installed. The show ver
  - Figure 6-9.Determining the Software Version in Primary and Secondary Flash
- 136Switch Software Downloads
  - Table 6-1.Primary/Secondary Memory Access
  - xmodem
  - usb
  - Download Interruptions
- 137Local Switch Software Replacement and Removal
  - Copying a Switch Software Image from One Flash Location to
    - Syntax: copy flash flash <destination flash
    - destination flash
    - where: destination flash = primary or secondary:
    - where:
  - primary
  - secondary
    - For example, to copy the image in secondary flash to primary flash:
    - Execute the copy command as follows:
    - ProCurve(config)# copy flash flash primary
    - This command deletes the software image file from the specified flash location
  - 138Caution:
  - No Undo
    - Syntax: erase flash < primary | secondary
    - For example, to erase the software image in primary flash, do the following:
    - ProCurve# boot system flash secondary
    - 2.Then erase the software image in the selected flash (in this case, primary):
  - Figure 6-11.Example of Erase Flash Prompt
    - 3.Type y at the prompt to complete the flash erase
    - 4.Use show flash to verify erasure of the selected software flash image
  - Figure 6-12.Example of Show Flash Listing After Erasing Primary Flash
- 139Rebooting the Switch
  - Operating Notes about Booting
  - Default Boot Source
  - boot system flash [primary | secondary]
  - flash [primary | secondary]
  - Interaction of Primary and Secondary Flash Images with the Current
  - 140reload at 1:00
    - mm/dd
    - mm/dd
    - Boot and Reload Command Comparison
  - 141Table 6-2.Comparing the Boot and Reload Commands
  - The reload command
    - Setting the Default Flash
  - flash
    - Syntax: boot set-defaultflash [primary |secondary]
    - Upon booting, set the default flash for the next boot to primary or secondary
    - Booting from the Default Flash (Primary or Secondary)
  - 142boot set- default
  - boot system flash <primary | secondary
    - Syntax: boot [system [flash <primary | secondary>] [config FILENAME]
  - Note
  - system:
    - config: You can optionally select a configuration file from which to boot
  - config:
    - Booting from a Specified Flash
    - Syntax: boot system flash < primary | secondary
  - 143Figure 6-16.Example of Boot Command with Secondary Flash Option
    - Syntax: [no] fastboot
    - Enables the fastboot option
    - The no option disables the feature
    - Syntax: show fastboot
    - Shows the status of the fastboot feature, either enabled or disabled
    - The fastboot command is shown below
    - ProCurve(config)# fastboot
    - Using Reload
  - 144Syntax: reload
  - 145Scheduled Reload
  - at:
    - The no form of the command removes a pending reboot request
    - For more details and examples, see below
    - The scheduled reload feature removes the requirement to physically reboot
    - the switch is scheduled to reboot)
    - No prompt to save configuration file changes is displayed. See Table 6-2on
    - Examples of scheduled reload commands:
    - ■To schedule a reload in 15 minutes:
    - ProCurve# reload after
    - ■To schedule a reload in 3 hours:
    - ProCurve# reload after 03:00
    - ■To schedule a reload for the same time the following day:
    - ProCurve# reload after 01:00:00
    - ■To schedule a reload for the same day at 12:05:
    - ProCurve# reload at 12:05
    - ■To schedule a reload on some future date:
    - ProCurve# reload at 12:05 01/01/2008
  - Figure 6-18.An Example of the reload Command with a Redundant Management System
146Multiple Configuration Files
- A fixed reboot policy using a specific
- ■Overriding the current reboot policy on a per-instancebasis
- Figure 6-19.Optional Reboot Process
- 147General Operation
  - The switch uses three memory “slots”, with identity
  - ) numbers of
  - , and
  - Boot Options
    - Use the designated
    - Reboot the switch through the Primary boot path using the
  - 148backupConfig
    - Use the CLI to make configuration changes in the
- 149Transitioning to Multiple Configuration Files
  - Assigns the filename
  - oldConfig
    - Saves a copy of the existing
- 150Listing and Displaying Startup-ConfigFiles
  - Viewing the Startup-ConfigFile Status with Multiple
  - Configuration Enabled
  - Syntax: show config files
  - id:
  - act:
  - pri:
  - sec:
- 151Changing or Overriding the Reboot Configuration Policy
  - You can boot the switch using any available startup-configfile
  - ■The active configuration file
  - Syntax: startup-default[ primary | secondary ] config < filename
  - Specifies a boot configuration policy option:
  - Designates the
  - 152config
  - boot system flash
    - For example, suppose:
  - minconfig
  - newconfig
    - Syntax: boot system flash < primary | secondary > config < filename
  - Using Reload To Reboot From the Current Flash Image and Startup- Config File
  - show config files
- 153Managing Startup-ConfigFiles in the Switch
  - Renaming an Existing Startup-ConfigFile
  - 154Unable to copy configuration to “< target-filename >”
  - 155Figure 6-22.Example of Using One Startup-ConfigFile for Both Primary and
  - Secondary Flash
    - flash memory location from which you have erased the currently assigned
    - Erasing a Startup-ConfigFile
  - 156startup-config:
  - erase
  - 157erase config
  - Figure 6-24.Example of Erasing a Non-Active Startup-ConfigFile
  - config1
  - Figure 6-25.Example of Clear + Reset Result
- 158Transferring Startup-ConfigFiles To or From a Remote Server
  - TFTP: Copying a Configuration File to a Remote Host
  - src-file
  - remote
  - file
  - 159test
    - TFTP: Copying a Configuration File from a Remote Host
  - Unable to copy configuration to "< filename
  - erase config <filename
  - test 01.txt
    - Xmodem: Copying a Configuration File to a Serially
    - Connected Host
  - 160copy
  - config
  - > xmodem
    - Xmodem: Copying a Configuration from a Serially
  - copy xmodem
    - Operating Notes for Multiple Configuration Files
  - /cfg/< filename
  - /cfg
161Automatic Configuration Update with DHCP Option
- ■One or more DHCP servers with Option 66 are enabled
- ■One or more TFTP servers has the desired configuration file
- CLI Command
  - The command to enable the configuration update using Option 66 is:
  - Syntax: [no] dhcp config-file-update
  - Enables configuration file update using Option
  - Default: Enabled
  - Figure 6-26.Example of Enabling Configuration File Update Using Option
- 162Possible Scenarios for Updating the Configuration File
- 163Log Messages
  - “Invalid IP address <ip-address>received for DHCP Option 66”
165Interface Access and System Information
- This chapter describes how to:
- ■View and modify the configuration for switch interface access
- ■Use the CLI kill command to terminate a remote session
- 166kill
  - ■View and modify switch system information
  - For help on how to actually use the interfaces built into the switch, refer to:
  - ■Chapter 3, “Using the Menu Interface”
  - ■Chapter 4, “Using the Command Line Interface (CLI)”
  - ■Chapter 5, “Using the ProCurve Web Browser Interface”
167Interface Access: Console/Serial Link, Web, and Inbound Telnet
- Interface Access Features
- 168Menu: Modifying the Interface Access
  - To Access the Interface Access Parameters:
  - 2.Switch Configuration
  - 1.System Information
- 169CLI: Modifying the Interface Access
  - Interface Access Commands Used in This Section
  - Listing the Current Console/Serial Link Configuration. This com
    - mand lists the current interface access parameter settings
    - Syntax: show console
    - This example shows the switch’s default console/serial configuration
  - Figure 7-2.Listing of Show Console Command
  - Reconfigure Inbound Telnet Access. In the default configuration
    - inbound Telnet access is enabled
  - 170Outbound Telnet to Another Device. This feature operates indepen
  - 171show telnet
  - 173Reconfigure the Console/Serial Link Settings. You can reconfigure one
  - Syntax: console
  - 174Figure 7-4.Example of Executing the Console Command with Multiple Parameters
    - control and baud-rate,are the same on both management modules. There
    - cannot be individual settings for each management module
    - You can also execute a series of console commands and then save the
    - configuration and boot the switch. For example:
  - Figure 7-5.Example of Executing a Series of Console Commands
175Denying Interface Access by Terminating Remote Management Sessions
- show ip ssh
- Kill
176System Information
- System Information Features
- System Name:
- System Contact and Location:
- MAC Age Time:
- Time Sync Method:
- Time Zone:
- Daylight Time Rule:
- Time:
- 177Menu: Viewing and Configuring System Information
  - Figure 7-7.The System Information Configuration Screen (Default Values)
- 178CLI: Viewing and Configuring System Information
  - System Information Commands Used in This Section
  - Listing the Current System Information. This command lists the current
  - Figure 7-8.Example of CLI System Information Listing
  - 179Configure a System Name, Contact, and Location for the Switch. To
  - Figure 7-9.System Information Listing After Executing the Preceding Commands
  - show running, show config
  - show system information
  - 180Figure 7-10.Menu Screen Showing System Information
  - Configure the Time and Date
    - Syntax: time [ hh:mm [ :ss ]] [ mm/dd/ [ yy ] yy ]
    - mm/dd
    - For example, to set the switch to 9:45 a.m. on November 17, 2002:
    - ProCurve(config)# time 9:45 11/17/02
- 182Web: Configuring System Parameters
  - In the web browser interface, you can enter the following system information:
  - ■System Name
  - ■System Location
  - ■System Contact
  - Configure System Parameters in the Web Browser Interface
    - 1.Click on the Configuration tab
    - 3.Enter the data you want in the displayed fields
    - 4.Implement your new data by clicking on [Apply Changes]
183Configuring IP Addressing
184IP Configuration
- IP Configuration Features
- 186Just Want a Quick Start with IP Addressing
  - setup
  - ProCurve# setup
  - # setup
  - ■Select 8. Run Setup in the Main Menu of the menu interface
  - 8. Run Setup
    - For more on using the Switch Setup screen, refer to the Installation and
    - Getting Started Guide you received with the switch
- IP Addressing with Multiple VLANs
  - to the DEFAULT_VLAN
  - N o t e s
    - ■ If multiple VLANs are configured, then each VLAN can have its own IP
    - address. This is because each VLAN operates as a separate broadcast
    - domain and requires a unique IP address and subnet mask. A default
    - gateway (IP) address for the switch is optional, but recommended
    - ■ In the factory-defaultconfiguration, the default VLAN (named
    - use DHCP or BootP to acquire IP addressing. However, the switch’s
    - agement Guide for your switch
- 187Menu: Configuring IP Address, Gateway, and Time-To-Live (TTL)
  - To manually enter an IP address, subnet mask, set the
  - IP Config
  - Manual
    - To use DHCP or Bootp, use the menu interface to ensure that the
  - DHCP/Bootp
  - To Configure IP Addressing
    - 1.From the Main Menu, Select
  - 2.Switch Configuration …
  - 5.IP Configuration
  - 188Figure 8-1.Example of the IP Service Configuration Screen without Multiple
  - VLANs Configured
  - Default Gateway
  - Default TTL
  - DHCP/ Bootp
  - IP Address
  - Subnet Mask
- 189CLI: Configuring IP Address, Gateway, and Time-To
- Live (TTL)
  - IP Commands Used in This Section
  - Viewing the Current IP Configuration
  - Syntax: show ip
    - 9-6 on page 9-11.)
  - Figure 8-2.Example of the Switch’s Default IP Addressing
    - The fol lowing is supported:
    - ■Up to 2000 IP addresses for the switch
    - ■Up to 32 IP addresses for the same VLAN
    - ■Up to 512 IP VLANs, that is, VLANs on which you can configure IP addresses
  - 191Figure 8-4.Example of Configuring and Displaying a Multinetted VLAN
    - If you then wanted to multinet the default VLAN, you would do the following:
  - 192Figure 8-5.Example of Multinetting on the Default VLAN
    - command to display the full IP address listing for multinetted VLANs
    - then enter the new address
    - to replace a manually configured default gateway.)
    - Syntax: ip default-gateway < ip-address
    - ip-address
    - ProCurve(config)# ip default-gateway10.28.227.115
  - Note
    - The switch uses the IP default gateway only while operating as a Layer
    - you should use the ip route command to configure a static (default) route
  - ip route
    - Routing Features” in the Multicast and Routing Guide for your switch
    - ing it
    - Syntax: ip ttl <number-of-hops
    - ProCurve(config)# ip ttl
    - level. The TTL default is 64, and the range is 2
- 193Web: Configuring IP Addressing
  - You can use the web browser interface to access IP addressing only if the
  - switch already has an IP address that is reachable through your network
  - 1. Click on the Configuration tab
  - on [?] to access the web-basedhelp available for the switch
- How IP Addressing Affects Switch Operation
  - 194Table 8-1.Features Available With and Without IP Addressing on the Switch
    - DHCP/Bootp Operation
    - the network
    - servers
    - 195DHCP or Bootp
    - it continues to periodically send request packets, but with decreasing fre
    - and a Bootp configuration is that an IP address assignment from a DHCP
    - addressing provided by the server may be different each time the switch
    - address assignment for the switch by doing either of the following:
    - ■ Configure the server to issue an “infinite” lease
    - switch. (For MAC address information, refer to Appendix D, “MAC
    - Address Management”.)
    - tion provided with the DHCP server
  - 196Bootp Database Record Entries
  - /etc/bootptab
    - 8212switch:
    - ht=ether:
    - ha=0030c1123456:
    - ip=10.66.77.88:
    - sm=255.255.248.0:
    - gw=10.66.77.1:
    - hn:
    - vm=rfc1048
    - lg=10.22.33.44:
    - T144=”switch.cfg”:
    - where:
    - 197Network Preparations for Configuring DHCP/Bootp
    - ■For Bootp operation:
    - •The necessary network connections are in place
    - •The Bootp server is accessible from the switch
    - ■For DHCP operation:
    - •A DHCP scope has been configured on the appropriate DHCP server
    - •A DHCP server is accessible from the switch
198Loopback Interfaces
- lo0
- lo1
- lo2
- lo3
  - User-definedloopback addresses provide the following benefits:
  - (AS). However, if you configure the loopback IP address as the router ID
- 199Configuring a Loopback Interface
  - interface loopback
  - Figure 8-6.Example of a Loopback Interface Configuration
  - lo7
- 200Displaying Loopback Interface Configurations
  - 201show ip route
  - 202Figure 8-8.Example of show ip route Command Output
203IP Preserve: Retaining VLAN-1IP
Addressing Across Configuration File
Downloads
- Operating Rules for IP Preserve
  - ip preserve
- 204Enabling IP Preserve
  - Figure 8-9.Example of Implementing IP Preserve in a Configuration File
    - For example, consider figure 8-10:
  - Figure 8-10.Example of IP Preserve Operation with Multiple Series Switches
    - 206To summarize the IP Preserve effect on IP addressing:
207Configuring a Single Source IP Address
- Specifying the Source IP Address
  - source-interface
  - 208loopback
  - vlan-id
  - address
  - ip-address
    - The Source IP Selection Policy
    - Configured IP
  - 209show ip source- interface status
- 211Displaying the Source IP Interface Information
  - Figure 8-17.Example of the Data Displayed for Source IP Interface Status
  - Figure 8-18.Example of show ip source-interfaceCommand Output
    - Syntax: show ip source-interfacedetail [radius | tacacs | syslog]
  - 212Figure 8-19.Example of Detailed Information Displayed for Each Protocol
- 214Error Messages
215Time Protocols
- 216Viewing the Current TimeP Configuration
- Configuring (Enabling or Disabling) the TimeP Mode
- Notes
  - ■SNTP Time Protocol Operation
  - ■Timep Time Protocol Operation
- 217TimeP Time Synchronization
- SNTP Time Synchronization
  - SNTP provides two operating modes:
  - 218Unicast Mode:
  - sntp server
    - General Steps for Running a Time Protocol on the Switch:
    - 1.Select the time synchronization protocol: SNTP or TimeP (the default)
  - TimeP
    - 2.Enable the protocol. The choices are:
  - •SNTP: Broadcast or Unicast
  - •TimeP: DHCP or Manual
    - 3.Configure the remaining parameters for the time protocol you selected
    - Disabling Time Synchronization
    - ■In the Global config level of the CLI, execute no timesync
  - no timesync
219SNTP: Viewing, Selecting, and
Configuring
- Table 9-1.SNTP Parameters
- 220Menu: Viewing and Configuring SNTP
  - To View, Enable, and Modify SNTP Time Protocol:
  - 1. From the Main Menu, select:
  - 2. Switch Configuration
  - 1. System Information
  - 221Figure 9-1.The System Information Screen (Default Values)
  - SNTP Mode
    - 5.Do one of the following:
    - Use the Space bar to select the
  - Broadcast
  - Figure 9-2.Time Configuration Fields for SNTP with Broadcast Mode
    - •Use the Space bar to select the Unicast mode, then do the following:
  - Unicast
    - i.Press [>] to move the cursor to the Server Address field
  - Server Address
  - 222Server Version
    - iv.Press [>] to move the cursor to the Poll Interval field, then go to step
  - Figure 9-3.SNTP Configuration Fields for SNTP Configured with Unicast Mode
  - 224Syntax: show management
    - Configuring (Enabling or Disabling) the SNTP Mode
  - 225sntp < broadcast | unicast
  - Syntax:
    - Selects SNTP as the time synchronization method
    - Syntax: sntp broadcast
    - Configures broadcast as the SNTP mode
  - 226broadcast
    - Time synchronization is in the
    - ■You want to:
    - 1.View the current time synchronization
    - 2.Select SNTP as the time synchronization mode
    - 3.Enable SNTP for Broadcast mode
  - Figure 9-7.Example of Enabling SNTP Operation in Broadcast Mode
  - 228Figure 9-8.Example of Configuring SNTP for Unicast Operation
  - Figure 9-9.Example of Specifying the SNTP Protocol Version Number
  - 229Changing the SNTP Poll Interval
    - Syntax: sntp poll-interval< 30..720
    - For example, to change the poll interval to 300 seconds:
    - ProCurve(config)# sntp poll-interval300
    - Syntax: sntp server priority <1 - 3> <ip-address
    - For example, to set one server to priority 1 and another to priority 2:
    - ProCurve(config)# sntp server priority 1
    - ProCurve(config)# sntp server priority 2 2001:db8::215:60ff:fe79:8980
    - The recommended method for disabling time synchroniza tion is to use the
    - Syntax: no timesync
    - Halts time synchronization without changing your SNTP configuration
    - ProCurve(config)# no timesync
    - If you then viewed the SNTP configuration, you would see the following:
  - Figure 9-10.Example of SNTP with Time Synchronization Disabled
  - Disabling the SNTP Mode
  - Syntax: no sntp
    - Disables SNTP by changing the SNTP mode configuration to
  - Disabled
  - no sntp
- 230SNTP Client Authentication
  - Requirements
  - 231SNTP Client Authentication Support
  - timesync sntp
  - key-value
  - SNTP Server Authentication Support
    - The following must be performed on the SNTP server:
    - The same authentication
    - ■SNTP server authentication must be enabled on the server
    - Configuring the Key-Identifier,Authentication Mode, and
    - Key-Value
    - This command configures the key-id, authentication-mode,and key-value
  - 232authentication-mode
    - The no version of the command deletes the authentication key
    - Default: No default keys are configured on the switch
    - key-id: A numeric key identifier in the range of 1 4,294,967,295
  - key-id:
    - (232)that identifies the unique key value. It is sent in the
    - SNTP packet
  - Figure 9-12.Example of Setting Parameters for SNTP Authentication
    - Configuring a Trusted Key
  - 233trusted
    - Enter the following command to configure a key-id as trusted
  - 234priority
  - <version-num>:
  - Figure 9-13.Example of Associating a Key-Idwith a Specific Server
    - Enabling SNTP Client Authentication
  - sntp authentication
    - Configuring Unicast and Broadcast Mode
    - Enables SNTP for either broadcast or unicast mode
  - 235Broadcast:
    - Displaying SNTP Configuration Information
  - 236Figure 9-14.Example of SNTP Configuration Information
  - show sntp authentication
  - Figure 9-15.Example of show sntp authentication Command Output
  - sntp statistics
  - 237Figure 9-16.Example of SNTP Authentication Statistical Information
    - Saving Configuration Files and the
    - Include-CredentialsCommand
  - include-credentials
  - show running config
  - 238Figure 9-17.Example of Configuration File with SNTP Authentication Information
240TimeP: Viewing, Selecting, and
249SNTP Unicast Time Polling with Multiple
SNTP Servers
- Displaying All SNTP Server Addresses Configured on the Switch
  - show management
  - Figure 9-28.Example of How To List All SNTP Servers Configured on the Switch
- 250Menu: Operation with Multiple SNTP Server Addresses
251Port Status and Configuration
253Viewing Port Status and Configuring Port
Parameters
- Port Status and Configuration Features
- Transceivers to
- Devices
- show interfaces brief
- show tech receivers
- 254Table 10-1.Status and Parameters for Each Port Type
- 256Menu: Port Configuration
  - From the menu interface, you can view and change the port configuration
  - 1.Status and Counters
  - 4.Port Status
  - Figure 10-1.Example of a Switch Port Status Screen
  - 257Using the Menu To Configure Ports
  - 2. Port/Trunk Settings
  - Figure 10-2.Example of Port/Trunk Settings with a Trunk Group Configured
  - Enabled
  - [Enter]
- 258CLI: Viewing Port Status and Configuring Port
- Parameters
  - Port Status and Configuration Commands
    - Viewing Port Status and Configuration
  - brief:
  - 259Figure 10-3.Example of Show Interfaces Brief Command Listing
  - show interfaces config
  - Figure 10-4.Example of a Show Interfaces Config Command Listing
- 260Customizing the Show Interfaces Command
  - custom
    - 261Syntax: show interfaces custom [port-list] column-list
    - Select the information that you want to display. Parameters include:
    - ■port name
    - ■type
    - ■vlan
    - ■intrusion
    - ■enabled
    - ■status
    - ■speed
    - ■mdi
    - ■flow
    - Columns supported are:
  - 262Figure 10-6.Example of the Custom show interfaces Command
    - characters and you specify Name:2, the Name field displays 4 characters
    - line; if you exceed this limit an error displays
    - Error Messages
  - show int custom
  - include
- 263Viewing Port Utilization Statistics
  - show interface
  - port-utilization
  - Figure 10-7.Example of a Show Interface Port-UtilizationCommand Listing
- 264Viewing Transceiver Status
  - show tech transceivers
  - Figure 10-8.Example of Show Tech Transceivers Command
  - non-operational
- 265Enabling or Disabling Ports and Configuring Port Mode
  - 266auto
  - int
  - int
    - For example, to configure port C5 for auto-10-100,enter this command:
    - ProCurve(config)# int c5 speed-duplex auto-10-100
    - ProCurve(config)# int c1-c3,c6 speed-duplex 100-full
    - ProCurve(config)# int e c6
    - ProCurve(eth-C6)# speed-duplex 100-full
  - Figure 10-9.Examples of Two Methods for Changing a Port Configuration
- 267Enabling or Disabling the USB Port
  - Figure 10-11.Example of show usb-portCommand Output on version K.14.XX
    - Behavior of Autorun When USB Port is Disabled
  - Software Versions K.13.XX Operation
    - 5 volt power to the USB port remains on even after the USB port has been
    - disabled
    - are not supplied. For previous software versions the power was supplied
    - is present
  - Software Version K.14.XX Operation
    - For software versions K.14.XX, the USB port can be disabled and enabled
    - without affecting the autorun feature. When the USB port is enabled, the
    - Power is synchronized with the enabling and disabling of USB ports as
    - described above for K.13.59 and later software
- 268Enabling or Disabling Flow Control
  - mode must be set to Auto (the default)
  - 269Figure 10-12.Example of Configuring Flow Control for a Series of Ports
  - Figure 10-13.Example Continued from Figure
  - Figure 10-14.Example Continued from Figure
- 270Configuring a Broadcast Limit on the Switch
  - ProCurve(config)#int B1
  - ProCurve(int B1)# broadcast-limit1
  - Syntax: broadcast-limit <0-99
  - broadcast-limit
    - show running-config
    - For a one Gbps port this results in a broadcast traffic rate of ten Mbps
- 271Configuring ProCurve Auto-MDIX
  - ■10/100-TXxl module ports
  - ■100/1000-Txl module ports
  - ■10/100/1000-Txl module ports
  - 272Manual Override
  - Table 10-2.Cable Types for Auto and Manual MDI/MDI-XSettings
    - Syntax: interface < port-list > mdix-mode< auto-mdix| mdi | mdix
  - 273auto-mdix
  - mdi
  - mdix
    - Syntax: show interfaces config
    - Lists the current per-port Auto/MDI/MDI-Xconfiguration
    - Syntax: show interfaces brief
  - Figure 10-15.Example of Displaying the Current MDI Configuration
  - Figure 10-16.Example of Displaying the Current MDI Operating Mode
- 274Web: Viewing Port Status and Configuring Port
275Using Friendly (Optional) Port Names
- Show
  - augments
  - does not replace
- Configuring and Operating Rules for Friendly Port Names
  - show name
  - show interface
  - port-number
    - A friendly port name can have up to 64 contiguous alphanumeric charac ters
  - invalid input
    - In a port listing
  - not assigned
- 276Configuring Friendly Port Names
  - Syntax: interface < port-list > name < port-name-string
  - Assigns a port name to port-list
  - Syntax: no interface < port-list > name
  - Deletes the port name from port-list
  - Figure 10-17.Example of Configuring a Friendly Port Name
- 277Displaying Friendly Port Names with Other Port Data
  - 278To List All Ports or Selected Ports with Their Friendly Port Names
    - This command lists names assigned to a specific port
    - Syntax: show name [ port-list ]
  - Figure 10-19.Example of Friendly Port Name Data for All Ports on the Switch
  - 279Including Friendly Port Names in Per-PortStatistics Listings. A
    - Syntax: show interface < port-number
    - port-number
    - Includes the friendly port name with the port’s traffic statistics listing
  - Figure 10-21.Example of a Friendly Port Name in a Per-PortStatistics Listing
    - Name : not assigned
  - To Search the Configuration for Ports with Friendly Port Names
- 281Configuring Transceivers and Modules That Haven’t
- Been Inserted
  - Transceivers
  - Modules
  - Syntax: module <module-num>type <module-type
  - Allows you to configure the type of the module
  - must not have a configuration associated with it
- Clearing the Module Configuration
283Uni-DirectionalLink Detection (UDLD)
- Figure 10-23.UDLD Example
- 284Configuring UDLD
  - When configuring UDLD, keep the following considerations in mind:
  - group’s primary port enables the feature on that port only
  - ■ Dynamic trunking is not supported. If you want to configure a trunk
  - group that contains ports on which UDLD is enabled, you must
  - remove the UDLD configuration from the ports. After you create the
  - trunk group, you can re-addthe UDLD configuration
  - notes and current manuals for required software versions
  - The following commands allow you to configure UDLD via the CLI
  - Syntax: [no] interface <port-list> link-keepalive
  - Enables UDLD on a port or range of ports
  - To disable the feature, enter the no form of the command
  - Default: UDLD disabled
  - 285Enabling UDLD
  - 286Changing the Keepalive Interval
  - Changing the Keepalive Retries
  - Configuring UDLD for Tagged Ports
- 287Viewing UDLD Information
  - link-keepalive
  - Figure 10-24.Example of Show Link-KeepaliveCommand
  - 288show link keepalive statistics
  - Figure 10-25.Example of Show Link-KeepaliveStatistics Command
    - To clear UDLD statistics, enter the following command:
    - ProCurve# clear link-keepalivestatistics
  - show link keepalive statistics
- 289Configuration Warnings and Event Log Messages
  - Warning Messages
  - Table 10-3.Warning Messages caused by configuring UDLD for Tagged Ports
  - Event Log Messages
  - Table 10-4.UDLD Event Log Messages
291Power Over Ethernet (PoE/PoE+) Operation
293Introduction to PoE
- PoE Terminology
295PoE Operation
- Using the commands described in this chapter, you can:
- ■Enable or disable PoE operation on individual ports
- ■Monitor PoE status and performance per module
- Configure a
- Configuration Options
  - Disable or
  - Manually allocate the amount of PoE power for a port by usage, value, or class
  - ■Allocate PoE power based on the link-partner’scapabilities via LLDP
  - uring the port
- 296PD Support
  - lower
- 297Power Priority Operation
  - When Is Power Allocation Prioritized
  - How Is Power Allocation Prioritized
298Configuring PoE Operation
- Disabling or Re-EnablingPoE Port Operation
- Enabling Support for Pre-StandardDevices
- 299Configuring the PoE Port Priority Level
  - Syntax: interface < port-list > power-over-ethernet[ critical | high | low ]
  - •Critical: Specifies the highest-priorityPoE support for
  - •High: Specifies the second priority PoE support for
  - 300Table 11-1.Example of PoE Priority Operation on a PoE Module
    - PoE Priority With Two or More Modules
  - 301Critical
  - Low
- 302Controlling PoE Allocation
  - Syntax: [no] int <port-list> poe-allocate-by[usage | class | value]
  - usage: The automatic allocation by a PD
  - usage
  - class:
    - value: A user-definedlevel of PoE power allocated for that port
  - value:
    - allow for power losses along the Cat-5cable
  - Table 11-2.Power Classes and Their Values
    - For example, to allocate by class for ports 6 - 8:
    - ProCurve(config)# int 6-8 PoE-allocate-byclass
- 303Manually Configuring PoE Power Levels
  - poe
  - allocate-by
  - value
    - ProCurve(config)# int A6 poe-allocate-byvalue
    - or in interface context:
    - ProCurve(eth-A6)# poe-allocate-byvalue
    - Then select a value:
    - ProCurve(config)# int A6 poe-value15
    - ProCurve(eth-A6)# poe-value15
    - To view the settings, enter the show power-over-ethernet command:
  - power-over-ethernet
    - If you set the PoE maximum value to less than the PD requires, a fault occurs
  - Figure 11-2.Example Showing PoE Power Value Set Too Low for the PD
- 304Configuring PoE Redundancy (Chassis Switches Only)
  - Syntax: [no] power-over-ethernetredundancy [n+1 | full]
  - Allows you to set the amount of power held in reserve for redundancy
  - The no option means that all available power can be allocated to PDs
  - Default: No PoE redundancy enforced
  - Default:
  - full:
    - See the
  - www. procurve.com
- 305Changing the Threshold for Generating a Power Notice
  - You can configure one of the following thresholds:
  - Syntax: power-over-ethernet[slot < slot-id-range >] threshold < 1 - 99
  - 306[slot
  - slot-id-range
    - ProCurve(config)# power-over-ethernetthreshold
    - Slot B POE usage has exceeded threshold of 70%
    - Syntax: power-over-ethernet[slot <slot-id-range>]threshold <1 - 99
  - 307(Continued)
    - Slot B POE usage is below threshold of 70%
  - threshold
    - ProCurve(config)# power-over-ethernetslot d threshold
308PoE/PoE+ Allocation Using LLDP Information
- LLDP with PoE
  - poe-lldp-detect
309Displaying the Switch’s Global PoE Power Status
- Syntax: s
  - Displays the switch’s global PoE power status, including:
  - •Total Remaining Power: The amount of PoE power still available
- <port-list>:
- <slot-id-range>:
- 310Figure 11-3.Example of show power-over-ethernetCommand Output
- 311Displaying PoE Status on All Ports
  - Yes
  - usage, class, value)
  - •Detection Status:
    - For example, show power-over-ethernetbrief displays this output:
  - 312brief
  - Figure 11-4.Example of show power-over-ethernetbrief Command Output
    - You can also show the PoE information by slot:
  - Figure 11-5.Showing the PoE Information by Slot
- 313Displaying the PoE Status on Specific Ports
  - Syntax: show power-over-ethernet <port-list
  - •Allocate by: How PoE is allocated (usage, class, value)
  - 314A6-A7
  - Figure 11-6.Example of Show Power-Over-Ethernet< port-list > Output
315Planning and Implementing a PoE Configuration
- Support
- Manuals
- Power Requirements
- 316Assigning PoE Ports to VLANs
- Applying Security Features to PoE Configurations
- Assigning Priority Policies to PoE Traffic
  - 317Table 11-3.Classifiers for Prioritizing Outbound Packets
318PoE Event Log Messages
- “Informational” PoE Event-LogMessages
- Slot <slot-id > POE usage is below
- configured threshold of < 1 - 99 >%
- port <port-id > applying power to PD
- port <port-id > PD detected
- Slot <slot-id > software update started
- Slot <slot-id > software update
- completed on PoE controller <controller
- controller
- id
- 319“Warning” PoE Event-LogMessages
- chassis
- Port <port-id > PD Denied power due to insufficient power allocation
- Port <port-id> PD Invalid Signature
- <port-id
- indication
- Port <port-id > PD Over Current
- 50v Power Supply is faulted
- Failures:<num-failures
- 50v Power Supply is OK. Failures:
- <num-failures
- FET bad on port <port-id
321Port Trunking
- 323Figure 12-1.Conceptual Example of Port Trunking
  - All port trunk links must be point
  - to-point
  - non-trunking
- 324Port Security Restriction
  - re-connect
  - the ports
- L A C P N o t e
325Port Trunk Features and Operation
- The switches covered in this guide offer these options for port trunking:
- ■LACP: IEEE 802.3ad—page
- ■Trunk: Non-Protocol—page
326Trunk Configuration Methods
- ProCurve(config) int c1-c4lacp active
- ProCurve(config)# no int c1-c4lacp
- Removes the ports from the trunk
- ProCurve(config)# int c1-c4lacp passive
- Configures LACP passive
- Static Trunk:
- trunk
- Table 12-1.Trunk Types Used in Static and Dynamic Trunk Groups
- 327Table 12-2.Trunk Configuration Protocols
- 328Table 12-3.General Operating Rules for Port Trunks
- Auto-10
- Figure 12-2.Recommended Port Mode Setting for LACP
- Dyn1
  - (for an LACP dynamic trunk) or
- 329Figure 12-3.Example of a Port Trunk in a Spanning Tree Listing
- show ip igmp
- Important
330Menu: Viewing and Configuring a Static Trunk Group
- 1.Follow the procedures in the Important note above
- 2.From the Main Menu, Select:
- 2.Port/Trunk Settings
- Figure 12-4.Example of the Menu Screen for Configuring a Port Trunk Group
  - 4.In the Group column, move the cursor to the port you want to configure
  - Use the Space bar to choose a trunk group assignment
- Trk2
- 331Figure 12-5.Example of the Configuration for a Two-PortTrunk Group
  - –LACP
  - –Trunk (the default type if you do not specify a type)
- LACP
- Trunk)
  - When you are finished assigning ports to the trunk group, press
332CLI: Viewing and Configuring Port Trunk
Groups
- Trunk Status and Configuration Commands
- Using the CLI To View Port Trunks
  - Listing Static Trunk Type and Group for All Ports or for Selected
  - Ports
  - 333Figure 12-6.Example Listing Specific Ports Belonging to Static Trunks
  - Figure 12-7.Example of a Show Trunk Listing Without Specifying Ports
  - 334Listing Static LACP and Dynamic LACP Trunk Data
  - Figure 12-8.Example of a Show LACP Listing
  - Dynamic LACP Standby Links
- 335Using the CLI To Configure a Static or Dynamic Trunk
  - 336Configuring a Static Trunk or Static LACP Trunk Group
    - Syntax: trunk < port-list > < trk1 ... trk144> < trunk | lacp
    - Configures the specified static trunk type
    - with the group name of Trk2
    - ProCurve(config)# trunk c4-c6trk2 trunk
    - one or more ports from an existing Trkx trunk group
  - Trk
    - When you remove a port from a trunk where spanning tree is not in use
    - on that port
    - Syntax: no trunk < port-list
    - Removes the specified ports from an existing trunk group
    - For example, to remove ports C4 and C5 from an existing trunk group
    - ProCurve(config)# no trunk c4-c5
    - tion, all ports on the switch are set to disabled. To enable the switch to
    - device on the other end of the link is configured for LACP Passive
  - Passive
    - Syntax: interface < port-list> lacp active
    - This example uses ports C4 and C5 to enable a dynamic LACP trunk group
    - ProCurve(config)# interface c4-c5lacp active
  - 337Active
    - and LACP
  - passive
    - without first removing LACP operation from the port.)
338Web: Viewing Existing Port Trunk
339Trunk Group Operation Using LACP
- Auto-100
- Auto-1000
- 10FDx
- 100FDx
- 1000FDx
- show lacp
- 340Table 12-4.LACP Trunk Types
- 342Default Port Operation
  - ProCurve> show lacp
  - Table 12-5.LACP Port Status Data
- 343LACP Notes and Restrictions
  - 802.1X (Port-BasedAccess Control) Configured on a Port. To main
    - ProCurve(config)# aaa port-accessauthenticator b1
    - LACP has been disabled on 802.1x port(s)
    - ProCurve(config)# int b1 lacp passive
    - LACP has been disabled on secured port(s). ProCurve(config)#
    - ProCurve(config)# int a17 lacp passive
    - To restore LACP to the port, you must remove port security and re-enable
    - LACP active or passive
  - 344Changing Trunking Methods
  - Static LACP Trunks
  - VLANs and Dynamic LACP
  - Forbid
    - If you want to use LACP for a trunk on a
    - Some older devices are limited to four ports in a trunk. When eight
    - LACP-enabled
  - 345Figure 12-11.Blocked Ports with LACP
  - 346Half-Duplexand/or Different Port Speeds Not Allowed in LACP
  - Trunks
    - ■If the port is a 10-gigabitport
    - ■If a port is set to LACP Active, you cannot configure it to HDx
    - ) LACP, but any ports configured as standby LACP links will be ignored
347Distributed Trunking
- 348Figure 12-13.Example of Distributed Trunking Configuration
- Figure 12-14.Exampleof Distributed Trunking
- 349Distributed Trunking Interconnect Protocol (DTIP)
- 350Configuring Distributed Trunking
  - ISC Port Configuration
  - The no form of the command removes the ISC interface configuration
  - Distributed Trunking Port Configuration
  - Distributed trunking ports must be configured manually
  - To configure distributed trunking on the switch, enter this command:
  - port-lis
  - dt-lacp
  - Figure 12-15.Exampleof Configuring Distributed Trunking
- 351Displaying Distributed Trunking Information
  - show lacp distributed
    - Syntax: show lacp [distributed]
    - Displays information about distributed trunks and LACP status
  - Figure 12-16.Exampleof the Output for the show lacp distributed Command
- 352Maximum DT Trunks and Links Supported
  - Table 12-1.Maximum DT Trunks and Links
  - Max Number
- Forwarding Traffic with Distributed Trunking and
- Spanning Tree
  - Forwarding Unicast Traffic Upstream
  - 353Forwarding Broadcast, Multicast, and
  - Unknown Traffic Upstream
  - Forwarding Unicast Traffic Downstream (to the Server)
  - Forwarding Broadcast, Multicast, and Unknown Traffic Downstream (to the Server)
  - 354A B
  - DT1
  - DT2
- 355Distributed Trunking Restrictions
  - There are several restrictions with distributed trunking
  - Only servers are supported as Distributed Trunking Devices (DTDs)
  - A distributed trunk can span a maximum of two switches
  - Meshing and DT switches are mutually exclusive
  - ARP protection is not supported on the distributed trunks
  - STP is disabled on DT ports
  - QinQ in mixed VLAN mode and distributed trunking are mutually exclu sive
  - SVLANs in mixed mode are not supported on DT or ISC links
  - DHCP snooping and IGMP snooping are not supported on DT links
356Trunk Group Operation Using the
“Trunk” Option
357How the Switch Lists Trunk Data
- Dynamic LACP Trunk Group: Appears in the output from the CLI show lacp command
Outbound Traffic Distribution Across Trunked Links
- 358Figure 12-18.Example of Single Path Traffic through a Trunk
- Figure 12-19.Example of Port-TrunkedNetwork
361Port Traffic Controls
- This chapter includes:
- 363Rate-Limiting:
- Jumbo Frames:
364Rate-Limiting
- All Traffic Rate-Limiting
  - Configuring Rate-Limiting
  - The mode using bits per second (bps) in releases before K.12.XX has been
  - replaced by the kilobits per second (kbps) mode. Switches that have config
  - urations with bps values will be automatically converted when you update
  - a switch running later versions of the software (K.12.XX or greater)
  - ■Rate-limitingon either inbound or outbound traffic
  - 365out —
  - kbps —
  - Notes:
    - The
    - •Rate-limitingdoes not apply to trunked ports (including meshed ports)
    - —Continued—
    - Kbps
  - 366> disable
    - Displaying the Current Rate-LimitConfiguration
  - 367Figure 13-1.Example of Listing the Rate-LimitConfiguration
    - To view RADIUS-assigned rate-limitinformation, use one of the following
    - command options:
    - show port-access
    - web-basedclients < port-list > detailed
    - mac-basedclients < port-list > detailed
    - authenticator clients < port-list > detailed
    - and Configuration Guide for your switch
    - ration currently stored in the startup-configfile. (Note that configuration
    - do not appear in the startup-configfile.)
  - 368Figure 13-2.Example of Rate-LimitSettings Listed in the “show config” Output
    - Operating Notes for Rate-Limiting
    - , regardless of traffic priority
    - < port-list >: Operation is not allowed for a trunked port
  - 369Monitoring (Mirroring)
    - If monitoring is configured, packets dropped by
  - Optimum
    - Optimum
    - occurs with
    - 64-byte
    - of all sizes of packets
    - (((100,000,000 bits) / 8 ) / 84) x 64 = 9,523,809 bytes per second
    - and the
    - rate-limit
    - of 50% has no effect
    - bandwidth usage > (0.50 x 9,523,809)
- 370ICMP Rate-Limiting
  - 371all)
  - 372Spoofed Ping:
    - Guidelines for Configuring ICMP Rate-Limiting
  - Figure 13-3.Example of ICMP Rate-Limiting
    - Configuring ICMP Rate-Limiting
  - 373kbps
  - <0-10000000>:
    - traffic in kilobits per second
    - 0: This value causes an interface to drop all incoming ICMP
    - traffic, and is not recommended. Refer to the Caution on
    - Note: ICMP rate-limitingis not supported on meshed ports
    - (Rate-limitingcan reduce the efficiency of paths through a
    - mesh domain)
    - limit of 1% on ports A3 - A5, which are used as network edge ports:
    - ProCurve(config)# int a3-a5 rate-limiticmp
    - ProCurve (eth-A3-A5)# rate-limiticmp
    - with the disparity increasing as the packet size decreases (the packet to
    - payload ratio is higher)
    - speeds such as 10 Gbps
    - 374Using Both ICMP Rate-Limitingand All-Traffic Rate-Limitingon the Same Interface
    - The ICMP traffic
    - If at a given moment:
    - ■Inbound ICMP traffic on port “X” is using 1% of the port’s bandwidth, and
    - ■Inbound traffic of all types on port “X” demands 61% of the ports’s bandwidth
    - Displaying the Current ICMP Rate-LimitConfiguration
    - Syntax: show rate-limiticmp [ port-list ]
  - 375Figure 13-4.Example of Listing the Rate-LimitConfiguration
  - Interface support:
  - 378Determining the Switch Port Number Used in ICMP Port Reset
  - Commands:
  - walkmib ifDescr
    - ProCurve# walkmib ifDescr
    - ifDescr.48 = B22 ifDescr.49 = B23 ifDescr.50 = B24
  - Figure 13-5.Matching Internal Port Numbers to External Slot/Port Numbers
- 379Configuring Inbound Rate-Limitingfor Broadcast and Multicast Traffic
  - 380Figure 13-6.Example of Inbound Broadcast Rate-limitingof 50% on Port
  - 381Figure 13-7.Example of Inbound Multicast Rate-limitingof 20% on Port
    - To disable rate-limitingfor a port enter the no form of the command
  - Figure 13-8.Example of Disabling Inbound Multicast Rate-limitingfor Port
    - ■This rate-limitingoption does not limit unicast traffic
    - ■This option does not include outbound multicast rate-limiting
382Guaranteed Minimum Bandwidth (GMB)
- GMB Operation
  - fying a minimum bandwidth for a high-priorityqueue but not specifying a
  - configured to allocate a minimum bandwidth of 80% for outbound high
  - starves lower-priorityqueues that do not have a minimum configured
  - but will likely cause delays in the delivery of the lower-prioritytraffic
  - exceed 100%
  - Impacts of QoS Queue Configuration on GMB Operation
  - 384interface band
  - width-min
  - show bandwidth output
  - Table 13-2.Default GMB Percentage Allocations per QoS Queue Configuration
    - 385For more information on queue configuration and the associated default
    - (QoS): Managing Bandwidth More Effectively” in the Advanced Traffic
    - ” in the
    - Management Guide for your switch
    - Configuring Guaranteed Minimum Bandwidth for
    - Outbound Traffic
    - Syntax: [ no ] int < port-list > bandwidth-minoutput
    - • Queue 1 (low priority): 2%
    - • Queue 2 (low priority): 3%
    - • Queue 3 (normal priority): 30%
    - • Queue 4 (normal priority): 10%
    - • Queue 5 (medium priority): 10%
    - • Queue 6 (medium priority): 10%
    - • Queue 7 (high priority): 15%
    - • Queue 8 (high priority): 20%
    - The no form of the command disables GMB for all ports in
    - 386%> <queue7%> <queue8%>]
    - 1.Queue 8 (high priority)
    - 2.Queue 7 (high priority)
    - 3.Queue 6 (medium priority)
    - 4.Queue 5 (medium priority)
    - 5.Queue 4 (normal priority)
    - 6.Queue 3 (normal priority)
    - 7.Queue 2 (low priority)
    - 8.Queue 1 (low priority)
    - (continued)
    - Displaying the Current Guaranteed Minimum Bandwidth
    - Configuration
  - 388Figure 13-9.Example of Listing the Guaranteed Minimum Bandwidth
  - Figure 13-10.Example of GMB Settings Listed in the “show config” Output
- 389GMB Operating Notes
  - Impact of QoS Queue Configuration on GMB commands. Changing
390Jumbo Frames
- Jumbo Frame:
- Jumbo VLAN:
- MTU
  - Maximum Transmission Unit)
- Standard MTU:
- 391Operating Rules
  - Switch Meshing:
  - GVRP Operation:
  - Port Adds and Moves:
  - Jumbo Traffic Sources:
- 392Configuring Jumbo Frame Operation
  - Overview
  - jumbo
    - Execute
  - 393Figure 13-11.Example Listing of Static VLANs To Show Jumbo Status Per VLAN
    - Syntax: show vlans ports < port-list
  - Jumbo
  - 394Figure 13-12.Example of Listing the VLAN Memberships for a Range of Ports
    - Syntax: show vlans < vid
  - Figure 13-13.Example of Listing the Port Membership and Jumbo Status for a
  - < vid
  - [no]
  - no jumbo
- 395Configuring a Maximum Frame Size
  - GLOBAL
  - 396frame-size
    - configured as
    - Syntax: jumbo ip-mtu<size
  - max-frame-size
    - Default: 9198 bytes
    - SNMP Implementation
  - Jumbo Maximum Frame Size
    - etary MIB object:
    - hpSwitchMaxFrameSize OBJECT-TYPE
    - default value is set to 9216 bytes
  - Jumbo IP MTU
    - The IP MTU for Jumbos is supported with the following proprietary MIB
    - object:
    - hpSwitchIpMTU OBJECT-TYPE
    - Displaying the Maximum Frame Size
  - show jumbos
  - Figure 14. Displaying the Maximum Frame Size and IP MTU Values
    - Operating Notes for Maximum Frame Size
- 397Operating Notes for Jumbo Traffic-Handling
  - 398The switch allows flow control and jumbo frame capability to co-existon a port
  - 399Figure 13-14.Forwarding Jumbo Frames Through Non-JumboPorts
- 400Troubleshooting
  - A VLAN is configured to allow jumbo frames, but one or more ports
  - drops all inbound jumbo frames
  - speed-duplex
  - show interfaces brief < port-list
  - A non-jumboport is generating “Excessive undersize/giant frames”
  - messages in the Event Log
    - 401CLI: Viewing and Configuring SNMP Community Names
    - General Steps for Configuring SNMP Notifications
    - Configuring an SNMP Trap Receiver
    - Configuring SNMPv3 Notifications
    - Managing Network Security Notifications
    - Configuring the Source IP Address for SNMP Notifications
    - Displaying SNMP Notification Configuration
    - 402CLI-ConfiguredsFlow with Multiple Instances
    - Viewing sFlow Configuration and Status
    - LLDP-MED (Media-Endpoint-Discovery)
    - LLDP-MEDTopology Change Notification
    - Displaying Switch Information Available for Outbound
403Using SNMP Tools To Manage the Switch
- products index
- Network Management
- 404SNMP Management Features
  - SNMP management features on the switch include:
  - ■SNMP version 1, version 2c, or version 3 over IP
  - ■Security via configuration of SNMP communities (page 14-11)
  - ■Security via authentication and privacy for SNMP Version 3 access
  - ■Event reporting via SNMP
  - •Version 1 traps
  - •RMON: groups 1, 2, 3, and
  - ■ProCurve Manager/Plus support
  - ■Flow sampling using sFlow
  - Click on software updates, then MIBs
- Configuring for SNMP version 1 and 2c Access to the
- Switch
  - Configure the appropriate SNMP communities. (Refer to
  - Configure the appropriate trap receivers. (Refer to
- 405Configuring for SNMP Version 3 Access to the Switch
- 406SNMP Version 3 Commands
  - SNMP version 3 (SNMPv3) adds some new commands to the CLI for
  - MD5 authentication and DES privacy
  - You may (optionally) restrict access to only SNMPv3 agents by using the
  - the snmpv3 restricted-access command
    - “public” inaccessible to network management applications (such as auto
    - from operating in the switch
    - Syntax: [no] snmpv3 enable
    - Enable and disable the switch for access from SNMPv3
    - agents. This includes the creation of the initial user record
    - [no] snmpv3 only
    - messages
    - [no] snmpv3 restricted-access
    - to read only access
    - show snmpv3 enable
    - Displays the operating status of SNMPv3
    - show snmpv3 only
    - Displays status of message reception of non-SNMPv3
    - show snmpv3 restricted-access
    - Enabling SNMPv3
    - The snmpv3 enable command allows the switch to:
    - Receive SNMPv3 messages
    - Configure initial users
    - ■ Restrict non-version3 messages to “read only” (optional)
  - 407N o t e :
  - S N M P
  - V e r s i o n
  - I n i t i a l U s e r s
    - user with SHA authentication and DES privacy
  - Figure 14-1.Example of SNMP version 3 Enable Command
    - SNMPv3 Users
    - Configure users in the User Table with the
  - 408show snmpv3 user
    - that requires either feature, the user will not be able to access the switch
    - security group
    - name to the list of known users with the snmpv3 user command
  - Figure 14-2.Adding SNMPv3 Users and Displaying SNMPv3 Configuration
  - 409SNMPv3 User Commands
  - Listing Users
  - 410Assigning Users to Groups
  - snmpv3 group
  - Figure 14-3.Example of Assigning Users to Groups
  - SNMPv3 Group Commands
    - Syntax: [no] snmpv3 group
    - group <group_name
    - user <user_name
    - sec-model<ver1 | ver2c | ver3
    - Group Access Levels
    - Each view allows you to view or modify a different set of MIBs
    - ■Manager Read View – access to all managed objects
  - 411Manager Read View
    - ■Discovery View – Access limited to samplingProbe MIB
  - Discovery View
    - SNMPv3 Communities
  - snmpv3 community
  - 412index_name
  - Figure 14-4.Assigning a Community to a Group Access Level
  - 413SNMP Community Features
    - SNMP
    - level view, and either restricted or unrestricted write access
    - compatible with your network
    - Menu: Viewing and Configuring non-SNMPversion
    - Communities
  - To View, Edit, or Add SNMP Communities:
    - 1.From the Main Menu, Select:
  - 6.SNMP Community Names
  - 414Figure 14-5.The SNMP Communities Screen (Default Values)
    - 2.Press [A] (for Add) to display the following screen:
  - Add
  - Figure 14-6.The SNMP Add or Edit Screen
  - Need Help
  - elp
    - 4.Press [Enter], then [S] (for Save)
    - CLI: Viewing and Configuring SNMP Community Names
    - “SNMP Notifications” on page
    - 14-17)
    - Syntax: show snmp-server [<community-string>]
    - community-string
  - 415Figure 14-7.Example of the SNMP Community Listing with Two Communities
    - ProCurve# show snmp-serverpublic
- 417SNMP Notifications
  - Supported Notifications
  - 418■Advance Traffic Management Guide:
  - •Loop protection
  - •Spanning Tree (STP, RSTP, MSTP)
  - ■Access Security Guide:
  - •MAC lockdown
  - •MAC lockout
  - •Uni-DirectionalLink Detection (UDLD)
  - •Virus throttling
  - ■Multicast and Routing Guide:
  - •OSPF
  - •PIM
  - •Virtual Router Redundancy Protocol (VRRP)
  - General Steps for Configuring SNMP Notifications
  - To configure SNMP notifications, follow these general steps:
  - •“SNMPv1 and SNMPv2c Traps” on page
  - •“Configuring an SNMP Trap Receiver” on page
  - •“Enabling SNMPv2c Informs” on page
  - •“Configuring SNMPv3 Notifications” on page
  - •“Enabling Link-ChangeTraps” on page
  - •“Configuring the Source IP Address for SNMP Notifications” on page
  - •“Displaying SNMP Notification Configuration” on page
  - SNMPv1 and SNMPv2c Traps
  - 419Trap receivers:
    - trap receiver
  - Fixed or
  - host
    - Syntax: snmp-serverhost <ipv4-addr | ipv6-addr><community name
  - 420Table 14-1.Security Levels for Event Log Messages Sent as Traps
    - with an IP address of 10.28.227.130 to receive only "critical" event log
    - messages, you can enter the following command:
    - critical
    - for the same management station
    - traps and threshold traps (if configured) are still sent
    - Enabling SNMPv2c Informs
    - reached its destination
    - be resent, based on the retry count value
    - the inform notification
    - Syntax: [no] snmp-serverhost <ipv4-addr | ipv6-addr><community name
    - inform [retries <count>] [timeout <interval>]]
    - count
    - switch and allows you to configure options for sending
    - SNMP inform requests
    - retries: Maximum number of times to resend an inform
  - 421retries:
    - request if no SNMP response is received. Default:
    - before resending the inform request. Default: 15 seconds
    - The retries and timeout values are not used to send trap requests
  - 422retries
  - timeout
    - command:
  - Figure 14-8.Display of SNMPv2c Inform Configuration
    - Configuring SNMPv3 Notifications
  - 423snmpv3 notify
  - no snmpv3 notify
  - <notify_name
  - snmpv3 targetaddress params taglist
  - 424snmpv3 targetaddress
  - params
  - snmpv3 params
  - taglist
  - 425snmpv3 params user
  - sec-model
  - msg-processing
    - < sec-model< ver1 | ver2c | ver3
  - ver3
  - 426Figure 14-9.Example of an SNMPv3 Notification Configuration
    - Managing Network Security Notifications
    - ■“Configuring an SNMP Trap Receiver” on page
    - ■“Configuring SNMPv3 Notifications” on page
    - ■Dynamic IP Lockdown hardware resources consumed
    - ■Link change notification
  - 427enable traps
    - •login-failure-mgr sends a trap for a failed login with a manager password
    - •password-change-mgr sends a trap when a manager password is reset
  - traps
  - 428Figure 14-10.Display of Configured Network Security Notifications
    - Enabling Link-ChangeTraps
  - link-change
    - Syntax: [no] snmp-serverenable traps link-change<port-list> [all]
    - port-list
    - Enter all to enable or disable link-changetraps on all ports on the switch
    - Configuring the Source IP Address for SNMP Notifications
  - 429snmp server
  - response-source
  - trap-source
    - pv6 addr
    - Default: Interface IP address
  - dst-ip-of-request:
    - ipv6-addr
  - 430loopback
  - <0-7
  - 431Figure 14-11.Display of Source IP Address Configuration
    - Displaying SNMP Notification Configuration
    - Use the show snmp-server command to display the currently configured:
    - ■Management stations (trap receivers)
    - ■Settings for network security notifications and link-changetraps
    - ■SNMP communities
    - Syntax: show snmp-server
  - 432Figure 14-12.Display of SNMP Notification Configuration
    - 433Configuring Listening Mode
- 434Advanced Management: RMON
  - The following RMON groups are supported:
  - ■Ethernet Statistics (except the numbers of packets of different frame sizes)
  - ■Alarm
  - ■History (of the supported Ethernet statistics)
  - ■Event
  - Network Manager
- CLI-ConfiguredsFlow with Multiple Instances
  - sFlow —
  - sFlow agent —
  - sFlow destination —
    - Configuring sFlow
    - Syntax: [no] sflow <receiver-instance>destination <ip-address> [udp-port-num]
    - To disable an sFlow receiver/destination, enter no sflow <receiver-instance
    - Syntax: sflow <receiver-instance>sampling <port-list><sampling rate
    - Syntax: sflow <receiver-instance>polling <port-list><polling interval
    - port or ports
    - a polling interval of “0”
    - using the no sflow <receiver-instance> command
  - 435no sflow
    - Viewing sFlow Configuration and Status
    - status via the CLI
    - Syntax: show sflow agent
    - Syntax: show sflow <receiver instance> destination
    - Syntax: show sflow <receiver instance> sampling-polling <port-list/range
    - Displays status information about sFlow sampling and polling
  - 436show sflow agent
    - ProCurve# show sflow agent
    - Version
    - 1.3;HP;K.11.40
    - Agent Address
  - Figure 14-13.Example of Viewing sFlow Agent Information
    - ProCurve# show sflow 2 destination
    - Destination Instance
    - sflow
    - Datagrams Sent
    - Destination Address
    - Receiver Port
    - Owner
    - Administrator, CLI-owned,Instance
    - Timeout (seconds)
    - Max Datagram Size
    - Datagram Version Support
  - Figure 14-14.Example of Viewing sFlow Destination Information
    - Note the following details:
    - ■Destination Address remains blank unless it has been configured
  - Destination Address
  - Datagrams Sent
  - Timeout
    - 437instance
    - [port-list]
    - ProCurve# show sflow 2 sampling-polling A1-A4
    - Port
    - | Sampling
    - Rate
    - Header
    - Dropped
    - Polling
    - Interval
    - | Enabled
    - Samples
    - Yes(2)
    - Yes(1)
    - No(1)
    - Yes(3)
    - No(3)
    - The sampling and polling instances (noted in parentheses) coupled to a
    - specific receiver instance are assigned dynamically, and so the instance
438LLDP (Link-LayerDiscovery Protocol)
- Provides an extension to LLDP and is designed to support VoIP deployments
- enabled as a prerequisite to LLDP-MEDoperation
- An SNMP utility can progressively discover LLDP devices in a network by:
- Adjacent Device: Refer to “Neighbor or Neighbor Device”
- 439Adjacent Device:
- Advertisement: See LLDPDU
- Active Port:
  - LLDP: Link Layer Discovery Protocol:
- LLDP:
  - •Switches covered in this guide: IEEE 802.1AB
- LLDP-Aware:
  - LLDP Device: A switch, server, router, or other device running LLDP
- LLDP Device:
- 440LLDP Neighbor:
- LLDPDU (LLDP Data Unit):
- LLDP-MED(Link Layer Discover Protocol Media Endpoint
- MIB
  - ten-digit
  - seven-digits
  - are a local telephone number
  - Neighbor: See “LLDP Neighbor”
- Neighbor:
  - Non-LLDPDevice: A device that is not capable of LLDP operation
- Non-LLDP
- Device:
- PD (Powered Device):
  - 802.3af-compliant
  - PDs directly connected to the ports on the module
- TLV
- (Type-Length-Value):
- 441General LLDP Operation
  - LLDP-MED
- Packet Boundaries in a Network Topology
  - 14-42)
  - 442Enable or Disable
  - LLDP-MED
  - Change the Frequency of LLDP Packet Transmission to Neighbor
  - Devices
  - Transmit and Receive Mode
    - Receive only
  - rxonly
    - Disable
  - disable
  - Remote Management Address
  - Debug Logging
  - debug lldp
- 444Options for Reading LLDP Information Collected by the Switch
  - ■Using the walkmib command to display a listing of the LLDP MIB objects
- LLDP and LLDP-MEDStandards Compatibility
  - The operation covered by this section is compatible with these standards:
  - ■IEEE P802.1AB
  - ■RFC 2922 (PTOPO, or Physical Topology MIB)
  - ■RFC 2737 (Entity MIB)
  - ■RFC 2863 (Interfaces MIB)
  - ANSI/TIA-1057/D6
- 445LLDP Operating Rules
  - Port Trunking
    - xxx.xxx.xxx.xxx: This IP address is not configured or is a DHCP address
  - Spanning-Tree
  - Blocking
  - 802.1X Blocking
- 446Configuring LLDP Operation
  - show lldp config
  - [no] lldp run
  - lldp refresh-interval
  - lldp holdtime-multiplier
  - lldpTxDelay
  - lldpReinitDelay
  - lldp enable-notification
  - lldpnotificationinterval
  - lldp admin-status< txonly | rxonly | tx_rx | disable
  - lldp config < port-list > IpAddrEnable
  - lldp config < port-list > basicTlvEnable
  - Viewing the Current Configuration
  - Displaying the Global LLDP, Port Admin, and SNMP Notification
  - Status
    - Syntax show lldp config
  - 447show lldp config
  - Figure 14-16.Example of Viewing the General LLDP Configuration
  - 448Displaying Port Configuration Details. This command displays the port
    - specific configuration, including
    - Syntax show lldp config < port-list
    - Displays the LLDP port-specificconfiguration for all ports in
  - Figure 14-17.Example of Per-PortConfiguration Display
    - Configuring Global LLDP Packet Controls
    - Enabling LLDP operation (the default) causes the switch to:
    - Use active
    - Syntax [ no ] lldp run
    - For example, to disable LLDP on the switch:
    - ProCurve(config)# no lldp run
    - Syntax lldp refresh-interval< 5 - 32768
    - Note: The refresh-interval must be greater than or equal to
  - 449delay-interval
  - 450holdtime-multiplier
  - holdtime-interval
    - ProCurve(config)# lldp holdtime-multiplier2
  - Changing the Delay Interval Between Advertisements Generated by
    - Syntax setmib lldpTxDelay.0 -i< 1 - 8192
  - 451Inconsistent value
  - Figure 14-18.Example of Changing the Transmit-DelayInterval
    - Syntax setmib lldpReinitDelay.0 -i< 1 - 10
    - ProCurve(config)# setmib lldpreinitdelay.0
    - Configuring SNMP Notification Support
  - 452Enabling LLDP Data Change Notification for SNMP Trap Receivers
    - Syntax [ no ] lldp enable-notification< port-list
    - port-list
    - For example, this command enables SNMP notification on ports 1 - 5:
    - ProCurve(config)# lldp enable-notification
    - Syntax setmib lldpnotificationinterval.0 -i< 1 - 3600
    - Configuring Per-PortTransmit and Receive Modes
    - Syntax lldp admin-status< port-list > < txonly | rxonly | tx_rx | disable
  - 453tx_rx
  - 454Mandatory Data
    - ■Chassis Type (TLV subelement)
    - ■Chassis ID (TLV)
    - ■Port Type (TLV subelement)
    - ■Port ID (TLV)
  - Configuring a Remote Management Address for Outbound LLDP
    - Syntax [ no ] lldp config < port-list > ipAddrEnable < ip-address
  - 455Optional Data
    - ■port description (TLV)
    - ■system name (TLV)
    - ■system description (TLV)
    - ■system capabilities (TLV)
    - •system capabilities Supported (TLV subelement)
    - •system capabilities Enabled (TLV subelement)
    - ■port speed and duplex (TLV subelement)
    - Syntax: [ no ] lldp config < port-list > basicTlvEnable < TLV-Type
    - port_descr
    - (Default: Enabled)
    - system_name
    - system_descr
    - 456Configuring Support for Port Speed and Duplex
    - Advertisements
    - Syntax: [ no ] lldp config < port-list > dot3TlvEnable macphy_config
- 457LLDP-MED (Media-Endpoint-Discovery)
  - ■plug-and-playprovisioning for MED-capable,VoIP endpoint devices
  - simplified
  - ■detailed VoIP endpoint data inventory readable via SNMP from the switch
  - 458Figure 14-19.Example of LLDP-MEDNetwork Elements
  - LLDP-MED
  - Endpoint Support
    - 459able to use the following network policy elements configured on the client port
    - •voice VLAN ID
    - •802.1p (Layer 2) QoS
    - •Diffserv codepoint (DSCP) (Layer 3) QoS
    - ■discover and advertise device location data learned from the switch
    - ■support emergency call service (ECS—suchas E911, 999, and 112)
    - hardware revision
    - serial number
    - • asset ID
    - firmware revision
    - manufacturer name
    - software revision
    - model name
    - ■support the fast start capability
    - endpoints, and is not designed to support links between network
    - infrastructure devices, such as switch-to-switchor switch-to-routerlinks
    - endpoint device belongs to one of the following three classes:
  - 460Operational Support
    - LLDP-MEDTopology Change Notification
    - 462LLDP-MEDFast Start Control
    - (Range: 1 - 10 seconds; Default: 5 seconds)
    - Advertising Device Capability, Network Policy, PoE Status and Location Data
    - ■LLDP-MEDcapabilities: This TLV enables the switch to determine:
    - •whether a connected endpoint device supports LLDP-MED
    - •which specific LLDP-MEDTLVs the endpoint supports
    - •the device class (1, 2, or 3) for the connected endpoint
    - This TLV also enables an LLDP-MEDendpoint to discover what LLDP
    - MED TLVs the switch port currently supports
    - ■PoE (MED Power-over-Ethernet)
    - ■physical location data — page
  - 463dot3TlvEnable macphy_config command on page
    - Network Policy Advertisements. Network policy advertisements are
  - Network Policy Advertisements
    - intended for real-timevoice and video applications, and include these TLV
    - subelements:
    - ■ Layer 2 (802.1p) QoS
    - ■ Layer 3 DSCP (diffserv code point) QoS
    - ■ Voice VLAN ID (VID)
    - network policy TLVs:
    - operation (vlan < vid > voice)
  - voice
    - ■ If there are multiple voice VLANs configured on a port, LLDP-MED
    - advertises the voice VLAN having the lowest VID
    - the switch port to have a tagged voice VLAN membership.)
    - ■ If a given port does not belong to a voice VLAN, then the switch does not
    - advertise the VLAN ID TLV through this port
    - using a RADIUS server and 802.1X or MAC authentication. (Web
    - authentication does not apply to VoIP telephones and other
    - telecommunications devices that are not capable of accessing the switch
    - through a Web browser.) The QoS and voice VLAN policy elements can be
    - statically configured with the following CLI commands:
    - vlan < vid > voice
    - vlan < vid > < tagged | untagged > < port-list
    - int < port-list > qos priority < 0 - 7
    - vlan < vid > qos dscp < codepoint
    - codepoint
    - “Quality of Service (QoS): Managing Bandwidth More Effectively” in the
    - Advanced Traffic Management Guide for your switch
  - 464Enabling or Disabling medTlvEnable. In the default LLDP-MED
    - configuration, the TLVs controlled by medTlvEnable are enabled
    - Syntax: [ no ] lldp config < port-list > medTlvEnable < medTlv
    - medTlv
    - Enables or disables advertisement of the following TLVs on the specified ports:
    - •device capability TLV
    - •configured network policy TLV
    - configured location data TLV (Refer to
    - •current PoE status TLV
    - (Default: All of the above TLVs are enabled.)
    - capabilities
    - This TLV enables the switch to determine:
    - •which LLDP-MEDTLVs a connected endpoint can discover
    - •the device class (1, 2, or 3) for the connected endpoint
    - (Default: enabled)
  - 466PoE Advertisements
  - power type:
  - power source
  - power priority:
  - power value:
  - show lldp info remote-device< port-list
  - show power brief < port-list
  - show power < port-list
    - Configuring Location Data for LLDP-MEDDevices
  - civic address:
  - 467ELIN (Emergency Location Identification Number):
  - coordinate-based
  - location:
    - Syntax: [ no ] lldp config < port-list > medPortLocation < Address-Type
    - Address-Type
    - civic-addr
  - civic-addr
  - www.iso.org
    - 0:Location of DHCP server
    - 1:Location of switch
    - 2:Location of LLDP-MEDendpoint (recommended application)
    - This field is required in a civic-addr command. —Continued—
    - 468— Continued—
    - •3 = city
    - •6 = street (name)
    - •25 = building name (Range: 0 - 255)
    - For a sample listing of CA-TYPE specifiers, refer to table 14-4on page
    - elin-addr< emergency-number
    - (Range: 1-15numeric characters)
  - 469Configuring Coordinate-BasedLocations. Latitude, longitude, and
    - the application. A further source of information on this topic is RFC 3825
    - Dynamic Host Configuration Protocol Option for Coordinate-based
    - Location Configuration Information
    - dependent. Refer to the documentation provided with the endpoint device
  - 470Table 14-4.Some Location Codes Used in CA-TYPEFields
  - Location Element
  - Code
  - Figure 14-20.Example of a Civic Address Configuration
- 471Displaying Advertisement Data
  - Displaying Switch Information Available for Outbound
  - Syntax show lldp info local-device[ port-list ]
  - 472•PortType
  - •PortId
  - •PortDesc
  - lldp config
  - 473Displaying the Current Port Speed and Duplex Configuration on a
  - 475Figure 14-23.Example of a Global Listing of Discovered Devices
    - 476Displaying LLDP Statistics
    - Syntax show lldp stats [ port-list ]
    - Global LLDP Counters:
    - Shows the elapsed time since a neighbor was last added or deleted
    - “Neighbor Maximum” on page
    - — Continued —
    - Per-PortLLDP Counters:
  - 477NumFramesRecvd:
    - < port- list
  - NumFramesSent:
  - NumFramesDiscarded:
  - Frames Invalid:
  - Figure 14-25.Example of a Global LLDP Statistics Display
  - Figure 14-26.Example of a Per-PortLLDP Statistics Display
- 478LLDP Operating Notes
  - Neighbor Maximum
  - 479LLDP Packet Forwarding:
    - LLDP advertises only one IP address
    - even if multiple IP addresses are configured by
  - > ipAddrEnable
    - on a given port
  - 802.1Q VLAN Information
  - Effect of 802.1X Operation
  - Neighbor Data Can Remain in the Neighbor Database After the
  - Mandatory TLVs
  - Determining the Switch Port Number Included in Topology Change
  - Notification Traps
  - Figure 14-27.Matching Internal Port Numbers to External Slot/Port Numbers
- 480LLDP and CDP Data Management
  - LLDP and CDP Neighbor Data
  - 482CDP Operation and Commands
  - SNMP utility
  - enabled/disabled both globally on the switch and on a per-portbasis
  - 483Syntax: show cdp
    - Lists the switch’s global and per-portCDP configuration
    - The following example shows the default CDP configuration
  - Figure 14-28.Example of Show CDP with the Default CDP Configuration
    - 485Syntax: [no] cdp run
    - Enables or disables CDP read-onlyoperation on the switch. (Default: Enabled)
    - For example, to disable CDP read-onlyon the switch:
    - ProCurve(config)# no cdp run
    - When CDP is disabled:
    - ■show cdp neighbors displays an empty CDP Neighbors table
    - displays
    - Global CDP information
    - Enable CDP [Yes]: No
    - Syntax: [no] cdp enable < [e] port-list
    - For example, to disable CDP on port A1:
    - ProCurve(config)# no cdp enable a1
487Redundancy (Switches 8200zl)
- 488Disabling Redundancy with Two Modules Present
- Disabling Redundancy With Only One Module Present
- Secondary Image
- Selftest
- Switchover
- 490How the Management Modules Interact
491Using Redundant Management
- Displaying Redundancy Status
- 492Enabling or Disabling Redundant Management
  - You can enable or disable redundant management using this command:
  - Syntax: [no] redundancy management-module
  - 493Figure 15-2.Example of Enabling Redundancy
    - command displays “Mgmt Redundancy” as disabled. The standby
    - 2 remains the active management module
    - ProCurve recommends that you leave redundancy enabled. If the active
    - over and may have an old configuration since file synchronization has not
    - occurred
    - management module that is not functioning correctly without physically
    - removing the module. However, removing the management module is the
    - recommended method
  - Figure 15-3.Example of Disabling Redundancy
- 494Directing the Standby Module to Become Active
  - redundancy switchover
  - Figure 15-4.An Example of the Redundancy Switchover Command
- 495Setting the Active Management Module for Next Boot
  - The <specified module> is not present or is in failed state
  - 496Figure 15-5.Setting a Management Module to be Active on the Next Boot
  - active-management
- 498Enabling and Disabling Fabric Modules
  - Syntax: redundancy fabric-module[1 | 2] [enable | disable]
  - Figure 15-7.Example of Disabling a Fabric Module
499Management Module Switchover
- Events that Cause a Switchover
  - MM Rese
  - MM Shutdown
  - boot active
- When Switchover Will not Occur
  - boot system
  - Clear
- Consequences of Switchover
- 500Resetting the Management Module
  - MM Reset
  - Figure 15-8.The MM Reset Button on the 8200zl Management Module
501Hotswapping Management Modules
- Hotswapping Out the Active Management Module
  - MM Shut down
  - Figure 15-9.The MM Shutdown Button
    - When the Standby Module is not Available
    - green to indicate it is OK to hotswap out the active management module
    - If you remove the active management module without pressing the MM
    - Shutdown button, any files that may have been in the process of
    - transfer is aborted
- 502Hotswapping In a Management Module
  - ■ The hotswapped module must pass selftest
  - no redundancy
  - management-module
- Software Version Mismatch Between Active
- and Hotswapped Module
  - 2. The module that was hotswapped in then reboots if necessary to primary
  - or secondary flash, whichever matches (if it doesn’t match already)
503Downloading a New Software Version
- File Synchronization after Downloading
  - Table 15-1.Example of Upgrading Software Version K.12.03 to Version K.12.04
- 504Potential Software Version Mismatches
- After Downloading
  - Figure 15-10.Booting the Standby Management Module to Secondary Flash
    - 505If you have booted one module out of primary flash and one module out of
    - and Hotswapped Module” on page 15-16 for more information
    - Additionally, if a switchover occurs, or if you reboot to make the standby
    - standby module
    - When you enter the show redundancy command and a software version
    - Figure
507Turning Off Redundant Management
- Disabling Redundancy with Two Modules Present
  - Next Boot” on page
  - in the event of a hardware failure of the first management module
  - Figure 15-12 shows that redundant management was disabled
  - Figure 15-12.Results of Disabling Redundancy
- 508Disabling Redundancy With Only One Module Present
  - ProCurve(config)# redundancy management-module
  - ProCurve(config)# redundancy active-managementstandby
  - The standby management module becomes the active management module
509Displaying Management Information
- Active Management Module Commands
  - Show Modules
  - ■System Support Modules (SSM)—identification,including serial number
  - Mini-GBICS—a
  - Syntax: show modules [details]
  - Displays information about the installed modules, including:
  - •The slot in which the module is installed
  - •The module description
  - •The serial number
  - Show Redundancy
  - 510Figure 15-14.Example of show redundancy Command
    - Show Flash
  - 511Figure 15-15.Example of Show Flash Command
    - Show Version
  - Figure 15-16.Example of Show Version Command when Redundancy is Enabled
  - 512Figure 15-17.Example of show version Command when Redundancy is Disabled
    - Show Log
  - show log -r
  - Figure 15-18.An Example of the Show Log Command Output
- 513Standby Management Module Commands
  - Figure 15-19.Example of Show Redundancy Command for Standby Module
  - 514Figure 15-20.Example of Show Flash Command for Standby Module
  - Figure 15-21.Example of Show Version Command for Standby Module
515Existing CLI Commands Affected by Redundant Management
- Several existing commands have changes related to redundant management
- Boot Command
  - The boot command has these options
  - Figure 15-23.Example Showing boot Command with Default Flash set to Secondary
    - files can be specified as the default boot policy. For more information on
    - multiple configuration files and how they are used, see “Multiple
    - this guide
- 517Setting the Default Flash for Boot
  - Syntax: boot set-defaultflash <primary | secondary
  - primary:
  - secondary:
- 518Reload Command
  - routine
  - 519Figure 15-25.Example of Reload Command with Redundancy Enabled
- 520Additional Commands Affected by Redundant
- Management
  - The other existing commands operate with redundant management as shown below
522Using the Web Browser for Redundant
Management
- Using the ProCurve Web Browser Interface
- Identity Page
- 523Overview Page
  - ■Which module is the active module and which is the standby module
  - ■Version of software running on each management module
  - ■The SystemUp Time since the last reboot
- Redundancy Status Page
  - Redundancy Status
  - Status
- 524Device View Page
  - Device View
  - Configuration
  - 525Figure 15-29.Device View Showing Two Management Modules
526Management Module LED Behavior
- Active (Actv) LED Behavior
  - Figure 15-30.The Actv LED on the Management Module
  - Table 15-2.Actv (Active) LED Behavior for Management Modules
- Standby Led Behavior
527Logging Messages
- Log File
  - Syntax: show logging
  - Displays log events
  - show logging
    - An example of the log file listing is shown in Figure
  - Figure 15-31.Log File Listing
- 528Crash Files
  - crash-log
  - and copy
  - crash-data
  - slot-id:
- Displaying Saved Crash Information
  - 529Figure 15-32.An Example of the System Boot Log File
530Notes on How the Active Module is Determined
- The entire boot decision process works as follows:
- 1.If there is only one management module, that is the active management module
- Diagram of Decision Process
- 531Figure 15-33.Active Module Decision Flow Chart at Boot
532Event Log Messages
535File Transfers
- 536TFTP: Copying a Software Image to a Remote Host . . . . . . . . . A-27
- Serially Connected PC or UNIX Workstation . . . . . . . . . . . . . . . A-27
- USB: Copying a Software Image to a USB Device . . . . . . . . . . . A-28
- USB: Copying a Configuration File to a USB Device . . . . . . . . . A-34
- USB: Copying a Configuration File from a USB Device . . . . . . A-34
- Xmodem: Uploading an ACL Command File from a Serially
- USB: Uploading an ACL Command File from a USB Device . . A-37
- A-2
- 537A-3
538Downloading Switch Software
- A-4
- 539General Software Download Rules
- Using TFTP To Download Software from a Server
  - ■The TFTP server is accessible to the switch via IP
  - Before you use the procedure, do the following:
  - A-5
  - Menu: TFTP Download from a Server to Primary Flash
  - Note that the menu interface accesses only the primary flash
  - In the console Main Menu, select
  - 540Download OS
  - Figure A-1.Example of a Download OS (Software) Screen (Default Values)
  - TFTP Server
  - ecute
  - Figure A-2.Example of the Download OS (Software) Screen During a Download
    - A-6
  - 541Validating and writing system software to FLASH
  - b.Check the Firmware revision line
  - Figure A-3.Example of Message for Download Failure
    - A-7
  - 542show log tftp
  - Remote File Name
  - 543Figure A-4.Example of the Command to Download an OS (Switch Software)
  - Validating and Writing System Software to FLASH …
    - Boots from the selected flash
    - (For more on these commands, refer to “Rebooting the Switch” on page 6-19.)
    - To confirm that the software downloaded correctly, execute
  - show system
    - reboots the entire system
    - A-9
    - Enabling TFTP
    - Syntax: [no] tftp <client | server [listen <oobm|data|both>]
    - • For switches that have a separate out-of-bandmanagement
    - to specify whether transfers take place through the out-of
    - band management (oobm) interface, the data interface, or
    - both. Refer to Appendix I, “Networked Out-of-Band
    - Management (OOBM)” in this guide for more information
    - on out-of-bandmanagement
    - To disable all TFTP client or server operation on the switch except for the
    - auto-TFTPfeature, enter the no tftp <client | server> command
  - 544no tftp
  - client
  - server
    - Menu interface “Download OS” screen become unavailable
    - switch’s configuration
    - Guide for your switch
    - A-10
    - Using Auto-TFTP
  - 545boot system flash primary
    - Syntax: auto-tftp <ip-addr > <filename
  - auto tftp
- 546Using Secure Copy and SFTP
  - SCP channels
  - third-partyapplication software client that supports the SFTP and/or SCP
  - functions. Some examples of software that supports SFTP and SCP are
  - differences in the way these clients work, so be sure you also download the
  - documentation
  - and it connects to a standalone TFTP server or another ProCurve switch
  - upgrade multiple switches simultaneously and securely
  - tunnel, some of the commands are the same as FTP commands. Certain
  - that create files or folders. If you try to issue commands such as create or
  - create
    - remove using SFTP the switch server returns an error message
  - remove
    - only with SSH version 2 (SSH v2)
    - use. Some examples are:
    - A-12
  - rcp
    - How It Works
- 547The SCP/SFTP Process
  - Disable TFTP and Auto-TFTPfor Enhanced Security
  - ; J8697 Configuration Editor; Created on release #K.11.XX
  - hostname "ProCurve" module 1 type J8702A module 2 type J702A vlan
  - name "DEFAULT_VLAN" untagged A1-A24,B1-B24
  - ip address 10.28.234.176 255.255.240.0 exit
  - ip ssh filetransfer
  - no tftp-enablepassword manager
  - password operator
  - 548Figure A-5.Example of Switch Configuration with SFTP Enabled
    - Operating rules are:
    - A-14
  - 549Figure A-6.Using the Menu Interface To Disable TFTP
    - While SFTP is enabled, TFTP and
    - SFTP must be disabled before enabling tftp
    - SFTP must be disabled before enabling auto-tftp
    - Command Options
    - If you need to enable SSH v2 (which is required for SFTP) enter this command:
    - ProCurve(config)# ip ssh version
    - A-15
    - To confirm that SSH is enabled type in the command
    - ProCurve(config)# show ip ssh
  - 550$HOME/.ssh/known_hosts
    - SCP/SFTP Operating Notes
    - IP file transfer not enabled on the switch
    - A-16
    - Troubleshooting SSH, SFTP, and SCP Operations
    - SFTP clients will print out on their console
    - in use to display them on the user console
    - Broken SSH Connection. If an ssh connection is broken at the wrong
  - 552Broken SSH Connection
    - (SSH, SCP, or SFTP)
    - A-18
    - 553ssh: read error Bad file number, session aborted I 01
    - 01/90 00:06:11 00636 ssh: sftp session from
    - ::ffff:10.0.12.35 W 01/01/90 00:06:26 00641 ssh:
    - 01/90 00:09:54 00637 ssh: scp session from
    - ::ffff:10.0.12.35 W 01/01/90
    - ssh: scp read error Bad file number, session aborted
    - The Bad file number is from the system error value and may differ
    - read was closed as the device read was about to occur
    - will not allow the SCP or SFTP session to start. Depending on the client
    - Received disconnect from 10.0.12.31: 2: Flash access
    - in progress
    - lost connection
    - session is started from a client before the previous client session has been
    - session):
    - Received disconnect from 10.0.12.31: 2: Wait for
    - previous session to complete
    - session or one SCP session at a time. If a second session is initiated (for
    - then the following error message may appear on the client console:
    - session running
    - A-19
- 554Using Xmodem to Download Switch Software From a PC or UNIX Workstation
  - The switch is connected via the Console
  - ■The switch software is stored on a disk drive in the PC
  - Send File
  - ransfer
    - Menu: Xmodem Download to Primary Flash
    - 1.From the console Main Menu, select
  - 7.Download OS
  - XMODEM
  - Press enter and then initiate Xmodem transfer
  - from the attached computer
    - a.Click on Transfer, then Send File
  - Transfer
    - b.Type the file path and name in the Filename field
    - c.In the Protocol field, select Xmodem
  - Xmodem
    - d.Click on the [Send] button
    - A-20
  - 555Continue reboot of system? : No
  - 1.General System Information
  - Firmware revision
- 556Using USB to Transfer Files to and from the Switch
  - Auxiliary Port
  - 557dir
    - ■ The USB port supports connection to a single USB device. USB hubs to
    - add more ports are not supported
    - Release Notes for information on supported devices
    - Using USB to Download Switch Software
  - Figure A-7.Example of the Command to Copy Switch Software from USB
  - Validating and Writing System Software to the Filesystem.…
- 558Switch-to-SwitchDownload
  - A-24
  - Menu: Switch-to-SwitchDownload to Primary Flash
  - 5597. Download OS
  - /os/secondary
  - 560Downloading from Primary Only
    - Syntax: copy tftp flash < ip-addr > flash [ primary | secondary ] [oobm]
    - A-26
- 561Using PCM+ to Update Switch Software
562Copying Software Images
- Using the CLI commands described in this section, you can copy software
- images from the switch to another device using tftp, xmodem, or usb
- flash, refer to Chapter 6, “Switch Memory and Configuration”
- TFTP: Copying a Software Image to a Remote Host
- Syntax: copy flash tftp < ip-addr > < filename > [oobm]
- This command copies the primary flash image to a TFTP
- port, the oobm parameter specifies that the transfer will be
- through the out-of-bandmanagement interface. If this
- do not have a separate out-of-bandmanagement port. Refer to
- for more information on out-of-bandmanagement
- of 10.28.227.105:
- ProCurve# copy flash tftp 10.28.227.105 k0800.swi
- where k0800.swi is the filename given to the flash image being copied
- Xmodem: Copying a Software Image from the Switch to a
- Serially Connected PC or UNIX Workstation
- or UNIX workstation
- Syntax: copy flash xmodem < pc | unix
- switch to a PC or Unix workstation
- A-28
- For example, to copy the primary flash image to a serially connected PC:
- 1.Execute the following command:
- Procurve# copy xmodem flash
- Press ‘Enter’ and start XMODEM on your host
- 2.After you see the above prompt, press [Enter]
- 3.Execute the terminal emulator commands to begin the file transfer
- USB: Copying a Software Image to a USB Device
- Syntax: copy flash usb < filename
- For example, to copy the primary image to a USB flash drive:
- 1.Insert a USB device into the switch’s USB port
- 2.Execute the following command:
- Procurve# copy flash usb k0800.swi
563Transferring Switch Configurations
- Using the CLI commands described in this section, you can copy switch
- replace an ACL in the switch configuration
- described in the section on Using Secure Copy and SFTP on page A-12
- keys, and other security credentials in the running config file. For more
- in the Access Security Guide for your switch
- copy config < filename > tftp < ip-addr > < remote-file > [ pc | unix ] [oobm]
- 564sw8200
  - ProCurve# copy startup-configtftp 10.28.227.105 d:\configs\sw8200
  - A-30
  - ProCurve# copy tftp startup-config10.28.227.105 d:\configs\sw8200
  - TFTP: Copying a Customized Command File to a Switch
- 565show-tech
- show tech custom
  - A-31
  - Syntax: copy tftp show-tech<ipv4 or ipv6 address> <filename> [oobm]
  - Copy a customized command file to the switch
- 566Figure A-10.Example of Using the copy tftp show-techCommand to Upload a
- Customized Command File
  - Syntax: show tech custom
  - Executes the commands found in a custom file instead of the hard-codedlist
- Figure A-11.Example of the show tech custom Command
  - A-32
  - 568A-34
  - 569USB: Copying a Configuration File to a USB Device
  - For example, to copy the startup configuration file to a USB flash drive:
  - Procurve# copy startup-configusb procurve-config
  - procurve-config
  - USB: Copying a Configuration File from a USB Device
  - Syntax: copy usb startup-config< filename
  - For example, to copy a configuration file from a USB device to the switch:
  - Procurve# copy usb startup-config procurve-config
  - where procurve-config is the name of the file to copy
  - At the prompt, press
  - A-35
570Transferring ACL Command Files
- TFTP: Uploading an ACL Command File from a TFTP Server
- Syntax: copy tftp command-file< ip-addr > < filename.txt > < unix | pc > [oobm]
- filename
- <ip-addr > = The IP address of a TFTP server available to the switch
- [oobm]
- ■Creates a new ACL
- ■Adds to an existing ACL
- A-36
- For example, suppose you:
- 1.Created an ACL command file named vlan10_in.txt to update an existing ACL
- 571vlan10_in.txt
  - 2.Copied the file to a TFTP server at
  - ProCurve(config)# copy tftp command-file18.38.124.16 vlan10_in.txt pc
  - The switch displays this message:
  - Running configuration may change, do you want to continue [y/n]
  - To continue with the upload, press the [Y] key. To abort the upload, press the
- Figure A-12.Example of Using the Copy Command to Download and Configure an ACL
  - A-37
  - 572Xmodem: Uploading an ACL Command File from a Serially
  - Connected PC or UNIX Workstation
  - Syntax: copy xmodem command-file< unix | pc
  - USB: Uploading an ACL Command File from a USB Device
  - Syntax: copy usb command-file< filename.txt > < unix | pc
  - <unix | pc > = The type of workstation used to create the text file
  - 2.Copied the file to a USB flash drive
  - A-38
  - ProCurve(config)# copy usb command-filevlan10_in.txt pc
  - Event Log: Copies the switch’s Event Log into a file on the destination device
  - Crash Data:
  - Crash Log:
  - ■Remote Host via TFTP
  - ■Physically connected USB flash drive via the switch’s USB port
- 573USB
  - ■Serially connected PC or UNIX workstation via Xmodem
- Xmodem
  - A-39
  - Copying Command Output to a Destination Device
  - cli-command
  - filepath filename
- 574Figure A-13.Example of Sending Command Output to a File on an Attached PC
  - A-40
  - Copying Event Log Output to a Destination Device
  - copy event-logxmodem <filename
  - For example, to copy the event log to a PC connected to the switch:
- 575Figure A-14.Example of Sending Event Log Content to a File on an Attached PC
  - Copying Crash Data Content to a Destination Device
  - A-41
  - copy crash-data [<slot-id | mm>] xmodem
  - For example, to copy the switch’s crash data to a file in a PC:
- 576Figure A-15.Example of Copying Switch Crash Data Content to a PC
  - When you are using redundant management, the
579Enabling or Disabling the USB Port
- Figure A-17.Example of show usb-portCommand Output on version K.13.59 and later
- Figure A-18.Example of show usb-portCommand Output on version K.14.XX
- 580Behavior of Autorun When USB Port is Disabled
  - Software Versions K.13.XX Operation
  - Software Version K.14.XX Operation
  - A-46
581Using USB Autorun
- The overall USB autorun solution requires the following components:
- The network management application
- ProCurve Manager Plus
- ■A non-proprietaryUSB flash drive
- How It Works
  - steps 1, 2, and 7 require an upcoming update to PCM+ as described above
  - Creating the AutoRun file in PCM+, includes the following steps:
  - a.specify the target device or devices
  - b.create the CLI script to be executed on the target device(s)
  - c.determine if the file will be signed and/or encrypted
  - A-47
  - 5822.Deploy the AutoRun file to a USB flash drive
  - (If the AutoRun file has been signed or encrypted) Enable
  - 5.Insert the USB flash drive into the switch’s USB auxiliary port
  - 6.Remove the USB device from the USB port
  - (Optional) Transfer the ‘result file’ and ‘report file’ to a
  - Security Considerations
  - ■Disable autorun by setting an operator or manager password
  - ■Disable or re-enablethe USB autorun function via the CLI
  - A-48
  - Troubleshooting Autorun Operations
  - You can verify autorun operations by checking the following items:
  - 583AutoRun Status Files
    - Report file(s) (.xml
    - Result file(s) (.txt
    - Manager documentation for details)
    - been executed after the USB flash drive was removed from the switch
    - A-49
  - Event Log or Syslog
- 584Configuring Autorun on the Switch
  - Syntax: [no] autorun [encryption-key <key-string>| secure-mode]
  - Enables/disables USB autorun on the switch
  - Use the secure-mode keyword to enable or disable secure mode for autorun
  - Default: Enabled (or Disabled if a password has been set)
  - Enabling Secure Mode
  - autorun encryption key
    - contain the private key and the matching public key in a X509 certificate
    - A-50
    - Operating Notes and Restrictions
  - 585crypto key zeorize autorun
    - Autorun and Configuring Passwords
  - autorun
- 586Viewing Autorun Configuration Information
  - show autorun
587Monitoring and Analyzing Switch Operation
- 588B-26
- B-27
- B-29
- B-32
- B-33
- B-34
- Remote Mirroring Endpoint and Intermediate Devices
- B-35
- B-36
- Migration to Release K.14.01 or Greater
- Using the Menu or Web Interface To Configure Local Mirroring
- B-38
- Menu and Web Interface Limits
- B-39
- B-42
- B-43
- B-45
- B-48
- 2. Configure a Mirroring Destination on a Remote Switch
- B-49
- 3. Configure a Mirroring Session on the Source Switch
- B-51
- 4. Configure the Monitored Traffic in a Mirror Session
- B-54
- B-55
- Selecting All Inbound/Outbound Traffic to Mirror
- B-56
- Port Interface with Traffic Direction as the Selection Criteria
- B-58
- Selecting Inbound Traffic Using an ACL (Deprecated)
- Selecting Inbound/Outbound Traffic Using a MAC Address
- B-62
- Selecting Inbound Traffic Using Advanced
- B-65
- Classifier-BasedMirroring Configuration
- B-66
- B-2
- 590Status:
  - ■Counters: Display details of traffic volume on individual ports (page B-15)
- Counters:
- Event Log
- Configurable trap receivers:
- Port monitoring (mirroring):
  - Link test and ping test—analysistools in troubleshooting situations—are
  - page C-62
591Status and Counters Data
- to the console. Telnet access to the switch is available in the Device View
- window under the Configuration tab
- 592Menu Access To Status and Counters
  - 1. Status and Counters
  - Figure B-1.The Status and Counters Menu
- 593General System Information
  - Menu Access
  - Figure B-2.Example of General Switch Information
    - CLI Access to System Information
  - 594Figure B-3.Example of Command Results for show system chassislocate
  - Command
  - Figure B-4.Example of System Fan Status
  - Figure B-5.Example of Switch System Information
- 595Task Monitor—CollectingProcessor Data
  - task-monitor
  - cpu
  - taskusage
  - taskUsageShow
  - show cpu
  - Figure B-6.Example of the task-monitorcpu Command and show cpu Output
- 596Switch Management Address Information
  - 1 Status and Counters …
  - 2. Switch Management Address Information
    - 597This screen displays addresses that are important for management of the
    - address for the entire switch. Refer to the online Help for details
    - existing on the switch as a result of GVRP operation.)
    - chapter of the Advanced Traffic Management Guide for your switch
    - chapter of the
    - CLI Access
    - B-11
- 598Module Information
  - Menu: Displaying Port Status
  - 1.Status and Counters …
  - 3.Module Information
  - Figure B-8.Example of Module Information in the Menu Interface
  - 599show modules
  - Figure B-9.Example of the show modules Command Output
    - does not display as the ports are fixed and not part of any module
- 600Port Status
  - B-14
  - Figure B-11.Example of Port Status on the Menu Interface
    - Web Access
    - 1.Click on the Status tab
  - 2.Click on [Port Status]
- 601Viewing Port and Trunk Group Statistics and Flow Control Status
  - B-15
  - ■A detailed summary of traffic on a selected port or trunk group
  - You can also reset the counters for a specific port
  - “snapshot” of port or trunk group statistics at a particular moment
  - useful for troubleshooting. Refer to the “Note On Reset”, below
  - 602N o t e o n R e s e t
    - does not affect the cumulative values in the actual hardware counters. (In
    - to the accumulated values in the hardware counters
    - B-16
    - Menu Access to Port and Trunk Statistics
  - 6034.Port Counters
  - Figure B-12.Example of Port Counters on the Menu Interface
  - how Details
  - Figure B-13.Example of the Display for Show details on a Selected Port
  - Reset
    - CLI Access To Port and Trunk Group Statistics
  - 604To Display the Port Counter Summary Report
  - To Display a Detailed Traffic Summary for Specific Ports
  - To Reset the Port Counters
  - clear statistics global
  - clear statistics
  - global
  - 2.Click on [Port Counters]
  - [Refresh]
    - To reset the port counters to zero, you must reboot the switch
- 605Viewing the Switch’s MAC Address Tables
  - These features help you to view:
  - ■The port on which each MAC address was learned
  - Menu Access to the MAC Address Views and Searches
  - B-19
  - 608CLI Access for MAC Address Views and Searches
- 609Spanning Tree Protocol (MSTP) Information
  - CLI Access to MSTP Data
  - Syntax: show spanning-tree
  - Figure B-17.Output from show spanning-treeCommand
    - B-23
- 610Internet Group Management Protocol (IGMP) Status
  - For example, suppose that show ip igmp listed an IGMP group address of
  - 224.0.1.22.You could get additional data on that group by executing the
  - following:
  - Figure B-18.Example of IGMP Group Data
    - B-24
- 611VLAN Information
  - The switch uses the CLI to display the following VLAN status:
  - For example, suppose that your switch has the following VLANs:
  - Ports
  - VLAN
  - Figure B-19.Example of VLAN Listing for the Entire Switch
    - B-25
  - 612Listing the VLAN ID (VID) and Status for Specific Ports
  - Figure B-20.Example of VLAN Listing for Specific Ports
  - Listing Individual VLAN Status
  - Figure B-21.Example of Port Listing for an Individual VLAN
- 613Web Browser Interface Status Information
  - Figure B-22.Example of a Web Browser Interface Status Overview Screen
614Traffic Mirroring
- Traffic mirroring provides the following benefits:
- ■Allows you to monitor the traffic flow on specific source interfaces
- Mirroring destinations
  - local
  - four
  - B-28
- 615C o n f i g u r a t i o n N o t e s
- Tr a f f i c
- S e l e c t i o n
- Selecting mirrored traffic
  - inbound and outbound
  - Direction-based
  - inbound or outbound
  - inbound only
- K.14.01 or greater
  - The following commands have been deprecated:
- mesh
- ■vlan < vid-# > monitor ip access-group <acl-name> in
- mirror < 1 - 4 | name-str
- K.13
- 616Mirroring Terminology
  - local mirroring session
  - A remote mirroring session means that:
  - means that:
  - •The monitored interface (A1) and exit port (B7) are on different switches
  - B-30
  - 617Figure B-23.Local and Remote Sessions Showing Mirroring Terms
  - Destination :
    - Exit Port
    - Host
  - Direction-Based
  - Mirroring:
  - Exit Port:
  - 618IDS:
    - ing session are on the same switch
    - source switch on which the inbound and/or outbound traffic to be mir
    - rored originates, configured with one of the interface monitor or vlan
  - interface monitor
    - Session” on page B-55)
    - Remote Mirroring: The monitored (source) interface and exit port in a
  - Remote Mirroring:
    - must always configure the IP destination address and exit port (the
    - by using the following commands:
    - - On the remote (destination) switch:
    - mirror endpoint ip <src-ip > <src-udp-port > < dst-ip > <exit-port
    - - On the local (source) switch:
    - mirror <session > remote ip <src-ip > <src-udp-port > <dst-ip
  - remote ip
    - on the Source Switch” on page B-52
    - traffic to be mirrored originates. See also Monitored Interface
- 619Mirrored Traffic Destinations
  - Local Destinations
  - Remote Destinations
  - remote
  - ■ 3500yl
  - ■ 5400zl
  - ■ 6200yl
  - ■ 8200zl
  - device connected to an exit port. In a remote mirroring session which uses
- Monitored Traffic Sources
  - You can configure mirroring for traffic entering or leaving the switch on:
  - Ports and static trunks:
  - Meshed ports:
- 620Criteria for Selecting Mirrored Traffic
- Mirroring Session Limits
- Mirroring Sessions
  - ■You can reduce the risk of oversubscribing a single exit port by:
  - •Directing traffic from different session sources to multiple exit ports
  - Configuring an exit port with a higher bandwidth than the monitored source port
  - ■You can segregate traffic by type, direction, or source
- 621Mirroring Configuration
  - Table B-1.Mirroring Configuration Options
    - 622Using the CLI, you can configure all mirroring options on a switch
    - except
    - Remote Mirroring Endpoint and Intermediate Devices
    - The exit port for a mirroring destination must be an individual port, and
    - ■A switch mirrors traffic on static trunks, but not on dynamic LACP trunks
    - 623Migration to Release K.12.xx
    - ■A legacy mirroring configuration on a port or VLAN interface maps to session
    - Traffic-selection
    - and
    - ■In a legacy mirroring configuration, a local exit port is applied to session
    - to boot the switch from a legacy (pre-K.12.xx)software version after using
    - configuration before booting with the earlier software
    - traffic adds a 54-byteheader to each mirrored frame. If a resulting frame
    - information, refer to “Maximum Supported Frame Size” on page B-92
    - mirroring frames will be dropped. Also, remote mirroring does not allow
    - downstream devices in a mirroring path to fragment mirrored frames
    - Migration to Release K.14.01 or Greater
    - If a switch is running software release K.12.xx, you must first upgrade to
    - release K.13.xx before migrating the switch to release K.14.01 or greater
    - that is running release K.13.xx and has one or more mirroring sessions
    - is mapped to a class and policy configuration based on the ACL
    - The new mirroring policy is automatically configured on the same port or
    - B-37
    - ProCurve(config)# show run
    - ip access-listextended "100
    - 10 permit icmp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 0 exit
    - mirror 1 port C1
    - interface C1
    - monitor ip access-group"100" In mirror 1 exit
  - 624Figure B-24.Mirroring Configuration in “show run” Output in Release K.13.xx
    - mirror
    - name
    - "test-10"remote ip 10.10.10.1 8010
    - class ipv4 “100MirrorClass”
    - 10 match icmp 0. 255.255.255.255 0.0.0.0 255.255.255.255
    - policy mirror “100MirrorPolicy”
    - service-policy"100MirrorPolicy" In exit
- 625Using the Menu or Web Interface To Configure Local Mirroring
  - Menu and Web Interface Limits
  - ■any combination of source port(s), trunk(s), and/or a mesh
  - ■one static, source VLAN interface
  - The Menu and Web interfaces also have these limits:
  - automati cally reconfigures the session
  - Configuration Steps
  - 6263. Network Monitoring Port
  - Figure B-26.The Default Network Mirroring Configuration Screen
  - Monitoring Port
  - 627Figure B-27.How To Select a Local Exit Port
    - Ports: Use for mirroring ports, static trunks, or the mesh
  - Ports:
    - VLAN: Use for mirroring a VLAN
    - 7.Do one of the following:
    - •If you are mirroring ports, static trunks, or the mesh, go to step
    - •If you are mirroring a VLAN:
    - i. Press [Tab] or the down arrow key to move to the VLAN field
  - [Tab]
    - ii.Use the Space bar to select the VLAN you want to mirror
    - iii.Go to step
    - B-41
    - Use the down arrow key to move the cursor to the
  - 628Action
- 629CLI: Configuring Local and Remote Mirroring
  - ■The same switch as the source interface (local mirroring)
  - ■ “Local Mirroring Overview” on page B-44
  - ■ “Remote Mirroring Overview” on page B-46 (The remote switch must be
  - chapter.)
  - “1. Determine the Mirroring Session and Destination” on page B-49
  - “3. Configure a Mirroring Session on the Source Switch” on page B-52
  - “4. Configure the Monitored Traffic in a Mirror Session” on page B-55:
  - • “Selecting All Inbound/Outbound Traffic to Mirror” on page B-57
  - (Deprecated in release K.14.01 and greater)
  - B-63
  - • “Selecting Inbound Traffic Using Advanced Classifier-BasedMirror
  - ing” on page B-66
  - configure the exit switch for a remote mirroring session before configuring
  - the source switch for the same session
  - Local Mirroring Overview
  - 1. Determine the session and local destination port:
  - • Session number (1-4)and (optional) alphanumeric name
  - 2. Enter the
  - 630name
    - command to configure the session
    - B-44
  - 632Configure a Mirroring Policy to Select Inbound Traffic (Page B-66)
    - class < ipv4 | ipv6 > < classname
    - classname
    - [no] [seq-number]< match | ignore > < ip-protocol > < source-address
    - precedence
    - tos
    - ip-dscp
    - policy mirror < policy-name
    - [no] [seq-number]class < ipv4 | ipv6 > <classname> action mirror <ses
    - seq-number
    - ses
    - sion
    - [action mirror < session > ... ]
    - [no] default-classaction mirror < session-#
    - port/trunk
  - Configure MAC-basedCriteria to Select Traffic (Page B-63)
    - [no] monitor mac < mac-addr > < src | dst | both > mirror < session
    - Enter the monitor mac mirror command at the global configuration level
  - monitor mac mirror
    - Remote Mirroring Overview
    - a.Source VLAN or subnet IP address on the source switch
    - b.Destination VLAN or subnet IP address on the destination switch
    - c.Random UDP port number for the session (7933-65535)
  - Requirement
    - B-46
  - 633Caution
  - 634Configure the Mirroring Destination on a Remote Switch (Page B-50):
  - IP Address and UDP Port on Source Switch
  - IP Address and Exit Port on Remote Switch
    - mirror endpoint ip
    - > port
    - The mirror endpoint ip command configures:
    - ■The IP address of the source switch to use in the session
    - ■The IP address and exit-portnumber on the remote (endpoint) switch
  - Configure the Mirroring Source on the Local Switch (Page B-52)
    - src-udp-port
  - no mirror <1 - 4
  - Configure ACL Criteria to Select Inbound Traffic (Page B-62)
    - mirror < 1 - 4 | name-str > [< 1 - 4 | name-str > ... ]
- 6351. Determine the Mirroring Session and Destination
  - or leaves the source switch
  - ■ The unique UDP port number to use for the session on the source switch
  - (The recommended port range is from 7933 to 65535.)
  - these port numbers for mirroring can result in an interruption of other IP
  - point) switch and sent to the device connected to the remote exit port
- 6362.Configure a Mirroring Destination on a Remote Switch
  - Configuring a Destination Switch in a Remote Mirroring Session
    - B-50
    - no mirror endpoint ip < src-ip > < src-udp-port > < dst-ip
    - This command is used on a destination switch to configure
    - the remote endpoint of a mirroring session. The command
    - uniquely associates the mirrored traffic from the desired
    - session on a monitored source with a remote exit port on the
    - destination switch. You must use the same set of source and
    - destination parameters you when configure the same session
    - on both the source and destination switches
    - information
    - The no form of the command deletes the mirroring endpoint
    - for the configured session on the remote destination switch
    - Caution: Do not remove the configuration of a remote
  - 637Caution:
    - mirroring endpoint support for a given session if there are
    - source switches currently configured to mirror traffic to the
    - endpoint
    - address you configure on the source switch for the remote
    - session
    - — Continued —
  - src-udp-port
  - <src
  - udp-port
  - dst-ip
- 6383.Configure a Mirroring Session on the Source Switch
  - B-52
  - For a local mirroring session, enter the
  - 639mirror port
    - “1. Determine the Mirroring Session and Destination” on page
    - B-49
    - Syntax: mirror < 1 - 4 > port < exit-port-# > [name < name-str >]
    - no mirror < 1- 4
    - This command assigns the exit port to use for the specified
    - mirroring session, and must be executed from the global
    - configuration level
    - The no form of the command removes the mirroring session
    - and any mirroring source previously assigned to that
    - session. To preserve the session while deleting a mirroring
    - source assigned to it, refer to the no command descriptions
    - under “4. Configure the Monitored Traffic in a Mirror
    - Session” on page B-55
    - < 1 - 4 >: Identifies the mirroring session created by this
  - < 1 - 4
    - command. (Multiple sessions on the switch can use the
    - same exit port.)
    - to identify the session (up to 15 characters in length)
    - session. This is the port to which a traffic analyzer or IDS
    - is connected
    - Remote Switch” on page B-50
    - B-53
  - 640src-ip
- 6414.Configure the Monitored Traffic in a Mirror Session
  - Traffic Selection Options
  - ■Interface type
  - •Port, trunk, and/or mesh
  - •VLAN
  - •Switch (global configuration level)
  - ■Traffic direction and selection criteria
  - •All inbound and/or outbound traffic on a port or VLAN interface
  - Only inbound IP traffic selected with an ACL (deprecated in software release
  - 642K.14.01 and greater
    - Only inbound IPv4 or IPv6 traffic selected with a
    - ■“Selecting All Inbound/Outbound Traffic to Mirror” on page B-57
    - ■“Selecting Inbound Traffic Using an ACL (Deprecated)” on page B-62
    - ■“Selecting Inbound/Outbound Traffic Using a MAC Address” on page B-63
    - “Selecting Inbound Traffic Using Advanced
    - Mirroring-SourceRestrictions
    - ■Multiple port and trunk, and/or mesh interfaces
    - ■One VLAN
    - ■One classifier-basedpolicy
- 643Selecting All Inbound/Outbound Traffic to Mirror
  - Port Interface with Traffic Direction as the Selection Criteria
  - port/trunk/mesh
  - 644monitor all < in | out | both >: For the interface specified by
    - in: Mirrors entering traffic
    - out: Mirrors exiting traffic
  - out
    - both: Mirrors traffic entering and exiting
  - monitor all
  - mirror < 1 - 4 |
  - interface a1 monitor all in mirror 1 2
  - 1 - 4
  - [no-tag-added]:
    - Untagged Mirrored Packets
  - 645no-tag-added
  - Figure B-28.Mirroring Commands with the no-tag-addedOption
    - ProCurve# show monitor
    - The MIB object hpicfBridge- DontTagWithVlan is used to implement the
    - no-tag-added
    - option, as shown below:
    - hpicfBridgeDontTagWithVlan OBJECT-TYPESYNTAX INTEGER
    - enabled(1)
    - disabled(2)
    - MAX-ACCESS read-write
    - STATUS current
    - DESCRIPTION
    - B-59
  - 646Operating Notes
  - Cannot monitor more than one logical port with no-tag-addedoption
  - 647vlan
    - Uses the direction of traffic on the specified
    - to select traffic to mirror. Refer to the syntax description on
    - B-57
    - (If you enter the
    - B-96.)
    - asession, refer to “Mirroring-SourceRestrictions” on page B-56
- 648Selecting Inbound Traffic Using an ACL (Deprecated)
- 649Selecting Inbound/Outbound Traffic Using a MAC Address
  - 650src
  - dest
  - no monitor mac
  - dest mirror
  - monitor mac
  - mac-addr
  - 651mirror 1 2 3 traffsrc4
  - [name
  - R e s t r i c t i o n s
  - monitor mac 111111-222222src mirror
  - monitor mac 111111-222222dest mirror
  - monitor mac
  - src mirror 3 monitor mac
- 652Selecting Inbound Traffic Using Advanced
- Classifier-BasedMirroring
  - ■Support for mirroring both IPv4 and IPv6 traffic
  - The ability to
  - 653■The mirroring of outbound traffic exiting the switch
  - ■The use of meshed ports as monitored (source) interfaces
  - If a mirroring session is configured to use a
  - Classifier-BasedMirroring Configuration
  - B-67
  - Create an IPv4 or IPv6 traffic class using the
  - 654Context:
    - Syntax: [no] class < ipv4 | ipv6 > <classname
  - ignore
  - default-class
  - 656session
  - Prerequisite
  - class action
  - session-number
  - Restriction
    - Mirroring is not executed on packets that match ignore criteria in a class
    - B-70
    - Context: Policy configuration
  - 657action
    - Advanced Traffic Manage ment Guide
    - a port or VLAN interface, the switch immediately starts to use the traffic
    - selection criteria and exit port to mirror traffic to the destination device
    - connected to each exit port
    - mance may be adversely affected by the stream of mirrored traffic
    - B-71
    - The following restrictions apply to a mirroring service policy:
    - ■Only one mirroring policy is supported on a port or VLAN interface
  - 658no interface
  - no vlan
  - a1, b4, d3
  - a1-a5
  - 659■show class < class-name
    - ■show policy < mirror-policy-name
  - show policy
  - ■show policy resources
  - show statistics policy
    - vlan id
    - Classifier-BasedMirroring Restrictions
    - ■A mirroring policy is supported only on inbound IPv4 or IPv6 traffic
    - Only one
    - ■You can enter multiple class action mirror statements in a policy
  - class action mirror
    - •You can configure only one mirroring session (destination) for each class
    - •You can configure the same mirroring session for different classes
    - B-73
    - 660B-74
    - Applying Multiple Mirroring Sessions to an Interface
    - All inbound and outbound traffic on Ports b1, b2, and b3 is mirrored in session
    - ■Only selected voice traffic on Port b1 is mirrored in session
  - 661Figure B-32.Example of Applying Multiple Sessions to the Same Interface
    - B-75
- 662Displaying a Mirroring Configuration
  - Displaying All Mirroring Sessions Configured on the Switch
  - Syntax: show monitor
  - Mirroring is currently disabled
    - Sessions: Lists the four configurable sessions on the switch
  - Sessions:
    - Status: Displays the current status of each session:
  - Status:
    - active: The session is configured
  - active:
  - inactive:
    - not defined: Mirroring is not configured for this session
  - not defined:
    - B-76
  - 663Sources:
  - Policy:
  - UDP Source Addr:
  - UDP port:
  - UDP Dest Addr:
  - Dest Port:
    - B-77
    - Displaying the Remote Endpoints Configured on the Switch
    - Syntax: show monitor endpoint
  - 664show monitor
  - | name
  - Type:
  - show monitor endpoint
    - ProCurve(config)# show monitor endpoint
    - Remote Mirroring - Remote Endpoints
    - Type UDP Source Addr UDP port UDP Dest Addr
    - Dest Port
    - B-78
    - Displaying the Mirroring Configuration for a Specific Session
    - Syntax: show monitor < 1 - 4 | name < name-str
    - Session: Displays the number of the specified session
  - 665Session:
    - Session Name: Displays the name of the session, if configured
  - Session Name:
  - Mirroring Destination:
  - 666Direction:
  - Figure B-35.Configuring a Remote Mirroring Session and Monitored Source
    - ProCurve_8200(config)# show monitor
    - Session: 2 Session Name: test-10
    - Policy: no policy relationship exists
    - UDP Dest Addr
    - Status
    - UDP
    - UDP port
    - active
    - Monitoring Sources
    - Both
  - Figure B-36.Displaying the Configuration of a Remote Mirroring Session
    - After you configure a MAC- based mirroring session (Figure
    - B-37)
  - Figure B-37.Configuring a MAC-basedMirroring Session
    - B-80
    - Session: 3 Session Name:
    - Mirror Destination: A1
    - Monitoring Sources Direction
    - MAC: 112233-445566Source
  - 667Figure B-38.Displaying a MAC-basedMirroring Session
    - ■Session number:
    - ■Session name: Detail
    - ■Mirrored traffic is sent to exit port B3
    - Session: 1 Session Name: Detail
    - Policy: MirrorAdminTraffic
    - Direction
  - Figure B-39.Displaying the Configuration of a Local Mirroring Session
    - B-81
  - 668Displaying Information on a Classifier-BasedMirroring Session. In
  - mirrorAdminTraffic
    - roCurve(config
    - Source
  - Figure B-41.Displaying a Classifier-basedPolicy in a Local Mirroring Session
    - B-82
  - 669Figure B-42.“show class” Output for a Mirroring Policy
  - Figure B-43.“show policy” Output for a Mirroring Policy
  - 670Figure B-44.“show statistics policy” Output for a Mirroring Policy
    - Displaying Resource Usage for Mirroring Policies
    - Syntax: show policy resources
  - show qos resources
  - access-list
  - resources
  - show <qos |
  - | policy> resources
    - B-84
    - 671B-85
    - Viewing the Mirroring Configurations in the Running
    - Configuration File
    - ;J8697A Configuration Editor; Created on release #K.12.XX max-vlans300
    - no ip address exit
    - mirror 1 port B3
    - mirror 2 name "test-10"remote ip 10.10.10.1 8010
    - interface B1
    - monitor ip access-group"100" In mirror 1 monitor all Both mirror
  - 672Figure B-47.Displaying Remote Mirroring Endpoints in the Running Configuration
    - B-86
- 673Mirroring Configuration Examples
  - Example: Local Mirroring Using Traffic-DirectionCriteria
  - 1.Configure the local mirroring session, including the exit port
  - 2.Configure the monitored source interfaces for the session
  - Figure B-48.Local Mirroring Topology
    - ProCurve(config)# mirror 1 port c24
    - Caution: Please configure destination switch first
    - Do you want to continue [y/n]? y
    - ProCurve(config)# interface a5,b17 monitor all in mirror
    - B-87
    - Example: Remote Mirroring Using a Classifier-BasedPolicy
  - 674Figure B-50.Sample Topology in a Remote Mirroring Session
    - Switch-C(config)#mirror
    - 10.10.10.119 930010.10.30.2 port a15
    - Switch-C(config)#mirror endpoint 10.10.20.145930010.10.30.2 port a15
    - B-88
    - 3Switch-A(config)#vlan 10 service-policymirrorTCP in
  - 675Figure B-52.Configuring a Classifier-BasedPolicy on Source Switch A
    - 4.On source switch B, repeat Steps 2 and 3:
    - B-89
    - Switch-B(config)#vlan 20 service-policymirrorTCP in
  - 676Figure B-53.Configuring a Classifier-BasedPolicy on Source Switch B
    - Example: Remote Mirroring Using Traffic-DirectionCriteria
    - B-90
  - 677Figure B-54.Sample Topology for Remote Mirroring from a Port Interface
    - Switch-C(config)#mirror endpoint ip 10.10.10.119
    - port b10
  - Figure B-55.Configuring a Remote Mirroring Endpoint
  - mirror 2 remote ip 10.10.10.119 9400
  - interface c12 monitor all in mirror
    - B-91
    - 1Switch-A(config)#mirror 2 remote ip 10.10.10.119 9400
    - 2Do you want to continue [y/n]? y
    - Switch-A(config)#interface c12 monitor all in mirror2
  - Figure B-56.Configuring a Remote Mirroring Session for Inbound Port Traffic
- 678Maximum Supported Frame Size
  - The IPv4 encapsulation of mirrored traffic adds a 54-byteheader to each
  - sion Unit) allowed in the network, the frame is dropped
  - dropped. Also, remote mirroring does not allow downstream devices in a
  - mirroring path to fragment mirrored frames
  - to the mirroring destination must be configured to support jumbo frames
  - B-92
  - Enabling Jumbo Frames To Increase the Mirroring Path MTU
  - 679Table B-2.Maximum Frame Sizes for Mirroring
    - B-93
    - Effect of Downstream VLAN Tagging on Untagged
    - Mirrored Traffic
  - 680Figure B-57.Effect of Downstream VLAN Tagging on the MTU for Mirrored Traffic
    - B-94
- 681Operating Notes for Traffic Mirroring
  - Mirroring and Spanning Tree:
  - Tagged and Untagged Frames:
  - no
  - tag-added
  - Effect of IGMP on Mirroring:
    - B-95
  - 682Inbound Mirrored IPv4-EncapsulatedFrames are Not Mirrored:
  - Switch Operation as Both Destination and Source:
  - < port > monitor
    - B-96
- 683Troubleshooting Traffic Mirroring
  - • The configured remote exit port must not be a member of a trunk or mesh
  - source to the destination
  - • On the remote destination (endpoint) switch, the IP addresses of the
  - remote exit port and the switch can belong to different VLANs
  - must be active
  - network performance problems, and is strongly discouraged by ProCurve
  - B-97
  - 684B-98
685Troubleshooting
- 686Example of Event Counter Operation
- Displaying a Debug/Syslog Configuration
- C-2
- 687DNS Resolver
689Troubleshooting Approaches
- Use these approaches to diagnose switch problems:
- Check the switch LEDs for indications of proper switch operation:
- Use ProCurve Manager to help isolate problems and recommend solu tions
- •Port Utilization Graph
- •Alert Log
- •Port Status and Port Counters screens
- •Diagnostic tools (Link test, Ping test, configuration file browser)
- •Status and Counters screens
- •Event Log
- C-5
690Browser or Telnet Access Problems
- Cannot access the web browser interface:
- 2. Switch Configuration …
- 2.Switch Management Address Information
  - also check the DHCP/Bootp server configuration to verify correct IP addressing
  - C-6
- 691Cannot Telnet into the switch console from a station on the network:
- Inbound Telnet Enabled
692Unusual Network Activity
- General Problems
  - The network runs slow; processes fail; users cannot access servers or
  - other devices
    - •Turn on Spanning Tree Protocol to block redundant links (i.e. topology loops)
    - •Check for FFI messages in the Event Log
    - Duplicate IP Addresses. This is indicated by this Event Log message:
  - Duplicate IP Addresses
  - ip: Invalid ARP source: IP address on IP address
    - C-8
    - ip: Invalid ARP source: < IP-address > on <IP-address
    - IP-address
  - The Switch Has Been Configured for DHCP/Bootp Operation, But Has
- 693802.1Q Prioritization Problems
  - Ports configured for non-defaultprioritization (level 1 - 7) are not
  - performing the specified action
- ACL Problems
  - C-9
  - 694Figure C-1.Indication that Routing Is Enabled
    - management access
    - If you need to configure IP routing, execute the ip routing command
  - ip routing
    - itself. Also, the switch applies assigned ACLs only at the point where
    - traffic enters or leaves the switch on a VLAN. Ensure that you have
    - correctly applied your ACLs (“in” and/or “out”) to the appropriate
    - VLAN(s)
  - same VLAN
    - VLAN from the management device
    - C-10
  - 695Error (Invalid input) when entering an IP address
  - Figure C-2.Examples of Correctly and Incorrectly Specifying a Single Host
  - Apparent failure to log all “Deny” Matches
  - log
  - deny any
  - permit any
  - The switch is not performing routing functions on a VLAN
    - Two possible causes of this problem are:
    - show running indicates that routing is not command to enable routing
    - C-11
  - 696Routing Through a Gateway on the Switch Fails
  - Remote Gateway Case
  - Figure C-3.Example of ACE Blocking an Entire Subnet
    - C-12
  - 697Figure C-4.Example of Inadvertently Blocking a Gateway
  - Local Gateway Case
    - 2.Permit authorized traffic
    - 3.Deny any unauthorized traffic that you have not already denied in step
    - C-13
- 698IGMP-RelatedProblems
- LACP-RelatedProblems
- 699Port-BasedAccess Control (802.1X)-RelatedProblems
  - 700The supplicant statistics listing shows multiple ports with the same
  - authenticator MAC address
  - The
    - 802.1X is not active on the switch. After you execute
    - , all ports configured with
    - should be listed as
  - Figure C-5.Authenticator Ports Remain “Open” Until Activated
    - C-16
  - 701RADIUS server fails to respond to a request for service, even though
  - show radius
    - key. If the switch already has a
  - Figure C-6.Displaying Encryption Keys
  - show port- access authenticator
    - C-17
- 702QoS-RelatedProblems
- Radius-RelatedProblems
  - The switch does not receive a response to RADIUS authentication
  - Figure C-7.Examples of Global and Unique Encryption Keys
- 703Spanning-TreeProtocol (MSTP) and Fast-Uplink
- Problems
  - tunity to evaluate MSTP performance in your network. Because incorrect
  - Broadcast Storms Appearing in the Network. This can occur when
    - the loop to be detected
    - C-19
  - Fast-Uplink
  - Troubleshooting
    - Problem sources can include:
    - ■Fast-Uplinkis configured on a switch that is the MSTP root device
    - Either the
    - Two edge switches are directly linked to each other with a
    - ■Fast uplink is configured on both ends of a link
    - A switch serving as a backup MSTP root switch has ports configured for
- 704SSH-RelatedProblems
  - pub-key
  - file
    - PEM-formatted
    - key into an
    - ASCII-formatted
    - key
    - The switch does not have a host key. Verify by executing show ip
    - host-public-key
    - If you see the message
    - ssh cannot be enabled until a host key is configured (use 'crypto' command)
    - C-20
- 706TACACS-RelatedProblems
  - Event Log
  - tacacs-server
    - C-22
    - ■The account has expired
    - ■The access attempt is through a port that is not allowed for the account
    - ■The time quota for the account has been exhausted
    - ■The time credit for the account has expired
    - ■The access attempt is outside of the time frame allowed for the account
    - ■The allowed number of concurrent logins for the account has been exceeded
    - default user
  - 707aaa authentication
  - num-attempts
    - C-23
- 708TimeP, SNTP, or Gateway Problems
  - The Switch Cannot Find the Time Server or the Configured Gateway
- VLAN-RelatedProblems
  - Monitor Port
  - None of the devices assigned to one or more VLANs on an 802.1Q
  - Link Configured for Multiple VLANs Does Not Support Traffic for One
    - C-24
  - 709Figure C-8.Example of Correct VLAN Port Assignments on a Link
    - C-25
  - Figure C-9.Example of Duplicate MAC Address
- 710Fan Failure
711Using the Event Log for Troubleshooting Switch Problems
- Reboot the switch by choosing the
- Event Log Entries
  - Severity
  - Date
  - Time Event number
  - System Module
  - 08/05/06
  - 10:52:32
  - ports: port A1 enabled
  - Figure C-10.Format of an Event Log Entry
    - Severity is one of the following codes (from highest to lowest severity):
  - Severity
    - M(major) indicates that a fatal switch error has occurred
    - E(error) indicates that an error condition occurred on the switch
    - W(warning) indicates that a switch service has behaved unexpectedly
    - C-27
    - I(information) provides information on normal switch operation
    - D(debug) is reserved for ProCurve internal diagnostic information
    - Date is the date in the format mm/dd/yy when an entry is recorded in the log
  - 712Date
    - Time is the time in the format hh:mm:ss when an entry is recorded in the log
  - Time
  - Event Number
  - log-number
  - System Module
    - Event Message is a brief description of the operating event
  - Event Message
  - Table C-1.Event Log System Modules
    - C-28
    - 713C-29
    - 714C-30
    - 715C-31
    - 716C-32
    - 717C-33
    - 718C-34
- 719Menu: Displaying and Navigating in the Event Log
  - Event Log
  - Figure C-11.Example of an Event Log Display
  - Table C-1.Event Log Control Keys
    - C-35
- 720CLI: Displaying the Event Log
  - Examples
- CLI: Clearing Event Log Entries
  - clear logging
- 721CLI: Turning Event Numbering On
- Using Log Throttling to Reduce Duplicate Event Log and SNMP Messages
  - Log Throttle Periods
  - Example of Log Throttling
  - W 10/01/06 09:00:33 PIM:No IP address configured on VID 100 (1)
  - 722Figure C-12.Example of the First Instance of an Event Message and Counter
    - C-38
    - W 10/01/06 09:28:42 PIM:No IP address configured on VID 100 (8)
  - 723Figure C-13.Example of Duplicate Messages Over Multiple Log Throttling Periods
    - C-39
    - Example of Event Counter Operation
    - Suppose the switch detects the following after a reboot:
  - 724Table C-2.How the Duplicate Message Counter Increments
    - C-40
725Debug/Syslog Operation
- Debug/Syslog Messaging
- Debug/Syslog Destination Devices
  - debug destination
    - ■Up to six Syslog servers
    - A CLI session through a direct
- 726Debug/Syslog Configuration Commands
  - C-42
  - 727Figure C-15.Summary of Debug/Syslog Configuration Commands
    - page C-57)is supported on the following switch models:
    - Series 6400cl switches
    - 6200yl Switch
    - 6600 switch
    - Series 5400zl switches
    - Series 5300xl switches
    - Series 4200vl switches
    - ■ Series 4100gl switches (software release G.07.50 or greater)
    - Series 3500 switches
    - C-43
    - ■Series 3500yl switches
    - ■Series 3400cl switches
    - ■Series 2900 switches
    - ■Series 2800 switches
    - ■Series 2610 switches
    - ■Series 2600 switches and the Switch 6108 (software release H.07.30 or greater)
    - Configure the switch to send Event Log messages to the current manage
    - ■Display the current Syslog server list when Syslog logging is disabled
- 728Configuring Debug/Syslog Operation
  - logging facility
  - 729no debug event
    - 5. If you configure system-moduleand/or severity-levelvalues to filter Event
    - messages to configured debug destinations (Syslog servers and/or CLI
    - session)
    - all Event Log messages, enter one or both of the following commands:
    - If you configure a severity-level, system-module,logging destination, or
    - C-45
    - Displaying a Debug/Syslog Configuration
    - Use the show debug command to display the currently configured settings for:
    - Syntax: show debug
  - 730Figure C-16.Sample Output of show debug Command
    - C-46
  - 731logging severity
  - 732Example
    - Debug logging of ACL and
  - user
    - C-48
    - 733C-49
- 734Debug Command
  - show statistics < aclv4 | aclv6
    - Syntax: [no] debug < debug-type > (Continued)
    - (Continued)
    - If no Syslog server address is configured and you enter the
  - 735adj —
  - event —
    - dd— Database descriptions hello — Hello messages
  - hello —
    - lsa — Link-stateadvertisements lsr — Link-staterequests
  - lsa —
  - lsr —
    - lsu — Link-stateupdates
  - lsu —
  - retransmission —
  - spf —
    - ip [ rip < database | event | trigger > ]
    - rip < database | event | trigger > > — Enables the specified RIP
  - rip
    - Enables the specified RIP
    - trigger— Display trigger messages
  - trigger—
    - C-51
    - ipv6
    - [dhcpv6-client[events | packet ]] [forwarding | nd | packet]
  - 736dhcpv6-client[events | packet]: Displays DHCPv6 client event and packet data
    - [forwarding]: Displays IPv6 forwarding messages
  - [forwarding]:
    - [nd]: Displays debug messages for IPv6 neighbor discovery
  - [nd]:
    - [packet]: Displays IPv6 packet messages
  - [packet]:
    - lldp
    - Enables all LLDP message types for the configured destina tions
    - Debug Destinations
  - 737ProCurve#
  - debug destination session
- 738Logging Command
  - By specifying both a severity level and system module, you can use both
  - configured settings to filter the Event Log messages you want to use to
  - troubleshoot switch or network error conditions
  - power recycle. The debug settings and destinations configured in your
  - which may not be desirable
  - After a reboot, messages remain in the Event Log and are not deleted
  - However, after a power recycle, all Event Log messages are deleted
  - C-54
  - 739Configuring a Syslog Server
  - syslog-ip-addr
  - C-55
  - Syntax: [no] logging < syslog-ip-addr
  - 740no debug destination logging
  - debug destination logging
    - C-56
    - Syntax: [no] logging facility < facility-name
    - facility-name
    - user (default) — Random user-levelmessages kern — Kernel messages
  - kern —
    - auth — Security/Authorization messages
  - auth —
    - syslog — Messages generated internally by Syslog lpr — Line-Printersubsystem
  - syslog —
  - lpr —
    - Use the no form of the command to remove the configured
    - facility and reconfigure the default (user) value
    - page C-43
- 741Adding a Description for a Syslog Server
  - (IPv4 only) configured for syslog using the CLI or SNMP
  - toring of syslog for SNMP (RFC 3164 supported)
  - C-57
- 742Adding a Priority Description
  - severity
  - system module
    - parameters either through the CLI or with SNMP
- 743Configuring the Severity Level for Event Log
- Messages Sent to a Syslog Server
  - highest to lowest):
  - Major: A fatal error condition has occurred on the switch
  - Major:
    - Error: An error condition has occurred on the switch
  - Error:
    - Warning: A switch service has behaved unexpectedly
  - Warning:
    - Information: Information on a normal switch event
  - Information:
    - Debug: Reserved for ProCurve internal diagnostic information
  - Debug:
    - Using the logging severity command, you can select a set of Event Log
    - server, see “Configuring a Syslog Server” on page C-55
    - Syntax: [no] logging severity < major | error l warning | info | debug
    - Configures the switch to send all Event Log messages with
    - a severity level equal to or higher than the specified value
    - to all configured Syslog servers
    - Default: debug (Reports messages of all severity levels.)
    - Event Log messages of all severity levels to Syslog servers
    - All messages remain recorded in the Event Log
    - C-59
    - Configuring the System Module Used to Select the Event Log
    - Messages Sent to a Syslog Server
  - all-pass
- 744Operating Notes for Debug and Syslog
  - C-60
  - 745■Debug commands do not affect normal message output to the Event Log
  - debug event
  - ■Ensure that your Syslog servers accept Debug messages
    - Duplicate IP addresses are not stored in the list of syslog servers
    - C-61
746Diagnostic Tools
- Diagnostic Features
  - C-62
- 747Port Auto-Negotiation
  - Ensure that the switch port and the port on the attached
  - If the attached
- Ping and Link Tests
  - be IEEE 802.3-compliant
  - qualified domain names, refer to “DNS Resolver” on page C-87
  - respond with an 802.2 Test Response Packet
  - C-63
  - Web: Executing Ping or Link Tests
  - 748Figure C-21.Link and Ping Test Screen on the Web Browser Interface
  - Successes
  - Failures
    - C-64
  - 749Number of Packets to Send
    - CLI: Ping Test
    - Sends ICMP echo requests to determine if another device is alive
  - ping6
  - <ip-address| hostname
    - Target IP address or hostname of the destination node being pinged
  - repetitions <1-10000
    - Number of ping packets sent to the destination address
  - timeout <1-60
  - 750source <ip-addr| hostname
  - data-size <0-65471
  - data-fill <0-1024
  - Figure C-22.Examples of Ping Tests
    - Link Tests
  - Figure C-23.Example of Link Tests
- 751Traceroute Command
  - Ctrl
  - traceroute6
    - <ip-address| hostname
    - The IP address or hostname of the device to which to send the traceroute
    - [minttl < 1-255>]
    - [maxttl < 1-255>]
    - [timeout < 1-120>]
  - 752traceroute
  - A Low Maxttl Causes Traceroute To Halt Before Reaching the
    - Destination Address. For example, executing traceroute with its default
  - Destination Address
    - C-68
  - 753Figure C-24.Example of a Completed Traceroute Enquiry
  - maxttl
  - Figure C-25.Example of Incomplete Traceroute Due to Low Maxttl Setting
    - C-69
    - Common reasons for Traceroute failing to reach a destination include:
    - Timeouts (indicated by one asterisk per probe, per hop; refer to Figure
    - ■Unreachable hosts
    - ■Unreachable networks
    - ■Interference from firewalls
    - ■Hosts configured to avoid responding
  - 754Figure C-26.Example of Traceroute Failing to Reach the Destination Address
    - C-70
755Viewing Switch Configuration and Operation
- CLI: Viewing the Startup or Running Configuration File
- Web: Viewing the Configuration File
  - Diagnostics
  - 2.Click on [Configuration Report]
- 756CLI: Viewing a Summary of Switch Operational Data
  - Figure C-27shows sample output from the show tech command
  - 757Figure C-27.Example of Show Tech Command
  - copy show tech
    - Saving show tech Command Output to a Text File
    - C-73
  - 758Transfer | Capture Text
  - Figure C-28.Capture Text window of the Hyperterminal Application
  - Figure C-29.Entering a Path and Filename for Saving show tech Output
  - [Start]
  - 759Transfer | Capture Text | Stop
    - Customizing show tech Command Output
    - To customize the information displayed with the show tech command:
  - copy “show system”
  - slot-id
    - master: Includes the crash data from both management modules
  - master
    - C-75
  - 760ip-addr
  - remote-file
  - unix
  - 761command-file
  - acl-filename
  - .txt
  - copy usb
- 762CLI: Viewing More Information on Switch Operation
  - show history
  - show system-information
  - show version
  - show interfaces
  - show interfaces-display
  - C-78
  - Pattern Matching When Using the Show Command
  - 763show
  - exclude
  - begin:
  - Figure C-30.Example of Pattern Matching with Include Option
  - 764Figure C-31.Example of Pattern Matching with Exclude Option
    - C-80
  - 765Figure C-32.Example of Pattern Matching with Begin Option
  - show arp
- 766CLI: Useful Commands for Troubleshooting Sessions
  - Syntax: alias
  - show ip ssh command
767Restoring the Factory-Default
Configuration
- CLI: Resetting to the Factory-DefaultConfiguration
- Clear/Reset: Resetting to the Factory-DefaultConfiguration
768Restoring a Flash Image
- 769Call
- Disconnect
- ii.Select File | Properties
- vi.Select Call | Connect
- File
- 770Figure C-34.Example of Xmodem Download in Progress
771DNS Resolver
- Host Name —
  - evergreen.trees.org
  - accounts015
  - sales021
  - ping accounts015 traceroute accounts015
  - C-87
- 772Basic Operation
  - ■When the switch is configured with both of the following:
  - •the IP address of a DNS server available to the switch
  - •the domain suffix of a domain available to the configured DNS server
  - then:
  - ping leader
  - alive, time
  - ping leader.mygroup.procurve.net
  - must
  - C-88
  - other than
  - mygroup.procurve.net
  - common.group.net
- 773Configuring and Using DNS Resolution with
- DNS-CompatibleCommands
- 774Configuring a DNS Entry
  - Syntax: [no] ip dns server-addresspriority < 1 - 3 > < ip-addr
  - •the relative priority of the DNS server when multiple servers are configured
  - •the IP address of the DNS server
  - C-90
- 775Example Using DNS Names with Ping and Traceroute
  - Figure C-37.Example Network Domain
  - 776Entity:
  - Identity:
  - docserver
  - Figure C-38.Configuring Switch “A” in FigureC-37To Support DNS Resolution
    - 37 as a target:
    - ProCurve# traceroute docservr.pubs.outdoors.com
    - hops max, 5 sec. timeout, 3 probes
- 777Viewing the Current DNS Configuration
  - show run
    - ProCurve# show ip
    - IP Routing : Disabled
    - Gateway :
    - TTL
    - Arp
    - Age
    - DNS
    - server
    - | IP Config
    - DEFAULT_VLAN |
  - Figure C-41.Example of Viewing the Current DNS Configuration
    - C-93
    - 778Switch-Initiated
    - C-94
- 779Event Log Messages
  - Message
  - Meaning
780Locator LED (Locating a Switch)
- Syntax: chassislocate [blink | on | off]
- Locates a switch by using the blue Locate LED on the front panel
- blink <1-1440
- on <1-1440
- off
- Turns the chassis Locate LED off
- Figure C-42.Locating a Switch with the chassislocate Command
  - C-96
781MAC Address Management
783Determining MAC Addresses
- Use the menu interface
- Use the CLI
- 784Menu: Viewing the Switch’s MAC Addresses
  - The Management Address Information screen lists the MAC addresses for:
  - ■ Base switch (default VLAN; VID = 1)
  - ■ Any additional VLANs configured on the switch
  - Also, the Base MAC address appears on a label on the back of the switch
  - “1”, and cannot be changed
  - “1”
  - Configured on the Switch:
    - 1. From the Main Menu, Select
  - Figure D-1.Example of the Management Address Information Screen
    - D-4
- 785CLI: Viewing the Port and VLAN MAC Addresses
  - uses the first 24 MAC addresses in the allotment, and so-on
  - (All VLANs in the switch have the same MAC address.)
  - walkmib
    - in the switch, regardless of which VLAN you select
    - the Manager level of the CLI
    - the switch:
    - ProCurve# walkmib ifPhysAddress (The above command is not case-sensitive.)
    - (The above command is not
    - case-sensitive.)
    - ■two non-defaultVLANs configured
    - D-5
  - 786Figure D-2.Example of Port MAC Address Assignments on a Switch
    - D-6
787Viewing the MAC Addresses of
Connected Devices
- MAC address < mac-addr > not found
- mac-address
  - 788D-8
789Monitoring Resources
790Viewing Information on Resource Usage
- Policy Enforcement Engine
  - When the following features are configured globally or
  - •ACLs
  - •QoS configurations that use the following commands:
  - QoS device priority (IP Address) through the CLI using the
  - 791qos
  - device-priority
    - –QoS application port through the CLI using qos tcp-port or qos udp-port
  - tcp-port
    - –VLAN QoS Policies through the CLI using service-policy
    - •Management VLAN configuration
    - •Remote mirroring endpoint configuration
    - •Mirror policies per VLAN through the CLI using monitor service
  - monitor service
    - •ACLs or QoS applied per-portor per-userthrough RADIUS authentication
    - ACLs applied
  - access-group
  - ipv6
  - traffic-filter
    - •QoS policies applied per port through the CLI using the service-policy command
    - Mirror policies applied
  - monitor all service
- 792Displaying Current Resource Usage
  - show resources
  - policy
    - Syntax: show <qos | access-list| policy> resources
    - ■There is authenticated client usage of IDM resources on ports
    - E-4
    - 793E-5
  - 794in/out
  - bcast/mcast
  - qos priority
  - qos dscp
  - qos protocol
795When Insufficient Resources Are Available
- 796E-8
797Daylight Savings Time on ProCurve Switches
- 798Middle Europe and Portugal:
- Southern Hemisphere:
- Western Europe:
- Figure F-1.Menu Interface with “User-Defined”Daylight Time Rule Option
  - 799■If the configured day is a Sunday, the time changes at 2am on that day
  - This is true for both the “Beginning day” and the “Ending day”
  - F-3
  - 800F-4
- 801Subject
- Maximum
  - G-1
  - 802G-2
803Switch Licensing
- The procedure for installing a licensed feature into a switch is:
- 804licenses
- hardware-id
- <license_type
  - ProCurve# licenses hardware-idpremium
  - 5.Reboot the switch. For example:
  - ProCurve# boot or:
  - or:
  - ProCurve# reload
  - The licensed features should now be active on the switch
  - H-2
805Power-SavingFeatures
- 806■Turn slot power on or off
- ■Turn LED power on or off using a timer
- ■Slot auto low power mode
- The modules support the power-savingfeatures as indicated in the table below
- 807Configuring the Power-SavingOptions
  - savepower
    - Configuring the Savepower module Option
  - module
  - Figure I-1.Example of savepower module Command
  - savepower module
    - Configuring the Savepower LED Option
  - 808slot-id
    - duration <[HH:]MM
    - recur
  - 809recur
    - Default: disabled
  - Figure I-2.Example of Setting a Time and Duration for savepower led Command
    - Configuring the Savepower port-low-pwrOption
  - 810Figure I-3.Example of savepower port-low-powerCommand for Slot C
    - Show Savepower Commands
  - Show Savepower Module
  - show save- power module
  - 811Figure I-4.Example of Output for show savepower module Command
  - Show Savepower Port-low-pwr
  - show savepower
  - port-low-pwr
  - Figure I-5.Example of Output for show savepower port-low-pwrCommand
  - Show Savepower LED
    - To display the configured status of the LED power-savingoption, use the show
  - savepower led command
  - 812Figure I-6.Example of Output for show savepower led Command
    - 813J-1
814Concepts
- Management communications with a managed switch can be:
- ■in band—throughthe networked data ports of the switch
- out of
- Figure J-1.Management ports
  - J-2
- 815Table J-1.Switch Management Ports
- 816Example
  - Figure J-2.Network out-of-bandmanagement in a data center
    - J-4
- 817OOBM and Switch Applications
  - J-5
818Tasks
- OOBM Configuration
  - OOBM Context
  - Syntax: oobm
    - 819OOBM Enable/disable
    - From the OOBM context:
    - enable disable
    - From the general configuration context:
    - Enables or disables networked out-of-band-managementon the switch
    - Examples:
    - J-7
    - 820OOBM Port Enable/disable
    - 821OOBM Port Speed Control
    - 822OOBM IPv4 Address Configuration
    - [no] ip address [dhcp-bootp| ip-address/mask-length]
    - ip-address/mask-length
    - [no] oobm ip address [dhcp-bootp| ip-address/mask-length]
    - Configures an IPv4 address for the switch’s OOBM interface
    - OOBM IPv4 Default Gateway Configuration
    - [no] ip default-gateway ip-address
    - [no] oobm ip default-gateway ip-address
    - Configures an IPv4 default gateway for the switch’s OOBM interface
    - J-10
- 823OOBM Show Commands
  - Show OOBM
  - Show OOBM IP Configuration
  - 824show oobm ip
    - Show OOBM ARP Information
  - show oobm arp
- 825Application Server Commands
  - Default value is both for all servers
  - Telnet:
  - Management and Configuration Guide, page
  - SSH:
  - Access Security Guide, page
  - SNMP:
  - TFTP:
  - Management and Configuration Guide, page A-10
  - HTTP:
  - In all cases, show running-config will display the server configurations
  - J-13
- 826Application Client Commands
  - 827Figure J-3.Example data center
    - 828J-16
829Index
- Symbols
- Numerics

103 pages2.69 Mb

1HP ProCurve
Series 6600 Switches
3ProCurve Series 6600 Switches
- Installation and Getting Started Guide
  - 4Safety
- 5Contents
  - 1 Introducing the Switch
  - 2 Installing the Switch
  - 63 Getting Started With Switch Configuration
  - 4 Replacing Components
  - 5 Troubleshooting
  - 7A Specifications
  - B Cabling and Technology Information
  - 8C Safety and EMC Regulatory Statements
  - D Recycle Statements
  - Index
9Introducing the Switch
- 10Table
- 12Front of the Switch
  - 13Network Ports
  - 14LEDs
    - 15the
  - 16LED Mode Select Button and Indicator LEDs
  - 17Reset Button
  - 18Clear Button
  - Console Port
- 19Back of the Switch
  - Power Connector
- Switch Features
  - 20console
  - interface
  - web browser
  - ProCurve
  - Manager
21Installing the Switch
- Included Parts
  - 22J a p a n P o w e r
  - C o r d W a r n i n g
  - 23Installation Precautions:
- 24Installation Procedures
  - Summary
  - 251. Prepare the Installation Site
  - 2. Verify the Switch Passes Self Test
    - 26Figure 2-2.Connecting the power cord
    - N o t e
    - Figure 2-3.Checking the LEDs on the 6600-24Gand 6600-24G-4XG
    - Figure 2-4.Checking the LEDs on the 6600-24XG
  - 27LED Behavior:
    - During the self test:
    - When the self test completes successfully:
    - Power
    - Fan Status
    - Fault
    - Test LED
  - 283. (Optional) Reversing the air flow
  - 304. Mount the Switch
  - 31Figure 2-5.Mounting in a two post rack using the balanced option
  - Figure 2-6.Example attaching mounting brackets
  - 32Figure 2-7.Installing the rail mounting holding brackets
  - Figure 2-8.Mounting rails in a four-postHP 10K rack
  - 33Figure 2-9.Sliding the switch into the rails
  - Figure 2-10.Mounting in a rack
  - 345. Connect the Switch to a Power Source
  - 356. (Optional) Install or Remove mini-GBICsor SFPs
    - N o t e s
    - Figure 2-11.One meter DAC
  - 36Installing the Mini-GBICsor SFP+ Transceivers:
    - Figure 2-12.Installing a Mini-GBICor SFP
  - 37SFP and SFP+ transceivers Plug-in,Fault and Alert behaviors
  - Removing the mini-GBICs:
  - 387. Connect the Network Cables
  - Figure
  - Connecting a Fiber cable connector
  - 398. (Optional) Connect a Console to the Switch
    - Out-of-band:
    - In-Band:
    - the Switch
  - 40Terminal Configuration
  - Direct Console Access
    - Figure 2-15.Connecting the console cable
    - Figure 2-16.Connecting the console cable
    - the Installing
  - 41Console Cable Pinouts
    - Figure 2-17. RJ-45to DB-9pinouts
    - Switch
- 42Sample Network Topology
  - 43Figure 2-19.Example topology
45Getting Started With Switch Configuration
- Recommended Minimal Configuration
- 46Using the Console Setup Screen
  - 47IP Config (DHCP/Bootp)
  - Manual
  - IP Address
  - Subnet Mask
  - ave
- 48Where to Go From Here
  - To Recover from a Lost Manager Password
- 49Using the IP Address for Remote Switch Management
  - Starting a Telnet Session
  - Starting a Web Browser Session
51Replacing Components
- Replacing the fan tray assembly
  - 52Figure 4-1.Fan tray assembly retaining screws
  - Figure 4-2.Removing the fan tray assembly
- 53Replacing the Battery
  - Installing a New Battery
    - 54AT T E N T I O N
- 55Replacing the Power Supplies
57Troubleshooting
- Basic Troubleshooting Tips
  - 58Faulty or loose cables
  - Non-standard
  - cables
  - Trunking
  - 59Check the port configuration
  - www.procurve.com/library
- 60Diagnosing with the LEDs
  - 61Diagnostic Tips:
- 64Proactive Networking
- 65Hardware Diagnostic Tests
  - Testing the Switch by Resetting It
  - 66Testing Twisted-PairCabling
  - Testing Switch-to-DeviceNetwork Communications
  - Testing End-to-EndNetwork Communications
- 67Restoring the Factory Default
- Configuration
- 68Downloading New Switch Software
- HP Customer Support Services
  - Before Calling Support
69Specifications
- Physical
- Electrical
- Environmental
- 70Acoustic
- Safety
73Cabling and Technology Information
- Cabling specifications
  - 74Cabling and Technology
- 75Technology distance specifications
- 76Mode Conditioning Patch Cord
  - 77Installing the Patch Cord
- 78Twisted-PairCable/Connector Pin-Outs
  - 79Straight-Through Twisted-PairCable for
  - 10 Mbps or 100 Mbps Network Connections
  - 80Crossover Twisted-PairCable for
  - 10 Mbps or 100 Mbps Network Connection
  - 81Straight-Through Twisted-PairCable for 1000 Mbps Network Connections
83Safety and EMC Regulatory Statements
- Safety Information
- 84Informations concernant la sécurité
- 85Hinweise zur Sicherheit
- 86Considerazioni sulla sicurezza
- 87Consideraciones sobre seguridad
- 88Safety Information (Japan)
- 89Safety Information (China)
- 90EMC Regulatory Statements
  - Canada
  - Australia/New Zealand
  - Japan
  - Taiwan
  - 91European Community
93Recycle Statements
- Waste Electrical and Electronic
- Equipment (WEEE) Statements
97Index
- Numerics
103*5992-4962

220 pages11.54 Mb

5Contents
131 Get started
- Accessibility
- 14Eco
- 15Understand the printer parts
  - 16Printing supplies area
  - Back view
- 17Use the printer control panel
  - 18Control panel display icons
  - Change printer settings
- 19Find the printer model number
- 20HP Digital Solutions
- Select print media
  - 21Recommended papers for printing and copying
  - 22Recommended papers for photo printing
  - Tips for selecting and using media
- 23Load an original on the scanner glass
- 24Load an original in the automatic document feeder (ADF)
- 25Load media
  - 26Load envelopes
  - Load cards and photo paper
  - 27Load custom-sizemedia
- 28Maintain the printer
  - 29Clean the exterior
  - Clean the automatic document feeder
- 30Update the printer
- 31Turn off the printer
322 Print
- Print documents
- 33Print brochures
- 34Print on envelopes
  - 35Print on envelopes (Windows)
  - Print on envelopes (Mac OS X)
- 36Print photos
- 37Print on special and custom-sizepaper
- 38Print borderless documents
  - 39Print borderless documents (Windows)
  - Print borderless documents (Mac OS X)
403 Scan
454 Copy
- Copy documents
- Change copy settings
475 Fax
- Send a fax
  - 48Send a standard fax from the computer
  - 49Send a fax manually from a phone
  - 50Send a fax using monitor dialing
  - Send a fax from memory
  - 51Schedule a fax to send later
  - 52Send a fax to multiple recipients
  - Send a fax in Error Correction Mode
- 53Receive a fax
  - 54Set up backup fax
  - Reprint received faxes from memory
  - 55Poll to receive a fax
  - Forward faxes to another number
  - 56Set the paper size for received faxes
  - Set automatic reduction for incoming faxes
  - Block unwanted fax numbers
  - 58Receive faxes to your computer using HP Digital Fax (Fax to PC and Fax to Mac)
- 59Set up speed-dialentries
  - 60Set up and change speed-dialentries
  - Set up and change group speed-dialentries
- 61Change fax settings
  - 62Configure the fax header
  - Set the answer mode (Auto answer)
  - Set the number of rings before answering
  - 63Change the answer ring pattern for distinctive ring
  - 64Set the dial type
  - Set the redial options
- 65Fax and digital phone services
- 66Fax over Internet Protocol
- Use reports
  - 67Print fax confirmation reports
  - 68Print fax error reports
  - Print and view the fax log
  - Clear the fax log
  - 69Print the details of the last fax transaction
  - Print a Caller ID Report
  - View the Call History
706 Web Services
- What are Web Services
- 71Set up Web Services
- 72Use Web Services
- 74Remove Web Services
757 Work with ink cartridges
- Information on ink cartridges and the printhead
- 76Check the estimated ink levels
- Print when one or more ink cartridges are depleted
- 77Replace the ink cartridges
- 78Store printing supplies
- Usage information collection
808 Solve a problem
- HP support
  - 81Obtain electronic support
  - HP support by phone
  - 83www.hp.com/support
- 84General troubleshooting tips and resources
- Solve printer problems
  - 85The printer shuts down unexpectedly
  - The printer is making some unexpected noises
  - Alignment fails
  - The printer is not responding (nothing prints)
  - 86The printer prints slowly
  - 87Blank or partial page printed
  - 88Something on the page is missing or incorrect
  - Placement of the text or graphics is wrong
- 89Print quality troubleshooting
  - 94Printhead maintenance
- 96Solve paper-feedproblems
- 97Solve copy problems
  - 98Copies are blank
  - Documents are missing or faded
  - Size is reduced
  - 99Copy quality is poor
  - Copy defects are apparent
- 100Solve scan problems
  - 101Scan takes too long
  - Part of the document did not scan or text is missing
  - Text cannot be edited
  - 102Error messages appear
  - Scanned image quality is poor
- 104Solve fax problems
  - 105The fax test failed
- 118Solve problems using Web Services and HP websites
- 119Solve wireless problems
  - 120Basic wireless troubleshooting
  - Advanced wireless troubleshooting
- 125Configure your firewall software to work with the printer
- 126Solve printer management problems
- 127Troubleshoot installation issues
  - 128HP software installation suggestions
  - Solve network problems
- 129Understand the Printer Status Report
- 130Understand the network configuration page
- 132Clear jams
  - 135Avoid paper jams
136A Technical information
- Warranty information
- 139Printer specifications
- 148Regulatory information
- 156Environmental product stewardship program
- 161Third-partylicenses
169B HP supplies and accessories
- Order printing supplies online
- Supplies
171C Additional fax setup
- Set up faxing (parallel phone systems)
- 193Serial-typefax setup
- 194Test fax setup
195D Network setup
- Set up the printer for wireless communication
- 199Change basic network settings
- 200Change advanced network settings
- 201Uninstall and reinstall the HP software
202E Printer management tools
- Toolbox (Windows)
- HP Utility (Mac OS X)
- Embedded web server
204F How do I
205G Errors (Windows)
- Fax memory full
- Unable to communicate with printer
- Low on ink
- Cartridge Problem
- 206Replace the ink cartridge
- Paper Mismatch
- The cartridge cradle cannot move
- Paper Jam
- 207The printer is out of paper
- Printer Offline
- Printer Paused
- Document failed to print
- Printer failure
- Door or cover open
- 208Previously used ink cartridge installed
- Ink cartridges depleted
- Ink cartridge failure
- Printer supply upgrade
- Printer supply upgrade successful
- Printer supply upgrade problem
- Non-HPink cartridges installed
- 209Using Genuine HP Cartridges has its Rewards
- Counterfeit Cartridge Advisory
- Used, Refilled or Counterfeit Cartridge Detected
- Use SETUP cartridges
- Do not use SETUP cartridges
- New printhead ink alert
- Use black ink only
- 210Use color ink only
- Incompatible ink cartridges
- Ink sensor warning
- Problem with printer preparation
- Color cartridge out of ink
- Black cartridge out of ink
- 211Automatic document feeder cover open
- Problem with ink system
212Index

Also you can find more HP manuals or manuals for other Computer Equipment.