Manuals / Brands / Computer Equipment / Switch / HP / Computer Equipment / Switch

HP 2510G always, tcn-guard, Command Syntax and Example

1 244

Download 244 pages, 1.57 Mb

Multiple Instance Spanning-Tree Operation

802.1s Multiple Spanning Tree Protocol (MSTP)

Syntax: spanning-tree < port-list> tcn-guard

When tcn-guardis enabled for a port, it causes the port to stop propagating received topology change notifications and topology changes to other ports.

(Default: No - disabled)

Configuring BPDU Filtering

The STP BPDU filter feature allows control of spanning-tree participation on a per-port basis. It can be used to exclude specific ports from becoming part of spanning tree operations. A port with the BPDU filter enabled will ignore incoming BPDU packets and stay locked in the spanning-tree forwarding state. All other ports will maintain their role.

Here are some sample scenarios in which this feature may be used:

■ To have STP operations running on selected ports of the switch rather than every port of the switch at a time.

■ To prevent the spread of errant BPDU frames.

■ To eliminate the need for a topology change when a port's link status changes. For example, ports that connect to servers and workstations can be configured to remain outside of spanning-tree operations.

	■ To protect the network from denial of service attacks that use
	spoofing BPDUs by dropping incoming BPDU frames. For this
	scenario, BPDU protection offers a more secure alternative, imple-
	menting port shut down and a detection alert when errant BPDU
	frames are received (see page page 5-27for details).

C a u t i o n	Ports configured with the BPDU filter mode remain active (learning and
	forward frames); however, spanning-tree cannot receive or transmit BPDUs
	on the port. The port remains in a forwarding state, permitting all broadcast
	traffic. This can create a network storm if there are any loops (that is, trunks
	or redundant links) using these ports. If you suddenly have a high load,
	disconnect the link and disable the bpdu-filter (using the no command).
	Command Syntax and Example. The following command is used to

	configure BPDU filters.
	Syntax: [no] spanning-tree <port-list all> bpdu-filter
	Enables/disables the BPDU filter feature on the specified port(s).
	The bpdu-filter option forces a port to always stay in the
	forwarding state and be excluded from standard STP operation.

5-26

Contents

ProCurve Series 2510G Switches Page ProCurve Series 2510G Switches Advanced Traffic Management Guide Page Product Documentation 1 Getting Started 2 Static Virtual LANs (VLANs) 3 GVRP 4 Multimedia Traffic Control with IP Multicast (IGMP) 5 Multiple Instance Spanning-TreeOperation 6Quality of Service (QoS): Managing Bandwidth More Effectively 7 ProCurve Stack Management Index Product Documentation Feature Index Page Page Getting Started Conventions bold italics 2510G Syntax: copy tftp Syntax: hostname Figure 1-1.Example of a Figure Showing a Simulated Screen Sources for More Information Figure 1-2.Getting Help in the Menu Interface Figure 1-3.Getting Help in the CLI http://www.procurve.com Need Only a Quick Start setup 8.Run Setup Important Static Virtual LANs (VLANs) Page N o t e Port-BasedVirtual LANs (Static VLANs) Figure 2-1.Example of Routing Between VLANs via an External Router Figure 2-2.Example of Overlapping VLANs Using the Same Server Figure 2-3.Example of Connecting Multiple VLANs Through the Same Link Figure 2-4.Example of Tagged and Untagged VLAN Technology in the Same Network Page Figure 2-5.Comparing Per-PortVLAN Options With and Without GVRP Table 2-1. Per-PortVLAN Configuration Options Forbid Page Table 2-6.Example of Forwarding Database Content Table 2-7.Forwarding Database Structure for Managed ProCurve Switches Page Page The Solution 2.Switch Configuration 8.VLAN Menu 1.VLAN Support Figure 2-8.The Default VLAN Support Screen Edit) GVRP Enabled Maximum VLANs to support Figure 2-9.VLAN Menu Screen Indicating the Need To Reboot the Switch [0] 2.VLAN Names Figure 2-10.The Default VLAN Names Screen [A] Add Name ave Figure 2-11.Example of VLAN Names Screen with a New VLAN Added 2. Switch Configuration 3.VLAN Port Assignment Figure 2-12.Example of VLAN Port Assignment Screen dit Untagged, or Forbid) For GVRP Operation: Figure 2-13.Example of VLAN Assignments for Specific Ports VLAN Commands Used in this Section Figure 2-14.Example of “show vlans” Listing (GVRP Enabled) Figure 2-15.Example of “show vlans” for a Specific Static VLAN Figure 2-16.Example of “show vlans” for a Specific Dynamic VLAN port-list all detail Port name: VLAN ID: Figure 2-17.Example of “Show VLAN Ports” Cumulative Listing Figure 2-18.Example of “Show VLAN Ports” Detail Listing Figure 2-19.Example of Command Sequence for Changing the Number of VLANs Changing the Primary VLAN Creating a New Static VLAN Changing the VLAN Context Level Figure 2-20.Example of Creating a New Static VLAN Page VLAN already exists 2.Click on VLAN Configuration 3.Click on Add/Remove VLANs Figure 2-21.Example of Tagged and Untagged VLAN Port Assignments Figure 2-22.Example of VLAN ID Numbers Assigned in the VLAN Names Screen Page Switch Switch Y Page Figure 2-24.Example of Potential Security Breaches Figure 2-25.Example of Management VLAN Control in a LAN Table 2-2.VLAN Membership in Figure DHCP/Bootp Manual write memory Default: Disabled running-config Figure 2-26.Illustration of Configuration Example write-memory Implementing Spanning Tree Page Page Page GVRP Page Page Figure 3-1.Example of Forwarding Advertisements and Dynamic Joining Figure 3-2.Example of GVRP Operation IP Addressing Table 3-1.Options for Handling “Unknown VLAN” Advertisements: show gvrp Figure 3-3.Example of GVRP Unknown VLAN Settings Table 3-2.Controlling VLAN Behavior on Ports with Static VLANs Page Page Page 2.Switch Configuration Figure 3-4.The VLAN Support Screen (Default Configuration) Unknown VLAN Figure 3-5.Example Showing Default Settings for Handling Advertisements GVRP Commands Used in This Section Figure 3-6.Example of “Show GVRP” Listing with GVRP Disabled Figure 3-7.Example of Show GVRP Listing with GVRP Enabled Enabling and Disabling GVRP on the Switch. This command enables Syntax: gvrp Figure 3-8.Example of Preventing Specific Ports from Joining Dynamic VLANs Figure 3-9.Example of Switches Operating with GVRP Enabled Figure 3-10.Example of Listing Showing Dynamic VLANs VLAN Configuration GVRP Security Apply Page Page Multimedia Traffic Control with IP Multicast (IGMP) Page General Operation and Features IGMP Device: IGMP Host: Forward with High Priority Auto/Blocked/Forward: Auto Blocked: Forward: CLI: Configuring and Displaying IGMP Syntax Figure 4-1.Example Listing of IGMP Configuration for All VLANs in the Switch show ip igmp Figure 4-2.Example Listing of IGMP Configuration for A Specific VLAN Page Web: Enabling or Disabling IGMP Device Features Apply Changes How IGMP Operates querier Report (Join): Leave Group: Page Page Table 4-1.Comparisonof IGMP Operation With and Without IP Addressing Fast-Leave IGMP Table 4-2.IGMP: Data-Drivenand Non-DataDriven Behavior Automatic Fast-LeaveOperation. If a switch port is: Figure 4-3.Example of Automatic Fast-LeaveIGMP Criteria specifier, for example, vlan < vid > ip igmp fastleave <port-list show configuration N o t e o n V L A N N u m b e r s walkmib setmib getmib Figure 4-6.Example of Changing the Forced Fast-LeaveConfiguration on Port Using the Switch as Querier Excluding Multicast Addresses from IP Multicast Filtering Table 4-3.IPMulticast Address Groups Excluded from IGMP Filtering N o t e s : IP Multicast Filters Multiple Instance Spanning-TreeOperation Page Page Figure 5-1.Example of a Multiple Spanning-TreeApplication Note on Path Cost C a u t i o n 802.1s Multiple Spanning Tree Protocol (MSTP) Figure 5-2.Example of MSTP Network with Legacy STP and RSTP Devices Connected Internal Page Figure 5-3.Active Topologies Built by Three Independent MST Instances Page Connectivity within the Same MST Instance Bridge: Common Spanning Tree (CST): Internal Spanning Tree (IST): MSTP Bridge: MST Region: hello-time STP-compatible force version Page Region Name: spanning-tree config-name Region Revision Number: spanning-treeconfig revision spanning-tree max-hops spanning-tree force-version spanning-tree forward-delay spanning-treepriority spanning-treeinstance < 1 - 16 > vlan < vid no spanning- tree instance > vlan spanning-treeinstance < n > priority < n Page pending stp-compatible: rstp-operation: mstp-operation: mstp force-version time < 1..10 > (page 22). (Default: 2.) admin edge-port If admin-edge-port is disabled on a port and auto-edge-port auto-edge-port auto The no spanning-tree< port-list > mcheck command disables mcheck global hello- time Force-True default) Force-False Auto: show running tcn-guard Command Syntax and Example always configuration Figure 5-5.Example of BPDU Filter in Show Spanning Tree Configuration Command Figure 5-6.Example of BPDU Filters in the Show Configuration Command Figure 5-7.Example of BPDU Protection Enabled at the Network Edge interface enable period using the spanning-tree bpdu-protection-timeout command bpdu-protection Figure 5-8.Example of Show Spanning Tree BPDU Protection Command disable-timer Figure 5-10.Example of Show Loop Protect Display Page Switch Priority Page Page Page instance ist > instance ist Page config-revision show spanning- tree pending a20-trk1 Figure 5-11.Example of Common Spanning Tree Status on an MSTP Switch Displaying Switch Statistics for a Specific MST Instance Page show spanning-tree a20-trk1config instance Figure 5-14.Example of the Configuration Listing for a Specific Instance Figure 5-15.Example of a Region-LevelConfiguration Display Figure 5-16.Example of Displaying a Pending Configuration Page Page Quality of Service (QoS): Managing Bandwidth More Effectively Page Set Priority Honor Priority Change Priority Honor New Priority Set Policy 802.1p prioritization: Type-of-Service (ToS): Page Table 6-1.Port Queue Exit Priorities Table 6-2.QoS Priority Settings and Operation Table 6-3.Mapping Switch QoS Priority Settings to Device Queues M u l t i p l e C r i t e r i a Table 6-4.Switch Type Search Order and Precedence Table 6-5.Precedence Criteria for QoS types Preparation for Configuring QoS Table 6-6.Summary of QoS Capabilities Table 6-7.Applying QoS Options to Traffic Types Defined by QoS Types Page Using QoS Types To Configure QoS for Outbound Traffic show qos No override QoS Type Precedence: ToS IP-Precedence Mode: ToS Differentiated Services (Diffserv) Mode: Figure 6-3.Example of Enabling ToS IP-PrecedencePrioritization diff- services Figure 6-4.Interior Switch “B” Honors the Policy Established in Edge Switch “A” Note on DSCP Use 4.Enable diff-services Page diff-services Page Page Figure 6-7.Display the Current DSCP-MapConfiguration Figure 6-8.Example of Policies Configured (with Optional Names) in the DSCP Table Page Figure 6-10.The ToS Codepoint and Precedence Bits Table 6-8.How the Switch Uses the ToS Configuration ToS Option: Table 6-9.ToS IP-PrecedenceBit Mappings to 802.1p Priorities Options for Assigning Priority No override Figure 6-11.Configuring and Displaying Source-PortQoS Priorities Figure 6-12.Returning a QoS-PrioritizedVLAN to “No-override”Status No- override policy name Table 6-10.The Default DSCP Policy Table Page Effect of show qos type IP Multicast (IGMP) Interaction with QoS QoS Messages in the CLI QoS Operating Notes and Restrictions Table 6-11.Details of Packet Criteria and Restrictions for QoS Support For Devices that Do Not Support 802.1Q Port Tagging Rules: SAP-Encapsulated Page ProCurve Stack Management Page Page Operation Page Table 7-1.Stacking Definitions Figure 7-1.Illustration of a Switch Moving from Candidate to Member Network Interface Options Figure 7-3.Example of a Non-StackingDevice Used in a Stacking Environment Page Stack State Configuring Stack Management Table 7-3.Stacking Configuration Guide Candidate General Steps for Creating a Stack Figure 7-4.Using the System Name to Help Identify Individual Switches Page Stacking Figure 7-5.The Default Stacking Menu Stack Configuration Figure 7-6.The Default Stack Configuration Screen Edit Commander Yes Actions Save Transmission Table 7-4.Candidate Configuration Options in the Menu Interface Using the Menu To “Push” a Switch Into a Stack, Modify the Switch’s Figure 7-8.The Default Stack Configuration Screen Transmission Interval 9.Stacking 4.Stack Management Figure 7-9.Example of the Stack Management Screen Figure 7-10.Example of Candidate List in Stack Management Screen Figure 7-11.Example of Stack Management Screen After New Member Added 2.Stacking Status (All) Back N o t e : Figure 7-13.Example of Stack Management Screen with Stack Members Listed Figure 7-14.Example of Selecting a Member for Removal from the Stack Delete Figure 7-15.The Prompt for Completing the Deletion of a Member from the Stack 5.Stack Access Figure 7-16.Example of the Stack Access Screen eXecute Figure 7-17.The eXecute Command Displays the Console Main Menu for the Selected Stack Member 9.Stacking ack 3.Stack Configuration Member Com- mander MAC Address Table 7-5.Stack Status Environments Viewing Commander Status 1.Stacking Status (This Switch) Figure 7-19.Example of the Commander’s Stacking Status Screen Figure 7-20.Example of a Member’s Stacking Status Screen Viewing Candidate Status Figure 7-21.Example of a Candidate’s Stacking Screen Table 7-6.CLI Commands for Configuring Stacking on a Switch Page Viewing the Status of Candidates the Commander Has Detected Figure 7-23.Example of Using the Show Stack Candidates Command To List Candidates Page Page Page Page Using the Commander’s CLI To Manually Add a Candidate to the Stack show stack view show stack candidates Figure 7-28.Example of How To Determine Available Switch Numbers (SNs) Figure 7-30.Example Showing the Stack After Adding a New Member Status: Using a Candidate CLI To Manually “Push” the Candidate Into a Stack Figure 7-31.Example of “Pushing” a Candidate Into a Stack Figure 7-32.Example of Stack Listing with Two Stacks in the Subnet Syntax: stack join <mac-addr stack join mac-addr Figure 7-33.Example of Command Sequence for Converting a Commander to a Member Figure 7-34.Example of a Commander and Three Switches in a Stack 7fc700 Using the Member’s CLI To Remove the Member from a Stack Figure 7-36.Example of a Stack Showing Switch Number (SN) Assignments Figure 7-37.Example of SNMP Community Operation with Stacking SNMP Management Station Access to Members Via the Commander @sw<switch number Disabling a Candidate: Figure 7-38.Example of the Web Browser Interface for a Commander Stack Closeup Page Index Numerics