HP 2510G 70

GVRP

Introduction

GVRP and VLAN Access Control

When you enable GVRP on a switch, the default GVRP parameter settings allow all of the switch’s ports to transmit and receive dynamic VLAN advertisements (GVRP advertisements) and to dynamically join VLANs. The two preceding sections describe the per-port features you can use to control and limit VLAN propagation. To summarize, you can:

■Allow a port to advertise and/or join dynamic VLANs (Learn mode—the default).

■Allow a port to send VLAN advertisements, but not receive them from other devices; that is, the port cannot dynamically join a VLAN but other devices can dynamically join the VLANs it advertises (Block mode).

■Prevent a port from participating in GVRP operation (Disable mode).

Port-Leave From a Dynamic VLAN

A dynamic VLAN continues to exist on a port for as long as the port continues to receive advertisements of that VLAN from another device connected to that port or until you:

■Convert the VLAN to a static VLAN (See “Converting a Dynamic VLAN to a Static VLAN” on page 2-26.)

■Reconfigure the port to Block or Disable

■Disable GVRP

■Reboot the switch

The time-to-live for dynamic VLANs is 10 seconds. That is, if a port has not received an advertisement for an existing dynamic VLAN during the last 10 seconds, the port removes itself from that dynamic VLAN.

Planning for GVRP Operation

These steps outline the procedure for setting up dynamic VLANs for a seg- ment.

1.Determine the VLAN topology you want for each segment (broadcast domain) on your network.

2.Determine the VLANs that must be static and the VLANs that can be dynamically propagated.

3.Determine the device or devices on which you must manually create static VLANs in order to propagate VLANs throughout the segment.

3-10

Contents

ProCurve Series 2510G Switches Page ProCurve Series 2510G Switches Advanced Traffic Management Guide Page Product Documentation 1 Getting Started 2 Static Virtual LANs (VLANs) 3 GVRP 4 Multimedia Traffic Control with IP Multicast (IGMP) 5 Multiple Instance Spanning-TreeOperation 6Quality of Service (QoS): Managing Bandwidth More Effectively 7 ProCurve Stack Management Index Product Documentation Feature Index Page Page Getting Started Conventions bold italics 2510G Syntax: copy tftp Syntax: hostname Figure 1-1.Example of a Figure Showing a Simulated Screen Sources for More Information Figure 1-2.Getting Help in the Menu Interface Figure 1-3.Getting Help in the CLI http://www.procurve.com Need Only a Quick Start setup 8.Run Setup Important Static Virtual LANs (VLANs) Page N o t e Port-BasedVirtual LANs (Static VLANs) Figure 2-1.Example of Routing Between VLANs via an External Router Figure 2-2.Example of Overlapping VLANs Using the Same Server Figure 2-3.Example of Connecting Multiple VLANs Through the Same Link Figure 2-4.Example of Tagged and Untagged VLAN Technology in the Same Network Page Figure 2-5.Comparing Per-PortVLAN Options With and Without GVRP Table 2-1. Per-PortVLAN Configuration Options Forbid Page Table 2-6.Example of Forwarding Database Content Table 2-7.Forwarding Database Structure for Managed ProCurve Switches Page Page The Solution 2.Switch Configuration 8.VLAN Menu 1.VLAN Support Figure 2-8.The Default VLAN Support Screen Edit) GVRP Enabled Maximum VLANs to support Figure 2-9.VLAN Menu Screen Indicating the Need To Reboot the Switch [0] 2.VLAN Names Figure 2-10.The Default VLAN Names Screen [A] Add Name ave Figure 2-11.Example of VLAN Names Screen with a New VLAN Added 2. Switch Configuration 3.VLAN Port Assignment Figure 2-12.Example of VLAN Port Assignment Screen dit Untagged, or Forbid) For GVRP Operation: Figure 2-13.Example of VLAN Assignments for Specific Ports VLAN Commands Used in this Section Figure 2-14.Example of “show vlans” Listing (GVRP Enabled) Figure 2-15.Example of “show vlans” for a Specific Static VLAN Figure 2-16.Example of “show vlans” for a Specific Dynamic VLAN port-list all detail Port name: VLAN ID: Figure 2-17.Example of “Show VLAN Ports” Cumulative Listing Figure 2-18.Example of “Show VLAN Ports” Detail Listing Figure 2-19.Example of Command Sequence for Changing the Number of VLANs Changing the Primary VLAN Creating a New Static VLAN Changing the VLAN Context Level Figure 2-20.Example of Creating a New Static VLAN Page VLAN already exists 2.Click on VLAN Configuration 3.Click on Add/Remove VLANs Figure 2-21.Example of Tagged and Untagged VLAN Port Assignments Figure 2-22.Example of VLAN ID Numbers Assigned in the VLAN Names Screen Page Switch Switch Y Page Figure 2-24.Example of Potential Security Breaches Figure 2-25.Example of Management VLAN Control in a LAN Table 2-2.VLAN Membership in Figure DHCP/Bootp Manual write memory Default: Disabled running-config Figure 2-26.Illustration of Configuration Example write-memory Implementing Spanning Tree Page Page Page GVRP Page Page Figure 3-1.Example of Forwarding Advertisements and Dynamic Joining Figure 3-2.Example of GVRP Operation IP Addressing Table 3-1.Options for Handling “Unknown VLAN” Advertisements: show gvrp Figure 3-3.Example of GVRP Unknown VLAN Settings Table 3-2.Controlling VLAN Behavior on Ports with Static VLANs Page Page Page 2.Switch Configuration Figure 3-4.The VLAN Support Screen (Default Configuration) Unknown VLAN Figure 3-5.Example Showing Default Settings for Handling Advertisements GVRP Commands Used in This Section Figure 3-6.Example of “Show GVRP” Listing with GVRP Disabled Figure 3-7.Example of Show GVRP Listing with GVRP Enabled Enabling and Disabling GVRP on the Switch. This command enables Syntax: gvrp Figure 3-8.Example of Preventing Specific Ports from Joining Dynamic VLANs Figure 3-9.Example of Switches Operating with GVRP Enabled Figure 3-10.Example of Listing Showing Dynamic VLANs VLAN Configuration GVRP Security Apply Page Page Multimedia Traffic Control with IP Multicast (IGMP) Page General Operation and Features IGMP Device: IGMP Host: Forward with High Priority Auto/Blocked/Forward: Auto Blocked: Forward: CLI: Configuring and Displaying IGMP Syntax Figure 4-1.Example Listing of IGMP Configuration for All VLANs in the Switch show ip igmp Figure 4-2.Example Listing of IGMP Configuration for A Specific VLAN Page Web: Enabling or Disabling IGMP Device Features Apply Changes How IGMP Operates querier Report (Join): Leave Group: Page Page Table 4-1.Comparisonof IGMP Operation With and Without IP Addressing Fast-Leave IGMP Table 4-2.IGMP: Data-Drivenand Non-DataDriven Behavior Automatic Fast-LeaveOperation. If a switch port is: Figure 4-3.Example of Automatic Fast-LeaveIGMP Criteria specifier, for example, vlan < vid > ip igmp fastleave <port-list show configuration N o t e o n V L A N N u m b e r s walkmib setmib getmib Figure 4-6.Example of Changing the Forced Fast-LeaveConfiguration on Port Using the Switch as Querier Excluding Multicast Addresses from IP Multicast Filtering Table 4-3.IPMulticast Address Groups Excluded from IGMP Filtering N o t e s : IP Multicast Filters Multiple Instance Spanning-TreeOperation Page Page Figure 5-1.Example of a Multiple Spanning-TreeApplication Note on Path Cost C a u t i o n 802.1s Multiple Spanning Tree Protocol (MSTP) Figure 5-2.Example of MSTP Network with Legacy STP and RSTP Devices Connected Internal Page Figure 5-3.Active Topologies Built by Three Independent MST Instances Page Connectivity within the Same MST Instance Bridge: Common Spanning Tree (CST): Internal Spanning Tree (IST): MSTP Bridge: MST Region: hello-time STP-compatible force version Page Region Name: spanning-tree config-name Region Revision Number: spanning-treeconfig revision spanning-tree max-hops spanning-tree force-version spanning-tree forward-delay spanning-treepriority spanning-treeinstance < 1 - 16 > vlan < vid no spanning- tree instance > vlan spanning-treeinstance < n > priority < n Page pending stp-compatible: rstp-operation: mstp-operation: mstp force-version time < 1..10 > (page 22). (Default: 2.) admin edge-port If admin-edge-port is disabled on a port and auto-edge-port auto-edge-port auto The no spanning-tree< port-list > mcheck command disables mcheck global hello- time Force-True default) Force-False Auto: show running tcn-guard Command Syntax and Example always configuration Figure 5-5.Example of BPDU Filter in Show Spanning Tree Configuration Command Figure 5-6.Example of BPDU Filters in the Show Configuration Command Figure 5-7.Example of BPDU Protection Enabled at the Network Edge interface enable period using the spanning-tree bpdu-protection-timeout command bpdu-protection Figure 5-8.Example of Show Spanning Tree BPDU Protection Command disable-timer Figure 5-10.Example of Show Loop Protect Display Page Switch Priority Page Page Page instance ist > instance ist Page config-revision show spanning- tree pending a20-trk1 Figure 5-11.Example of Common Spanning Tree Status on an MSTP Switch Displaying Switch Statistics for a Specific MST Instance Page show spanning-tree a20-trk1config instance Figure 5-14.Example of the Configuration Listing for a Specific Instance Figure 5-15.Example of a Region-LevelConfiguration Display Figure 5-16.Example of Displaying a Pending Configuration Page Page Quality of Service (QoS): Managing Bandwidth More Effectively Page Set Priority Honor Priority Change Priority Honor New Priority Set Policy 802.1p prioritization: Type-of-Service (ToS): Page Table 6-1.Port Queue Exit Priorities Table 6-2.QoS Priority Settings and Operation Table 6-3.Mapping Switch QoS Priority Settings to Device Queues M u l t i p l e C r i t e r i a Table 6-4.Switch Type Search Order and Precedence Table 6-5.Precedence Criteria for QoS types Preparation for Configuring QoS Table 6-6.Summary of QoS Capabilities Table 6-7.Applying QoS Options to Traffic Types Defined by QoS Types Page Using QoS Types To Configure QoS for Outbound Traffic show qos No override QoS Type Precedence: ToS IP-Precedence Mode: ToS Differentiated Services (Diffserv) Mode: Figure 6-3.Example of Enabling ToS IP-PrecedencePrioritization diff- services Figure 6-4.Interior Switch “B” Honors the Policy Established in Edge Switch “A” Note on DSCP Use 4.Enable diff-services Page diff-services Page Page Figure 6-7.Display the Current DSCP-MapConfiguration Figure 6-8.Example of Policies Configured (with Optional Names) in the DSCP Table Page Figure 6-10.The ToS Codepoint and Precedence Bits Table 6-8.How the Switch Uses the ToS Configuration ToS Option: Table 6-9.ToS IP-PrecedenceBit Mappings to 802.1p Priorities Options for Assigning Priority No override Figure 6-11.Configuring and Displaying Source-PortQoS Priorities Figure 6-12.Returning a QoS-PrioritizedVLAN to “No-override”Status No- override policy name Table 6-10.The Default DSCP Policy Table Page Effect of show qos type IP Multicast (IGMP) Interaction with QoS QoS Messages in the CLI QoS Operating Notes and Restrictions Table 6-11.Details of Packet Criteria and Restrictions for QoS Support For Devices that Do Not Support 802.1Q Port Tagging Rules: SAP-Encapsulated Page ProCurve Stack Management Page Page Operation Page Table 7-1.Stacking Definitions Figure 7-1.Illustration of a Switch Moving from Candidate to Member Network Interface Options Figure 7-3.Example of a Non-StackingDevice Used in a Stacking Environment Page Stack State Configuring Stack Management Table 7-3.Stacking Configuration Guide Candidate General Steps for Creating a Stack Figure 7-4.Using the System Name to Help Identify Individual Switches Page Stacking Figure 7-5.The Default Stacking Menu Stack Configuration Figure 7-6.The Default Stack Configuration Screen Edit Commander Yes Actions Save Transmission Table 7-4.Candidate Configuration Options in the Menu Interface Using the Menu To “Push” a Switch Into a Stack, Modify the Switch’s Figure 7-8.The Default Stack Configuration Screen Transmission Interval 9.Stacking 4.Stack Management Figure 7-9.Example of the Stack Management Screen Figure 7-10.Example of Candidate List in Stack Management Screen Figure 7-11.Example of Stack Management Screen After New Member Added 2.Stacking Status (All) Back N o t e : Figure 7-13.Example of Stack Management Screen with Stack Members Listed Figure 7-14.Example of Selecting a Member for Removal from the Stack Delete Figure 7-15.The Prompt for Completing the Deletion of a Member from the Stack 5.Stack Access Figure 7-16.Example of the Stack Access Screen eXecute Figure 7-17.The eXecute Command Displays the Console Main Menu for the Selected Stack Member 9.Stacking ack 3.Stack Configuration Member Com- mander MAC Address Table 7-5.Stack Status Environments Viewing Commander Status 1.Stacking Status (This Switch) Figure 7-19.Example of the Commander’s Stacking Status Screen Figure 7-20.Example of a Member’s Stacking Status Screen Viewing Candidate Status Figure 7-21.Example of a Candidate’s Stacking Screen Table 7-6.CLI Commands for Configuring Stacking on a Switch Page Viewing the Status of Candidates the Commander Has Detected Figure 7-23.Example of Using the Show Stack Candidates Command To List Candidates Page Page Page Page Using the Commander’s CLI To Manually Add a Candidate to the Stack show stack view show stack candidates Figure 7-28.Example of How To Determine Available Switch Numbers (SNs) Figure 7-30.Example Showing the Stack After Adding a New Member Status: Using a Candidate CLI To Manually “Push” the Candidate Into a Stack Figure 7-31.Example of “Pushing” a Candidate Into a Stack Figure 7-32.Example of Stack Listing with Two Stacks in the Subnet Syntax: stack join <mac-addr stack join mac-addr Figure 7-33.Example of Command Sequence for Converting a Commander to a Member Figure 7-34.Example of a Commander and Three Switches in a Stack 7fc700 Using the Member’s CLI To Remove the Member from a Stack Figure 7-36.Example of a Stack Showing Switch Number (SN) Assignments Figure 7-37.Example of SNMP Community Operation with Stacking SNMP Management Station Access to Members Via the Commander @sw<switch number Disabling a Candidate: Figure 7-38.Example of the Web Browser Interface for a Commander Stack Closeup Page Index Numerics