Manuals / Brands / Computer Equipment / Switch / HP / Computer Equipment / Switch

HP ProCurve 2520 Managing Network Security Notifications, Figure 13-10.Example of an SNMPv3 Notification Configuration

1 544

Download 544 pages, 7.93 Mb

Configuring for Network Management Applications

Using SNMP Tools To Manage the Switch

An example of how to configure SNMPv3 notification is shown here:

Params _name value in the snmpv3 targetaddress command matches the params _name value in the snmpv3 params command.

The tag _name value in snmpv3 notify command matches the tag _name value in the snmpv3 targetaddress command.

Configuring the security model ver3 requires you to configure message processing ver3 and a security service level.

Figure 13-10. Example of an SNMPv3 Notification ConfigurationManaging Network Security Notifications

By default, a switch is enabled to send the SNMP notifications listed in “Supported Notifications” on page 13-17when a network security event (for example, authentication failure) occurs. However, before security notifications can be sent, you must first configure one or more trap receivers or SNMPv3 management stations as described in:

■“Configuring an SNMP Trap Receiver” on page 13-19

■“Configuring SNMPv3 Notifications” on page 13-23

You can manage the default configuration of the switch to disable and reenable notifications to be sent for the following types of security events:

■ARP protection events

■Unable to establish a connection with the RADIUS or TACACS+ authen tication server

■DHCP snooping events

■Link change notification

■Invalid password entered in a login attempt through a direct serial, Telnet, or SSH connection

■Manager password changes

■Port-security (web, MAC, or 802.1X) authentication failure

■SNMP authentication failure

13-26

Contents

Page Page HP ProCurve 2520 Switches Management and Configuration Guide Page Product Documentation 1 Getting Started 2 Selecting a Management Interface 3 Using the Menu Interface 4 Using the Command Line Interface (CLI) 5 Using the ProCurve Web Browser Interface 6 Switch Memory and Configuration Page 7 Interface Access and System Information 8 Configuring IP Addressing 9 Time Protocols 10 Port Status and Configuration 11 Power Over Ethernet (PoE) Operation 12 Port Trunking 13 Configuring for Network Management Applications A File Transfers Copying Diagnostic Data to a Remote B Monitoring and Analyzing Switch Operation C Troubleshooting Page D MAC Address Management EDaylight Savings Time on ProCurve Switches FPower-SavingFeatures Product Documentation Software Feature Index Page Page Getting Started Introduction Conventions Configuration and Operation Examples Protocol Acronyms IPv6 Command Prompts ProCurve hostname Screen Simulations Displayed Text Sources for More Information Support Manuals Page Getting Documentation From the Web Support Manuals Online Help Menu Interface Command Line Interface help Figure 1-3.Example of CLI Help Web Browser Interface Figure 1-4.Help for Web Browser Interface Need Only a Quick Start IP Addressing setup 8.Run Setup To Set Up and Install the Switch in Your Selecting a Management Interface Understanding Management Interfaces Menu interface ProCurve Manager (PCM)— Advantages of Using the Menu Interface Figure 2-1.Example of the Console Interface Display Provides quick, easy management access Offers out-of-band Advantages of Using the CLI Figure 2-2.Command Prompt Examples General Benefits Information on Using the CLI Advantages of Using the Web Browser Interface ■Display of acceptable ranges of values available in configuration list boxes Advantages of Using ProCurve Manager or ProCurve Manager Plus Network Status Summary: Alerts and Troubleshooting: Automatic Device Discovery: Topology and Mapping: Group and Policy Management: Advanced VLAN Management: Device Software Updates: Custom Login Banners for the Console and Web Browser Interfaces Banner Operation with Telnet, Serial, or SSHv2 Access Press any key to continue prompt Banner Operation with Web Browser Access Configuring and Displaying a Non-DefaultBanner show banner motd Example of Configuring and Displaying a Banner Figure 2-4.Example of Configuring a Login Banner show running Figure 2-5.Example of show banner motd Output Figure 2-6.The Current Banner Appears in the Switch’s Running-ConfigFile Figure 2-7.Example of CLI Result of the Login Banner Configuration Figure 2-8.Example of Web Browser Interface Result of the Login Banner Operating Notes no banner motd ssh version 1-or-2 1-or-2 Using the Menu Interface Page Menu Interaction with Other Interfaces Starting and Ending a Menu Session How To Start a Menu Interface Session menu Figure 3-1.Example of the Main Menu with Manager Privileges How To End a Menu Session and Exit from the Console: Switch Configuration Figure 3-2.Example Indication of a Configuration Change Requiring a Reboot Main Menu Features Figure 3-3.The Main Menu View with Manager Privileges Status and Counters: Switch Configuration: Event Log: Reboot Switch: Download OS: Run Setup: Logout: Screen Structure and Navigation Figure 3-4.Elements of the Screen Structure dit Table 3-5.How To Navigate in the Menu Interface Help Figure 3-6.Example Showing How To Display Help Rebooting the Switch Figure 3-7.The Reboot Switch Option in the Main Menu Rebooting To Activate Configuration Changes 2.Switch Configuration 8.VLAN Menu Maximum VLANs to support VLAN Support Menu Features List Where To Go From Here Page Using the Command Line Interface (CLI) Accessing the CLI Command Line (CLI) Using the CLI Privilege Levels at Logon Figure 4-1.Example of CLI Log-OnScreen with Password(s) Set C a u t i o n Privilege Level Operation Operator Privileges Manager Privileges Figure 4-2.Access Sequence for Privilege Levels Operator Privileges Manager Privileges config Context Configuration level: Table 4-1.Privilege Level Hierarchy How To Move Between Levels Command Line Interface (CLI) Listing Commands and Command Options Listing Commands Available at Any Privilege Level Figure 4-4.Exampleof the Manager-LevelCommand Listing - - MORE Listing Command Options Figure 4-5.Example of How To List the Options for a Specific Command Displaying CLI “Help” Displaying Command-ListHelp Syntax: help Figure 4-6.Example of Context-Sensitive Command-ListHelp Displaying Help for an Individual Command Figure 4-7.Exampleof How To Display Help for a Specific Command Configuration Commands and the Context Configuration Modes Port or Trunk-Group Context trk1 Figure 4-8. Context-SpecificCommands Affecting Port Context VLAN Context Figure 4-9. Context-SpecificCommands Affecting VLAN Context CLI Control and Editing Executing a Prior Command—Redo command-str Figure 4-10.Example of the redo Command Repeating Execution of a Command For example: Figure 4-11.Example of repeat Command Using a Range Using a Command Alias alias name: command: show interface custom show alias Figure 4-13.Example of Alias Commands and Their Configurations CLI Editing Shortcuts Page Using the ProCurve Web Browser Interface No www.procurve.com and: Click on: Technical support FAQs (all) Scroll to General Product Information General Features Starting a Web Browser Interface Session with the Switch Using a Standalone Web Browser in a PC or UNIX Workstation Location Using ProCurve Manager (PCM) or ProCurve Manager Plus (PCM+) Figure 5-1.Example of Status Overview Screen Tasks for Your First ProCurve Web Browser Interface Session Viewing the “First Time Install” Window Figure 5-2. First-TimeInstall Window Security Security: Creating Usernames and Passwords in the Browser Interface Operator Setting Manager Setting Figure 5-3.TheDevice Passwords Window secure access to the device Device Passwords Entering a User Name and Password Figure 5-4.Example of the Password Prompt in the Web Browser Interface Using a User Name If You Lose the Password Online Help for the Web Browser Interface Help Figure 5-5.OnlineHelp for the Web Browser Interface Support/Mgmt URLs Feature Support URL Management Server URL Figure 5-6.The Default Support/Mgmt URLs Window Support URL Help and the Management Server URL Management Server URL www.hp.com/rnd/device_help Figure 5-7.How To Access Web Browser Interface Online Help Using the PCM Server for Switch Web Help www.hp.com//rnd/device_help http://15.29.37.12.8040/rnd/device_help Status Reporting Features The Overview Window Figure 5-8.The Status Overview Window The Port Utilization and Status Displays Figure 5-9.The Graphs Area Port Utilization % Unicast Rx & All Tx: Maximum Activity Indicator: Utilization Guideline To change the amount of bandwidth the Port Utilization bar graph Figure 5-10.Changing the Graph Area Scale Figure 5-11.Display of Numerical Values for the Bar Port Status Figure 5-12.The Port Status Indicators and Legend Port Connected Port Not Connected Port Disabled The Alert Log Figure 5-13.Example of the Alert Log Alert Description Excessive CRC/Alignment errors on port: Alert Types and Detailed Views Acknowledge Event Delete Event Cancel Figure 5-14.Example of Alert Log Detail View Setting Fault Detection Policy Figure 5-15.The Fault Detection Window Log Network Problems High Sensitivity Medium Sensitivity Low Sensitivity Never Switch Memory and Configuration Page Configuration File Management Figure 6-1.Conceptual Illustration of Switch Memory Operation Running Config File: Startup-config File: In the menu interface: In the web browser interface: Page Show config How To Use the CLI To Reconfigure Switch Features Using the CLI To Implement Configuration Changes write terminal show config status auto-10 How To Cancel Changes You Have Made to the Running-ConfigFile Figure 6-2.Boot Prompt for an Unsaved Configuration How To Reset the startup-configand running-configFiles to the Factory Default Configuration Figure 6-3.Example of erase startup-configCommand Using the Menu and Web Browser Interfaces To Implement Configuration Changes Menu: Implementing Configuration Changes Using Save and Cancel in the Menu Interface Rebooting from the Menu Interface Figure 6-5.The Reboot Switch Option in the Main Menu 2. Switch Configuration 8. VLAN Menu Figure 6-6.Indication of a Configuration Change Requiring a Reboot Web: Implementing Configuration Changes Using Primary and Secondary Flash Image Options Displaying the Current Flash Image Data show version Figure 6-7.Example Showing the Identity of the Current Flash Image Figure 6-8.Example Showing Different Flash Image Versions Determining Which Flash Image Versions Are Installed. The show ver Figure 6-9.Determining the Software Version in Primary and Secondary Flash Switch Software Downloads Table 6-1.Primary/Secondary Memory Access Local Switch Software Replacement and Removal Copying a Switch Software Image from One Flash Location to primary secondary Caution: No Undo Figure 6-11.Example of Erase Flash Prompt Rebooting the Switch Operating Notes about Booting Default Boot Source boot system flash [primary | secondary] set-default Boot and Reload Command Comparison Table 6-2.Comparing the Boot and Reload Commands The reload command Setting the Default Flash flash Booting from the Default Flash (Primary or Secondary) boot set- default boot system flash <primary | secondary Using Reload after: at: Multiple Configuration Files Figure 6-14.Optional Reboot Process General Operation Boot Options Page Transitioning to Multiple Configuration Files oldConfig Figure 6-16.Switch Memory Assignments After the First Reboot from Software Supporting Multiple Configuration Listing and Displaying Startup-ConfigFiles Viewing the Startup-ConfigFile Status with Multiple Configuration Enabled id: act: pri: Displaying the Content of A Specific Startup-ConfigFile Changing or Overriding the Reboot Configuration Policy config boot system flash minconfig newconfig Using Reload To Reboot From the Current Flash Image and Startup- Config File Managing Startup-ConfigFiles in the Switch Renaming an Existing Startup-ConfigFile Creating a New Startup-ConfigFile Unable to copy configuration to “< target-filename >” Figure 6-17.Example of Using One Startup-ConfigFile for Both Primary and Secondary Flash Erasing a Startup-ConfigFile startup-config: erase erase config Figure 6-19.Example of Erasing a Non-Active Startup-ConfigFile Using the Clear + Reset Button Combination To Reset the Switch to Its Default Configuration config1 Figure 6-20.Example of Clear + Reset Result Transferring Startup-ConfigFiles To or From a Remote Server TFTP: Copying a Configuration File to a Remote Host test TFTP: Copying a Configuration File from a Remote Host Unable to copy configuration to "< filename test 01.txt Connected Host copy Automatic Configuration Update with DHCP Option CLI Command Figure 6-21.Example of Enabling Configuration File Update Using Option Possible Scenarios for Updating the Configuration File Operating Notes Global DHCP Parameters Best Offer Log Messages Page Interface Access and System Information kill Interface Access: Console/Serial Link, Web, and Inbound Telnet Interface Access Features Menu: Modifying the Interface Access To Access the Interface Access Parameters: 1.System Information CLI: Modifying the Interface Access Interface Access Commands Used in This Section Figure 7-2.Listing of Show Console Command Reconfigure Inbound Telnet Access. In the default configuration Outbound Telnet to Another Device. This feature operates indepen show telnet Page Reconfigure the Console/Serial Link Settings. You can reconfigure one Syntax: console Figure 7-4.Example of Executing the Console Command with Multiple Parameters Figure 7-5.Example of Executing a Series of Console Commands Denying Interface Access by Terminating Remote Management Sessions show ip ssh Kill Figure 7-6.Example of Using the “Kill” Command To Terminate a Remote Session System Information System Information Features System Name: System Contact and Location: MAC Age Time: Menu: Viewing and Configuring System Information Figure 7-7.The System Information Configuration Screen (Default Values) CLI: Viewing and Configuring System Information System Information Commands Used in This Section Listing the Current System Information. This command lists the current Figure 7-8.Example of CLI System Information Listing Configure a System Name, Contact, and Location for the Switch. To Figure 7-9.System Information Listing After Executing the Preceding Commands show running, show config show system information Figure 7-10.Menu Screen Showing System Information Figure 7-11.SystemLocation and System Contact in the Web Browser Page Web: Configuring System Parameters Configure System Parameters in the Web Browser Interface Page Configuring IP Addressing IP Configuration IP Configuration Features Just Want a Quick Start with IP Addressing 8. Run Setup IP Addressing with Multiple VLANs N o t e s Menu: Configuring IP Address, Gateway, and Time-To-Live (TTL) IP Config Manual DHCP/Bootp To Configure IP Addressing CLI: Configuring IP Address, Gateway, and Time-To Live (TTL) IP Commands Used in This Section Viewing the Current IP Configuration Syntax: show ip Figure 8-2.Example of the Switch’s Default IP Addressing Figure 8-3.Example of Show IP Listing with Non-DefaultIP Addressing Configured Page Figure 8-4.Example of Configuring and Displaying a Multinetted VLAN Figure 8-5.Example of Multinetting on the Default VLAN Web: Configuring IP Addressing How IP Addressing Affects Switch Operation Table 8-1.Features Available With and Without IP Addressing on the Switch DHCP/Bootp Operation Overview Bootp Database Record Entries /etc/bootptab Network Preparations for Configuring DHCP/Bootp Page IP Preserve: Retaining VLAN-1IP Addressing Across Configuration File Downloads Operating Rules for IP Preserve ip preserve Figure 8-6.Example of Implementing IP Preserve in a Configuration File Figure 8-7.Example of IP Preserve Operation with Multiple Series Switches Page Page Page Time Protocols TimeP Time Synchronization SNTP Time Synchronization Unicast Mode: sntp server General Steps for Running a Time Protocol on the Switch: TimeP •SNTP: Broadcast or Unicast •TimeP: DHCP or Manual Disabling Time Synchronization SNTP: Viewing, Selecting, and Page Page Page Page Page Page Page Page Page Page Page TimeP: Viewing, Selecting, and Page Page Page Page Page Page Page Page SNTP Unicast Time Polling with Multiple SNTP Servers Displaying All SNTP Server Addresses Configured on the Switch show management Figure 9-20.Example of How To List All SNTP Servers Configured on the Switch Menu: Operation with Multiple SNTP Server Addresses Port Status and Configuration Page Viewing Port Status and Configuring Port Parameters Port Status and Configuration Features Transceivers to Devices Menu: Port Status and Configuration 1.Status and Counters 3.Port Status Figure 10-1.Example of a Switch Port Status Screen Port Type Status of Ports Yes Down Flow Control Broadcast Limit Modes Table 10-1.Supported Modes Table 10-2.Protocols and Modes Supported for Copper Ports Table 10-3.Protocols and Modes Supported for Fiber Optic Ports Configuring Ports 2. Port/Trunk Settings Figure 10-2.Example of Port/Trunk Settings Enabled [Enter] CLI: Viewing Port Status and Configuring Port Parameters Port Status and Configuration Commands Viewing Port Status and Configuration brief: show interfaces brief Figure 10-3.Example of show interfaces brief Command Listing show interfaces config Figure 10-4.Example of a show interfaces config Command Listing Note Customizing the Show Interfaces Command custom Figure 10-6.Example of the Custom show interfaces Command Error Messages Note on Using Pattern Matching with the “Show Interfaces Custom” Command show int custom include Viewing Port Utilization Statistics show interface port-utilization Figure 10-7.Example of a Show Interface Port-UtilizationCommand Listing Viewing Transceiver Status Figure 10-8.Example of Show Tech Transceivers Command non-operational Enabling or Disabling Ports and Configuring Port Mode auto int int Figure 10-9.Examples of Two Methods for Changing a Port Configuration Enabling or Disabling Flow Control Figure 10-10.Example of Configuring Flow Control for Ports Figure 10-11.Example Continued from Figure Configuring a Broadcast Limit on the Switch Broadcast-Limit Configuring ProCurve Auto-MDIX Manual Override Table 10-4.Cable Types for Auto and Manual MDI/MDI-XSettings automdix mdi mdix auto-mdix Web: Viewing Port Status and Configuring Port Using Friendly (Optional) Port Names Show Configuring and Operating Rules for Friendly Port Names show name show interface Configuring Friendly Port Names Figure 10-14.Example of Configuring a Friendly Port Name Displaying Friendly Port Names with Other Port Data Figure 10-16.Example of Friendly Port Name Data for All Ports on the Switch Including Friendly Port Names in Per-PortStatistics Listings. A Figure 10-18.Example of a Friendly Port Name in a Per-PortStatistics Listing To Search the Configuration for Ports with Friendly Port Names Configuring Transceivers and Modules That Haven’t Been Inserted Transceivers Power Over Ethernet (PoE) Operation Page Configuration Options Related Publications Terminology PoE Operation Powered Device (PD) Support Power Priority Operation When Is Power Allocation Prioritized How Is Power Allocation Prioritized Low High Configuring PoE Operation Disabling or Re-EnablingPoE Port Operation Syntax Enabling Support for Pre-StandardDevices Technical support FAQs power-over-ethernet Figure 11-1.PoE Support for Pre-802.3af-standardPowered Devices Enabled Configuring the PoE Port Priority Level Critical: Low: Table 11-1.Example of PoE Priority Operation on the HP ProCurve 2520-24-PoE Controlling PoE Allocation Table 11-1.Power Classes and Their Values Manually Configuring PoE Power Levels poe allocate-by Figure 11-3.Example Showing PoE Power Value Set Too Low for the PD Changing the Threshold for Generating a Power Notice total Cycling Power on a Port PoE/PoE+ Allocation Using LLDP Information LLDP with PoE poe-lldp-detect Viewing PoE Configuration and Status Displaying the Switch’s Global PoE Power Status Detect Off Faulty Displaying an Overview of PoE Status on All Ports class •Detection Status: brief Figure 11-5.Example of show power-over-ethernetbrief Output Displaying the PoE Status on Specific Ports Yes •Allocate By: How PoE is allocated (usage, class, value) Figure 11-6.Example of Output for show power-over-ethernetfor a Port Planning and Implementing a PoE Configuration Assigning PoE Ports to VLANs Applying Security Features to PoE Configurations Username/Password Security: PoE Event Log Messages power threshold <1 - 99 power threshold < 1 - 99 Page Port Trunking Figure 12-1.Conceptual Example of Port Trunking Port Security Restriction L A C P N o t e Port Trunk Features and Operation Trunk Configuration Methods Static Trunk: trunk Table 12-1.Trunk Types Used in Static and Dynamic Trunk Groups Table 12-2.Trunk Configuration Protocols Table 12-3.General Operating Rules for Port Trunks Figure 12-2.Recommended Port Mode Setting for LACP Dyn1 Figure 12-3.Example of a Port Trunk in a Spanning Tree Listing show ip igmp Important Menu: Viewing and Configuring a Static Trunk Group 2.Switch Configuration … 2.Port/Trunk Settings Figure 12-4.Example of the Menu Screen for Configuring a Port Trunk Group Trk2 Figure 12-5.Example of the Configuration for a Two-PortTrunk Group Type (LACP or Trunk) CLI: Viewing and Configuring Port Trunk Groups Trunk Status and Configuration Commands Using the CLI To View Port Trunks Listing Static Trunk Type and Group for All Ports or for Selected Ports Figure 12-6.Example Listing Specific Ports Belonging to Static Trunks Figure 12-7.Example of a Show Trunk Listing Without Specifying Ports Listing Static LACP and Dynamic LACP Trunk Data Figure 12-8.Example of a Show LACP Listing Dynamic LACP Standby Links Using the CLI To Configure a Static or Dynamic Trunk Configuring a Static Trunk or Static LACP Trunk Group Trk Passive Active passive Web: Viewing Existing Port Trunk Groups Click on [Port Status] Trunk Group Operation Using LACP Auto-100 Auto-1000 10FDx 100FDx Table 12-4.LACP Trunk Types Page Default Port Operation Table 12-5.LACP Port Status Data LACP Notes and Restrictions 802.1X (Port-BasedAccess Control) Configured on a Port. To main Changing Trunking Methods Static LACP Trunks VLANs and Dynamic LACP Forbid Figure 12-11.Blocked Ports with LACP Half-Duplexand/or Different Port Speeds Not Allowed in LACP Trunks Trunk Group Operation Using the “Trunk” Option How the Switch Lists Trunk Data Outbound Traffic Distribution Across Trunked Links Figure 12-13.Example of Single Path Traffic through a Trunk Figure 12-14.Example of Port-TrunkedNetwork Page Page Page Page Using SNMP Tools To Manage the Switch Overview products index Network Management SNMP Management Features Click on software updates, then MIBs Configuring for SNMP version 1 and 2c Access to the Switch Configuring for SNMP Version 3 Access to the Switch SNMP Version 3 Commands the snmpv3 restricted-access command Enabling SNMPv3 N o t e : S N M P V e r s i o n I n i t i a l U s e r s show snmpv3 user Figure 13-2.Adding SNMPv3 Users and Displaying SNMPv3 Configuration SNMPv3 User Commands Listing Users Figure 13-3.Example of Management Station Information Assigning Users to Groups snmpv3 group Figure 13-4.Example of Assigning Users to Groups SNMPv3 Group Commands Group Access Levels Manager Read View Discovery View SNMPv3 Communities snmpv3 community index_name Figure 13-5.Assigning a Community to a Group Access Level SNMP Community Features Menu: Viewing and Configuring non-SNMPversion Communities To View, Edit, or Add SNMP Communities: 6.SNMP Community Names Figure 13-6.The SNMP Communities Screen (Default Values) Add Figure 13-7.The SNMP Add or Edit Screen Need Help elp CLI: Viewing and Configuring SNMP Community Names Figure 13-8.Example of the SNMP Community Listing with Two Communities Page SNMP Notifications Supported Notifications General Steps for Configuring SNMP Notifications SNMPv1 and SNMPv2c Traps Trap receivers: Fixed or “Well-Known” Traps: Table 13-1.Security Levels for Event Log Messages Sent as Traps Enabling SNMPv2c Informs retries: retries timeout Figure 13-9.Display of SNMPv2c Inform Configuration Configuring SNMPv3 Notifications snmpv3 notify no snmpv3 notify <notify_name snmpv3 targetaddress params taglist snmpv3 targetaddress params snmpv3 params taglist snmpv3 params user sec-model msg-processing ver3 Figure 13-10.Example of an SNMPv3 Notification Configuration Managing Network Security Notifications enable traps traps Figure 13-11.Display of Configured Network Security Notifications Enabling Link-ChangeTraps link-change all Configuring the Source IP Address for SNMP Notifications snmp server response-source trap-source dst-ip-of-request: Page Figure 13-12.Display of Source IP Address Configuration Displaying SNMP Notification Configuration Figure 13-13.Display of SNMP Notification Configuration Advanced Management: RMON Network Manager LLDP (Link-LayerDiscovery Protocol) Adjacent Device: Advertisement: See LLDPDU Active Port: LLDP: LLDP-Aware: LLDP Neighbor: LLDPDU (LLDP Data Unit): LLDP-MED(Link Layer Discover Protocol Media Endpoint MIB Neighbor: General LLDP Operation LLDP-MED Packet Boundaries in a Network Topology Enable or Disable LLDP-MED Change the Frequency of LLDP Packet Transmission to Neighbor Devices Transmit and Receive Mode Page Remote Management Address Debug Logging debug lldp Options for Reading LLDP Information Collected by the Switch LLDP and LLDP-MEDStandards Compatibility LLDP Operating Rules Port Trunking Spanning-Tree Blocking Configuring LLDP Operation Viewing the Current Configuration Displaying the Global LLDP, Port Admin, and SNMP Notification Status show lldp config Figure 13-14.Example of Viewing the General LLDP Configuration Configuring Global LLDP Packet Controls Page holdtime-multiplier holdtime-interval Changing the Delay Interval Between Advertisements Generated by Inconsistent value Figure 13-16.Example of Changing the Transmit-DelayInterval Configuring SNMP Notification Support Enabling LLDP Data Change Notification for SNMP Trap Receivers Configuring Per-PortTransmit and Receive Modes tx_rx Configuring Basic LLDP Per-PortAdvertisement Content Mandatory Data Configuring a Remote Management Address for Outbound LLDP Optional Data Configuring Support for Port Speed and Duplex Advertisements LLDP-MED (Media-Endpoint-Discovery) Figure 13-17.Example of LLDP-MEDNetwork Elements LLDP-MED Endpoint Support Page Operational Support LLDP-MEDTopology Change Notification Page LLDP-MEDFast Start Control Advertising Device Capability, Network Policy, PoE Status and Location Data dot3TlvEnable macphy_config command on page Network Policy Advertisements vlan < vid voice Enabling or Disabling medTlvEnable. In the default LLDP-MED Notes: PoE Advertisements power source power priority: power value: Configuring Location Data for LLDP-MEDDevices civic address: ELIN (Emergency Location Identification Number): coordinate-based location: civic-addr www.iso.org Page Configuring Coordinate-BasedLocations. Latitude, longitude, and Table 13-4.Some Location Codes Used in CA-TYPEFields Location Element Code Figure 13-18.Example of a Civic Address Configuration Displaying Advertisement Data Displaying Switch Information Available for Outbound Page Page Page Displaying LLDP Statistics NumFramesRecvd: NumFramesSent: NumFramesDiscarded: Frames Invalid: Figure 13-23.Example of a Global LLDP Statistics Display LLDP Operating Notes Neighbor Maximum LLDP Packet Forwarding: > ipAddrEnable 802.1Q VLAN Information Effect of 802.1X Operation Neighbor Data Can Remain in the Neighbor Database After the LLDP and CDP Data Management LLDP and CDP Neighbor Data Page CDP Operation and Commands Syntax: show cdp Figure 13-26.Example of Show CDP with the Default CDP Configuration Page Page Page File Transfers Page Downloading Switch Software General Software Download Rules Using TFTP To Download Switch Software from a Server Menu: TFTP Download from a Server to Primary Flash Figure A-1.Example of a Download OS (Software) Screen (Default Values) TFTP Server ecute Figure A-2.Example of the Download OS (Software) Screen During a Download Validating and writing system software to FLASH b.Check the Firmware revision line Figure A-3.Example of Message for Download Failure show log tftp Remote File Name CLI: TFTP Download from a Server to Flash copy Figure A-4.Example of the Command to Download an OS (Switch Software) Validating and Writing System Software to FLASH … show system Using Secure Copy and SFTP create remove rcp How It Works ip ssh filetransfer The SCP/SFTP Process Disable TFTP and Auto-TFTPfor Enhanced Security Figure A-5.Example of Switch Configuration with SFTP Enabled Figure A-6.Using the Menu Interface To Disable TFTP auto-tftp Command Options Authentication SCP/SFTP Operating Notes Page Troubleshooting SSH, SFTP, and SCP Operations Broken SSH Connection Using Xmodem to Download Switch Software From a PC or UNIX Workstation Send File ransfer Menu: Xmodem Download to Primary Flash 7.Download OS CLI: Xmodem Download from a PC or UNIX Workstation to Primary or Secondary Flash Switch-to-SwitchDownload Menu: Switch-to-SwitchDownload to Primary Flash 7. Download OS /os/secondary CLI: Switch-To-SwitchDownloads Downloading from Primary Only Using PCM+ to Update Switch Software Copying Software Images TFTP: Copying a Software Image to a Remote Host Transferring Switch Configurations sw8200 TFTP: Copying a Customized Command File to a Switch show-tech show tech custom Figure A-10.Example of the show tech custom Command Connected PC or UNIX Workstation Xmodem: Copying a Configuration File from a Serially Page Copying Diagnostic Data to a Remote Host, PC or UNIX Workstation Xmodem Copying Command Output to a Destination Device Figure A-11.Example of Sending Command Output to a File on an Attached PC Copying Event Log Output to a Destination Device Figure A-12.Example of Sending Event Log Content to a File on an Attached PC Copying Crash Data Content to a Destination Device Figure A-13.Exampleof Copying Switch Crash Data Content to a PC Copying Crash Log Data Content to a Destination Device Monitoring and Analyzing Switch Operation Page Status: Counters: Event Log Configurable trap receivers: Port monitoring (mirroring): Status and Counters Data Menu Access To Status and Counters 1. Status and Counters Figure B-1.The Status and Counters Menu General System Information Menu Access Figure B-2.Example of General Switch Information CLI Access to System Information Figure B-3.Example of Switch System Information Task Monitor—CollectingProcessor Data task-monitor cpu Switch Management Address Information 1 Status and Counters … 2. Switch Management Address Information CLI Access Port Status Menu: Displaying Port Status 1.Status and Counters … 4.Port Status Figure B-6.Example of Port Status on the Menu Interface Viewing Port and Trunk Group Statistics and Flow Control Status N o t e o n R e s e t Menu Access to Port and Trunk Statistics 4.Port Counters Figure B-7.Example of Port Counters on the Menu Interface how Details Figure B-8.Example of the Display for Show details on a Selected Port CLI Access To Port and Trunk Group Statistics To Display the Port Counter Summary Report To Display a Detailed Traffic Summary for Specific Ports To Reset the Port Counters for a Specific Port Web Browser Access To View Port and Trunk Viewing the Switch’s MAC Address Tables Menu Access to the MAC Address Views and Searches 5.VLAN Address Table Page Page CLI Access for MAC Address Views and Searches Spanning Tree Protocol (MSTP) Information CLI Access to MSTP Data Figure B-12.Output from show spanning-treeCommand Internet Group Management Protocol (IGMP) Status Figure B-13.Example of IGMP Group Data VLAN Information Figure B-14.Example of VLAN Listing for the Entire Switch Figure B-15.Example of VLAN Listing for Specific Ports Figure B-16.Example of Port Listing for an Individual VLAN Web Browser Interface Status Information Figure B-17.Example of a Web Browser Interface Status Overview Screen Interface Monitoring Features Menu: Configuring Port and Static Trunk Monitoring 3.Network Monitoring Port Figure B-18.The Default Network Monitoring Configuration Screen Monitoring Port Figure B-19.How To Select a Monitoring Port CLI: Configuring Port and Static Trunk Monitoring Displaying the Monitoring Configuration show monitor Figure B-20.Example of Monitored Port Listing Configuring the Monitor Port b5-b8 trk1 Figure B-22.Examples of Removing Ports as Monitoring Sources Web: Configuring Port Monitoring 2.Click on [Monitor Port] Locating a Device Figure B-23.The chassislocate command Page Troubleshooting Page Page Page Troubleshooting Approaches Browser or Telnet Access Problems Cannot access the web browser interface: Web Agent Enabled 5.IP Configuration 2.Switch Management Address Information Cannot Telnet into the switch console from a station on the network: Inbound Telnet Enabled Note Unusual Network Activity General Problems The network runs slow; processes fail; users cannot access servers or other devices Duplicate IP Addresses 802.1Q Prioritization Problems Ports configured for non-defaultprioritization (level 1 - 7) are not performing the specified action IGMP-RelatedProblems Port-BasedAccess Control (802.1X)-RelatedProblems The switch does not receive a response to RADIUS authentication requests radius-server During RADIUS-authenticatedclient sessions, access to a VLAN on the The supplicant statistics listing shows multiple ports with the same authenticator MAC address The Figure C-1.Authenticator Ports Remain “Open” Until Activated RADIUS server fails to respond to a request for service, even though QoS-RelatedProblems Radius-RelatedProblems Figure C-3.Examples of Global and Unique Encryption Keys Spanning-TreeProtocol (MSTP) and Fast-Uplink Problems Broadcast Storms Appearing in the Network. This can occur when SSH-RelatedProblems pub-key file client-public-key TACACS-RelatedProblems Event Log tacacs-server aaa authentication num-attempts TimeP, SNTP, or Gateway Problems The Switch Cannot Find the Time Server or the Configured Gateway VLAN-RelatedProblems None of the devices assigned to one or more VLANs on an 802.1Q Link Configured for Multiple VLANs Does Not Support Traffic for One Figure C-4.Example of Correct VLAN Port Assignments on a Link Figure C-5.Example of Duplicate MAC Address Fan Failure Using the Event Log for Troubleshooting Switch Problems Event Log Entries Figure C-6.Formatof an Event Log Entry Severity Date Time Event Number log-number System Module Page Page Page Page Menu: Displaying and Navigating in the Event Log Figure C-7.Example of an Event Log Display Table C-1.Event Log Control Keys CLI: Displaying the Event Log show logging Examples CLI: Clearing Event Log Entries clear logging CLI: Turning Event Numbering On Using Log Throttling to Reduce Duplicate Event Log and SNMP Messages Log Throttle Periods Example of Event Counter Operation Table C-2.How the Duplicate Message Counter Increments Debug/Syslog Operation Debug/Syslog Messaging Debug/Syslog Destination Devices debug destination Debug/Syslog Configuration Commands Figure C-8.Summary of Debug/Syslog Configuration Commands Configuring Debug/Syslog Operation logging facility debug destination session no debug event Tab Displaying a Debug/Syslog Configuration Figure C-9.Sample Output of show debug Command Example: logging severity Debug Command Debug Messages Page Debug Destinations ProCurve# Logging Command Configuring a Syslog Server Page no debug destination logging debug destination logging kern — auth — syslog — Adding a Description for a Syslog Server Adding a Priority Description severity system module Configuring the Severity Level for Event Log Messages Sent to a Syslog Server Major: Error: Warning: Operating Notes for Debug and Syslog ■Debug commands do not affect normal message output to the Event Log debug event ■Ensure that your Syslog servers accept Debug messages Diagnostic Tools Diagnostic Features Port Auto-Negotiation Ping and Link Tests Web: Executing Ping or Link Tests Figure C-13.Link and Ping Test Screen on the Web Browser Interface Successes Failures Number of Packets to Send CLI: Ping Test ping6 <ip-address| hostname repetitions <1-10000 timeout <1-60 Link Tests Figure C-15.Example of Link Tests Traceroute Command Ctrl traceroute6 traceroute Figure C-16.Example of a Completed Traceroute Enquiry maxttl Figure C-17.Example of Incomplete Traceroute Due to Low Maxttl Setting Figure C-18.Example of Traceroute Failing to Reach the Destination Address Viewing Switch Configuration and Operation CLI: Viewing the Startup or Running Configuration File Web: Viewing the Configuration File Diagnostics CLI: Viewing a Summary of Switch Operational Data Figure C-19.Example of Show Tech Command Saving show tech Command Output to a Text File Transfer | Capture Text Figure C-20.Capture Text window of the Hyperterminal Application Figure C-21.Entering a Path and Filename for Saving show tech Output [Start] Transfer | Capture Text | Stop CLI: Viewing More Information on Switch Operation Pattern Matching When Using the Show Command show exclude begin: Figure C-22.Example of Pattern Matching with Include Option Figure C-23.Example of Pattern Matching with Exclude Option Figure C-24.Example of Pattern Matching with Begin Option show arp CLI: Useful Commands for Troubleshooting Sessions show ip ssh command Restoring the Factory-Default Configuration CLI: Resetting to the Factory-DefaultConfiguration Clear/Reset: Resetting to the Factory-DefaultConfiguration Restoring a Flash Image Call Disconnect ii.Select File | Properties vi.Select Call | Connect File Figure C-26.Example of Xmodem Download in Progress DNS Resolver Terminology Host Name — Basic Operation Page Configuring and Using DNS Resolution with DNS-CompatibleCommands Configuring a DNS Entry Example Using DNS Names with Ping and Traceroute Figure C-29.Example Network Domain Entity: Identity: docserver Figure C-30.Configuring Switch “A” in FigureC-29To Support DNS Resolution Viewing the Current DNS Configuration show run Figure C-33.Example of Viewing the Current DNS Configuration Page Event Log Messages Message Meaning Page MAC Address Management Page Determining MAC Addresses Use the menu interface Use the CLI Menu: Viewing the Switch’s MAC Addresses Configured on the Switch: Figure D-1.Example of the Management Address Information Screen CLI: Viewing the Port and VLAN MAC Addresses Figure B-5.Example of Port MAC Address Assignments on a Switch Viewing the MAC Addresses of Connected Devices mac-address Figure B-6.Example of show mac-addressCommand Daylight Savings Time on ProCurve Switches Canada and Continental US: Middle Europe and Portugal: Southern Hemisphere: Western Europe: Figure E-1.Menu Interface with “User-Defined”Daylight Time Rule Option Page Page Power-SavingFeatures Configuring Power-Savingfor LEDs Figure F-1.Example of Setting savepower led Command savepower led Show Savepower Status show savepower led Index Symbols Numerics Page Page Page Page Page Page Page Page Page begin option … C-63