Manuals / Brands / Computer Equipment / Switch / HP / Computer Equipment / Switch

HP GbE2c SNMPv3 USM User Table information, usm, view, comm, dump, Usage, group, taddr, Field, access, tparam, notify, Command, Protocol, adminmd5, adminsha, v1v2only

1 175

Download 175 pages, 1.27 Mb

The following table describes the SNMPv3 Information Menu options.Table 8 SNMPv3 Information Menu options

Command	Usage

usm	Displays User Security Model (USM) table information.

view	Displays information about view name, subtrees, mask and type of view.

access	Displays View-based Access Control information.

group	Displays information about the group that includes the security model, user name, and
	group name.

comm	Displays information about the community table.

taddr	Displays the Target Address table.

tparam	Displays the Target parameters table.

notify	Displays the Notify table.

dump	Displays all the SNMPv3 information.

SNMPv3 USM User Table informationCommand: /info/sys/snmpv3/usm

usmUser Table:
User Name	Protocol
--------------------------------	--------------------------------
adminmd5	HMAC_MD5, DES PRIVACY
adminsha	HMAC_SHA, DES PRIVACY
v1v2only	NO AUTH, NO PRIVACY

The User-based Security Model (USM) in SNMPv3 provides security services such as authentication and privacy of messages. This security model makes use of a defined set of user identities displayed in the USM user table. The USM user table contains information like:

•the user name

•a security name in the form of a string whose format is independent of the Security Model

•an authentication protocol, which is an indication that the messages sent on behalf of the user can be authenticated

•the privacy protocol.The following table describes the SNMPv3 User Table information.Table 9 User Table parameters

Field	Description

User Name	This is a string that represents the name of the user that you can use to access the switch.

Protocol	This indicates whether messages sent on behalf of this user are protected from disclosure using a
	privacy protocol. GbE2c software supports DES algorithm for privacy. The software also supports
	two authentication algorithms: MD5 and HMAC-SHA.

Information Menu 24

Contents

Page Legal notices © 2004, 2006 Hewlett-PackardDevelopment Company, L.P Contents Command line interface Menu basics First-timeconfiguration Information Menu Statistics Menu Configuration Menu 802.1x Port configuration CIST bridge configuration CIST port configuration Bridge Spanning Tree configuration Spanning Tree port configuration Operations Menu Boot Options Menu Maintenance Menu Index Page Command line interface To establish a console connection with the switch: 1.Connect the terminal to the console port using the null modem cable 2.Power on the terminal 3.Press the Enter key a few times on the terminal to establish the connection •Management port access: Accessing the switch User—User Operator—Operators Table 2 User access levels user Idle timeout Typographical conventions The following table describes the typographic styles used in this guide: Table 3 Typographic conventions AaBbCc123 Main# Menu basics Global commands For help on a specific command, type help. The following screen displays: Global Commands: [can be issued from any menu] help print Command line history and editing Table 5 Command line history and editing options Option Description Displays a numbered list of the last ten previously entered commands Command line interface shortcuts First-timeconfiguration Setting passwords Page System# access/user/usrpw 5.Enter the current administrator password at the prompt Changing USER password; validation required 6.Enter the new user password at the prompt: Enter new user password: Information Menu System Information Menu Command: /info/sys snmpv3 - SNMPv3 Information Menu general SNMPv3 USM User Table information Command: /info/sys/snmpv3/usm usmUser Table: User Name Protocol SNMPv3 View Table information Command: /info/sys/snmpv3/view View Name Subtree Mask SNMPv3 Group Table information Command: /info/sys/snmpv3/group Sec Model The following table describes the SNMPv3 Group Table information Table 12 Group Table parameters SNMPv3 Target Address Table information Command: /info/sys/snmpv3/taddr Transport Addr Taglist Params SNMPv3 Notify Table information Command: /info/sys/snmpv3/notify NameTag v1v2trapv1v2trap The following table describes the SNMPv3 Notify Table information SNMPv3 dump System information Show last 100 syslog messages System user information The following table describes the User Name information Table 17 User Name Information menu Current User ID Table Layer 2 information Command: /info/l2 [Layer 2 Menu] fdb - Forwarding Database Information Menu FDB information menu Command: /info/l2/fdb [Forwarding Database Menu] find Link Aggregation Control Protocol information LACP dump 802.1x information The following table describes the IEEE 802.1x parameters Table 21 802.1x information Authenticator PAE State Backend Auth State Spanning Tree information Command: /info/l2/stp •Status of Uplink Fast (upfast) •Current root MAC address •Path-Cost •Port •Hello interval Rapid Spanning Tree and Multiple Spanning Tree information upfast disabled, update Spanning Tree Group 1: On (RSTP) VLANs: Current Root: The following table describes the STP parameters in RSTP or MSTP mode Table 23 Rapid Spanning Tree parameter descriptions bridges (up to the root bridge) Zero (0) indicates the root bridge of the STP bridge Common Internal Spanning Tree information Command: /info/l2/cist Mstp Digest: 0xac36177f50283cd4b83821d8ab26de62 Common Internal Spanning Tree: VLANs: 1 Trunk group information Command: /info/l2/trunk Trunk group 1, Enabled port state: 17:STG 1 forwarding 18:STG 1 forwarding VLAN information Layer 2 general information Layer 3 information The following table describes the Layer 3 Information Menu options Table 26 Layer 3 information menu options Route information Command: /info/l3/route [IP Routing Menu] - Show a single route by destination IP address - Show routes to a single gateway local broadcast addr rip ARP information Command: /info/arp [Address Resolution Protocol Menu] - Show a single ARP entry by IP address - Show ARP entries on a single port OSPF information Command: /info/l3/ospf [OSPF Information Menu] aindex - Show area(s) information OSPF general information OSPF interface information OSPF Database information menu advrtr <router-id(A.B.C.D) advertising router with the specified router ID, for example: asbrsum <adv-rtr(A.B.C.D)>| <link_state_id (A.B.C.D>|<self >|<self E2 172.18.1.8/32 via RIP user configuration IP information IGMP multicast group information tion: 1:vrid 2, 205.178.18.210, if 1, renter, prio 100, master, server 2:vrid 1, 205.178.18.202, if 1, renter, prio 100, backup 3:vrid 3, 205.178.18.204, if 1, renter, prio 100, master, proxy QoS information 802.1p information ACL information RMON Information Menu Command: /info/rmon/hist RMON History group configuration: IFOID Interval Rbnum Command: /info/rmon/alarm RMON Alarm group configuration: rLimit fLimit rEvtIdx Link status information Command: /info/link Speed Duplex Flow Ctrl Port information Logical Port to GEA Port mapping Uplink Failure Detection information Information dump Command: /info/dump Statistics Menu Port Statistics Menu Command: /stats/port <port number [Port Statistics Menu] - Show 802.1x stats brg Command: /stats/port <port number>/8021x Authenticator Statistics: eapolFramesRx eapolFramesTx eapolStartFramesRx backendNonNakResponsesFrom Supplicant Command: /stats/port <port number>/brg Bridging statistics for port 1: dot1PortInFrames:63242584 The following table describes the bridging statistics for a selected port: Table 47 Bridging statistics for port dot1PortInFrames function, including bridge management frames dot1PortOutFrames dot3StatsFCSErrors dot3StatsSingleCollisionFrames dot3StatsMultipleCollisionFrames dot3StatsLateCollisions dot3StatsExcessiveCollisions StatisticsDescription dot3StatsInternalMacReceiveErrors Command: /stats/port <port number>/if Interface statistics for port 1: ifHCIn Counters MulticastPkts—IfHCOut discarded or not sent object is a 64-bitversion of ifOutMulticastPkts Discards—IfHCOut The number of outbound packets that were chosen to be discarded even though no Command: /stats/port <port number>/rmon RMON statistics for port 2: etherStatsDropEvents:NA etherStatsOctets:0 etherStatsPkts:0 Layer 2 statistics Command: /stats/l2 [Layer Statistics Menu] FDB stats LACP statistics Command: /stats/l2/lacp <port number Valid LACPDUs received Valid Marker PDUs received Valid Marker Rsp PDUs received Clears IP statistics. Use this command with caution as it will delete all the IP statistics Displays all Layer 3 statistics Command: /stats/l3/geal3 [GEA Layer 3 Statistics Menu] ipInAddrErrors example, Class E) ipInUnknownProtos of an unknown or unsupported protocol space) The following table describes the Address Resolution Protocol (ARP) statistics: Table 59 ARP statistics arpEntriesCur arpEntriesHighWater Command: /stats/l3/dns icmpInTimestamps The number of ICMP Timestamp (request) messages received icmpInTimestampReps The number of ICMP Timestamp Reply messages received icmpInAddrMasks tcpRtoMax quantity described in RFC tcpMaxConn value tcpActiveOpens Command: /stats/l3/igmp Enter VLAN number: (1-4095) IGMP Snoop vlan 1 statistics: rxIgmpValidPkts: Command: /stats/l3/ospf/general OSPF stats Rx/Tx Stats: Pkts database Tx ls Updates Nbr change stats: Start Intf Change Stats: Timers Kickoff: send of a Hello packet) across all OPSF areas and interfaces fired across all OSPF areas and interfaces The sum total number of times the LSA Ack timer has been fired across all OSPF The total number of times the data base age (Dbage) has been fired Management Processor statistics /stats/mp [MP-specificStatistics Menu] pkt Show Packet stats The following table describes the packet statistics Table 69 MP specific packet statistics Example statistic allocs frees Page Command: /stats/snmp SNMP statistics: snmpInPkts: snmpInBadVersions: snmpInBadC'tyNames: snmpInReadOnlys The total number of valid SNMP Protocol Data Units (PDUs), which were delivered only It should be noted that it is a protocol error to generate an SNMP PDU, which as a means of detecting incorrect implementations of the SNMP Page Page Configuration Menu Viewing, applying, reverting, and saving changes Viewing pending changes Applying pending changes Reverting changes Saving the configuration Reminders >> Layer 2# vlan VLAN number 5 with name "VLAN 5" created Reminder: VLAN needs to be enabled idle <1-60 notice <1-1024character multi <1 line> <'-'to end bannr <1-80characters Page The following table describes the SSHD Configuration Menu options Table 80 SSHD Configuration Menu options intrval <0-24 sshport <TCP port number sshport telnet enable|disable secbd enable|disable usermap <0-15 user|oper|admin|none Command: /cfg/sys/ntp [NTP Server Menu] - Set primary NTP server address - Set secondary NTP server address intrval •SNMP parameters that can be modified include: •System name •System location •System contact •Use of the SNMP system authentication trap function For more details on the SNMPv3 architecture please see RFC2271 to RFC2275 The following table describes the SNMPv3 Configuration Menu options Table 85 SNMPv3 Configuration Menu options usm <1-16 configure this entry through SNMP. The range is Table 86 User Security Model Configuration Menu options name <1-32 login name that you need in order to access the switch auth md5|sha|none Configures the authentication protocol between HMAC-MD5-96or HMAC-SHA-96.The Command: /cfg/sys/ssnmp/snmpv3/access [SNMPv3 vacmAccess 1 Menu] - Set group name model - Set security model The following table describes the SNMPv3 Group Configuration Menu options Table 89 SNMPv3 Group Configuration Menu options Defines the security model uname <1-32 Sets the user name as defined in /cfg/sys/ssnmp/snmpv3/usm/name. The user Command: /cfg/sys/ssnmp/snmpv3/taddr [SNMPv3 snmpTargetAddrTable 1 Menu] - Set target address name - Set target transport address IP - Set target transport address port Table 92 SNMPv3 Target Parameters Table Configuration Menu options Configures the message processing model that is used to generate SNMP messages snmpv1|snmpv2c|snmp Selects the security model to be used when generating the SNMP messages messages are generated using this entry Command: /cfg/sys/access [System Access Menu] mgmt - Management Network Definition Menu - User Access Control Menu (passwords) Command: /cfg/sys/access/user [User Access Control Menu] uid - User ID Menu eject Port configuration Command: /cfg/port <port number [Port 1 Menu] gig - Gig Phy Menu Table 99 Port Configuration Menu options pvid <1-4095 Note name <1-64characters>|none >|none Main# /oper/port <port number>/dis Command: /cfg/port <port number>/gig [Gigabit Link speed - Set link speed Layer 2 configuration Command: /cfg/l2 - 802.1x Menu mrst - Multiple Spanning Tree/Rapid Spanning Tree Menu 802.1x Global configuration Command: /cfg/l2/8021x/global [802.1x Global Configuration Menu] Set access control mode 802.1x Port configuration Command: /cfg/l2/8021x/port <port number [802.1x Port Configuration Menu] - Set access control mode qtperiod - Set EAP-Request/Identityquiet time interval Rapid Spanning Tree Protocol / Multiple Spanning Tree Protocol configuration Command: /cfg/l2/mrst [Multiple Spanning Tree Menu] - Common and Internal Spanning Tree menu - Set MST region name Common Internal Spanning Tree configuration Command: /cfg/l2/mrst/cist [Common Internal Spanning Tree Menu] CIST Bridge parameter menu CIST bridge configuration Command: /cfg/l2/mrst/cist/brg [CIST Bridge Menu] prior - Set CIST bridge Priority (0-65535) Spanning Tree configuration Command: /cfg/l2/stp [Spanning Tree Group 1 Menu] - Bridge parameter menu - Port parameter menu The following table describes the Spanning Tree Configuration Menu options Table 110 Spanning Tree Configuration Menu options Displays the Bridge Spanning Tree Menu Displays the Spanning Tree Port Menu Associates a VLAN with a spanning tree and requires an external VLAN ID as a and the default is 15 seconds Displays the current bridge STP parameters When configuring STP bridge parameters, the following formulas must be used: •2*(fwd-1) >mxage 2 Forwarding Database configuration Command: /cfg/l2/fdb [FDB Menu] - Static FDB Menu aging Trunk configuration Page The following table describes the LACP Configuration Menu options Table 118 LACP Configuration Menu options sysprio <1-65535 timeout short|long short ena *frwd Displays the IP Forwarding Menu *nwf <1-256 Displays the Network Filter Configuration Menu *rmap <1-32 IP Static Route configuration Command: /cfg/l3/route [IP Static Route Menu] - Add static route Remove static route Address Resolution Protocol configuration Command: /cfg/l3/arp [ARP Menu] rearp Set re-ARPperiod in minutes Route Map configuration Command: /cfg/l3/rmap <1-32 [IP Route Map 1 Menu] alist - Access List number IP Access List configuration Autonomous System Path configuration rmap number path number Table 130 Autonomous System Path Configuration Menu options Routing Information Protocol configuration Command: /cfg/l3/rip [Routing Information Protocol - RIP Interface - Set update period in seconds Command: /cfg/l3/rip/if <1-256 [RIP Interface 1 Menu] version - Set RIP version supply Open Shortest Path First configuration Command: /cfg/l3/ospf [Open Shortest Path First Menu] - OSPF Area (index) Menu range The following table describes the Open Shortest Path First Menu options Table 134 OSPF Configuration Menu options range <1-16 virt <1-3 md5key <1-255characters The following table describes the Area Index Configuration Menu options Table 135 OSPF Area Index Configuration Menu options areaid <IP address areaid type transit|stub|nssa aindex <0-2 hide disable|enable enable disable delete OSPF Interface Configuration Menu options Command: /cfg/l3/ospf/virt <1-3 [OSPF Virtual Link 1 Menu] - Set hello interval in seconds Command: /cfg/l3/ospf/host <1-128 [OSPF Host Entry 1 Menu] - Set host entry IP address - Set area IGMP configuration Command: /cfg/l3/igmp/snoop [IGMP Snoop Menu] - Set report timeout mrto - Set multicast router timeout Command: /cfg/l3/igmp/mrouter [Static Multicast Router - Add port as Multicast Router Port - Remove port as Page Command: /cfg/l3/dns [Domain Name System prima - Set Bootstrap Protocol Relay configuration Command: /cfg/l3/bootp [Bootstrap Protocol Relay Menu] - Set IP address of BOOTP server addr2 Virtual Router Redundancy Protocol configuration Command: /cfg/l3/vrrp [Virtual Router Redundancy Protocol VRRP Virtual Router Virtual routers are disabled by default The following table describes the Virtual Router Configuration Menu options Table 151 Virtual Router Configuration Menu options Displays the VRRP Priority Tracking Menu for this virtual router. Tracking is a used for electing the master router Command: /cfg/l3/vrrp/vr <1-255>/track Router 1 Priority Tracking Menu] vrs - Enable/disable tracking master virtual routers ifs Table 153 Virtual Router Group Configuration Menu options is a proprietary extension to VRRP, used for modifying the standard priority system used for electing the master router Defines the virtual router ID the same as any virtual server) can be any integer between 1 and 255. All Table 154 Virtual Router Group Priority Tracking Configuration Menu options Command: /cfg/l3/vrrp/if <1-255 [VRRP Interface Set authentication types passw Quality of Service configuration Command: /cfg/qos [QOS Menu] 8021p - 802.1p Menu Table 157 QoS Configuration Menu options Access Control List configuration Command: /cfg/acl/acl <1-762 [ACL 1 Menu] ethernet - Ethernet Header Options Menu Command: /cfg/acl/acl <1-762>/ethernet [Filtering Ethernet to filter on source MAC on destination MAC proto <0-255 well-knownprotocols Number Name icmp Command: /cfg/acl/acl <1-762>/meter [Metering Menu] cir Set committed rate in KiloBits/s mbsize /cfg/acl/acl <1-762>/re-mark/inprof [Re-marking- In Profile Menu] up1p - Set Update User Priority Menu updscp Remote Monitoring configuration The following table describes the RMON Configuration Menu options Table 171 RMON Menu options Displays the RMON History Menu Displays the RMON Event Menu Displays the RMON Alarm Menu Command: /cfg/rmon/event <1-65535 [RMON Event 1 Menu] descn - Set description for the event - Set event type Port mirroring Command: /cfg/pmirr [Port Mirroring mirror Enable/Disable Mirroring Uplink Failure Detection configuration Command: /cfg/ufd/fdp [FDP Menu] ltm - Link to Monitor Menu Dump Command: /cfg/dump Configuration# dump Saving the active switch configuration Command: /cfg/ptcfg <FTP/TFTP server> <filename Restoring the active switch configuration Operations Menu Command: /oper/port <port number>/8021x [802.1x Operation Menu] Reinitialize 802.1x access control on this port Initiate reauthentication on this port now Table 183 Operations-LevelPort 802.1x Menu options Boot Options Menu Selecting a software image to run Uploading a software image from the switch Selecting a configuration block Resetting the switch Accessing the ISCLI mode iscli >>Switch# boot cli-modeaos Maintenance Menu Page Command: /maint/debug [Miscellaneous Debug tbuf MP trace buffer snap Page Page Command: /maint/uudmp To access dump information, at the Maintenance# prompt, enter: Maintenance# uudmp No FLASH dump available Command: /maint/ptdmp <server> <filename Unscheduled system dumps Index