HP PROCURVE 6208M-SX manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of HP PROCURVE 6208M-SX, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of HP PROCURVE 6208M-SX one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of HP PROCURVE 6208M-SX. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of HP PROCURVE 6208M-SX should contain:
- informations concerning technical data of HP PROCURVE 6208M-SX
- name of the manufacturer and a year of construction of the HP PROCURVE 6208M-SX item
- rules of operation, control and maintenance of the HP PROCURVE 6208M-SX item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of HP PROCURVE 6208M-SX alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of HP PROCURVE 6208M-SX, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the HP service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of HP PROCURVE 6208M-SX.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the HP PROCURVE 6208M-SX item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    installation and getting star ted guide www .hp.com/go/ hp procur ve hp procur ve routing switches 9304m, 9308m, and 6308m-sx and the hp procur ve switch 6208m-sx (software release 6.6. x and 7.1. x)[...]

  • Page 2

    Boo k 1: Installatio n and Get t ing Started Guid e for the HP ProC ur ve Routi ng Switches 9304M, 9308M, 6308M-S X a nd the HP ProCurv e S witch 6208M-SX (So ftware R eleas es 6. 6. X a nd 7.1 . X )[...]

  • Page 3

    Cop y right 200 0 Hewlett-Packard Company All right s rese rve d . R e production , adap tation or tra nsl ation wi thout pri o r w ri tten per mission is pr ohibit ed, ex cept a s a llo w ed und er the c opy right la ws. Publica t ion number 5 969-236 2 December 2000 Applica b le Produc ts HP J41 38A, HP J4 139A, H P J 48 40A, HP J4 841A T rad ema[...]

  • Page 4

    Organization of Product D o cum en t ati on Read Me First Th e “ Re ad Me Firs t ” docum ent inc lu des so ftw a r e relea se informati on, a b r ief “ Ge tting Starte d ” sect ion, an access ory p a rts li st, trouble s h oot ing tip s, operati ng not es, an d other info rma t ion that i s not inc lu ded else w h ere in the p r odu ct docu[...]

  • Page 5

    iv[...]

  • Page 6

    Safety and EMC Regulatory Statements Safety Informati on ! W ARNING CAUT IO N Groundi ng Do cum ent at ion referenc e sy mbol. If the p r odu ct is marke d with this sy m bol , refer to th e pro duc t d ocum entation t o ge t mo re inform ation about the p r oduct . A W ARN IN G i n t he m an ual denotes a h az a rd that ca n caus e in ju ry or dea[...]

  • Page 7

    Ins t allat i on and G e tting Started Guide Inform ati ons con cer nant l a séc u r ité ! W ARNING CAUTIO N Symbole de r é f é re nc e à la do cumenta t ion. Si le produi t es t ma rqu é de ce sym bole, re po rt ez -vous à la docum entati on du pr oduit a f in d'ob tenir de s informa t ions pl us d é ta i ll é es . Dans la d ocum ent[...]

  • Page 8

    Saf e ty an d EM C R egu latory Stat ement s Ge r ä teingabet erm i nals , d en N e tz k abe ln oder dem mit Strom be lieferte n Ne tzkabel satz vorau s . Sob a ld Gr und zur Annahme beste h t, da ß der Sch u tz be ein tr ä ch tigt w o rden is t, d as Ne tzka bel aus d e r W andste ck dos e he rau szie hen , bis d ie Erdung w i ederhe r gestel l[...]

  • Page 9

    Ins t allat i on and G e tting Started Guide Consideraciones sobre se guri dad ! W A RNING CAUTION S í mbol o de refere nci a a la documentac i ó n. Si el prod ucto va ma rcado c on e ste s í mbolo , c onsul tar la d ocum entaci ó n del pr oducto a f in de o b tener mayor inf o rm ac i ó n s obr e e l pr oduct o. Un a W A RNING e n la documen [...]

  • Page 10

    Saf e ty an d EM C R egu latory Stat ement s Safety Information (Ja pan) ix[...]

  • Page 11

    Ins t allat i on and G e tting Started Guide Safety Information (China) Laser s The G igab i t-SX and Gi gabit-L X Modules are C lass 1 Laser Pr oducts . La ser Kl asse 1 The m od u les c omply wi th I EC 82 5-2: 199 3 x[...]

  • Page 12

    Saf e ty an d EM C R egu latory Stat ement s EMC Reg u latory Statem ents U.S.A. FCC Cl ass A This eq uip men t h as been t est ed and fou nd to c omply wi th the l imi ts fo r a C l ass A d igi tal devi ce, pursu ant to Part 15 of the FC C Rules. Thes e l imi ts are designed to pro vi de re asonabl e pro t ectio n a gains t interf erence w hen the[...]

  • Page 13

    Ins t allat i on and G e tting Started Guide xi i[...]

  • Page 14

    Conte n ts S AFETY AN D EMC R EGULA T ORY S TATEMEN TS ... ........ ....... ....... ....... ....... ....... v S AFE TY I NFORM A TION ....................... ................... .................... ................... ................... .................... ...... ...... V G ROUNDING .................. ................... ..................[...]

  • Page 15

    Ins t allat i on and G e tting Started Guide I NS TALLATIO N ..... .......... ....... ....... ........ ....... ....... ....... ....... ........ ....... ....... ..... . 2 -1 U NP ACKI NG A S YSTE M ...................... ................... .................... ................... ................... .................... ...... . .. 2- 1 P AC KA [...]

  • Page 16

    S ECU R ING A CC ESS ....... ....... ....... ........ ....... ....... ....... ....... ........ ....... ....... ..... . 3 -1 S E CURING A CC ESS M ET HODS ........... ................... .................... ................... ................... .................... ......... 3- 2 R ES TR IC TING R EM OTE A CCE S S TO M AN AG EMEN T F U NCTIONS[...]

  • Page 17

    Ins t allat i on and G e tting Started Guide C ONFIGU RI NG S E CUR E S HELL ..... .......... ....... ....... ........ ....... ....... ....... ....... ... . 4-1 S ETT ING THE H OS T N AM E AN D D OM AIN N AM E ...... .................... ................... ................... .................... ......... 4- 2 G EN ER AT ING A H OST R SA K EY [...]

  • Page 18

    R EP LACING THE S TARTUP C ONFIGURATION WITH THE R UNNING C ONFIGURATION ................... ................ 6- 5 R EP LACING THE R UNNING C ONF IGURATION WITH THE S TARTUP C ONFIGURAT ION ................... ................ 6- 5 L OGGING C HANGE S TO TH E S TA RTUP -C ONFI G F IL E ....................... .................... ...................[...]

  • Page 19

    Ins t allat i on and G e tting Started Guide S TAT IC MAC E NTRI ES .. ................... .................... ................... ................... .................... ................... . 7-15 S TANDARD S PA NNING T RE E P ROTOCOL (S TP ) ..... ................... ................... .................... ................... . 7-15 ST P E NHA[...]

  • Page 20

    F AN S ......... ................... ................... .................... ................... ................... .................... . .................. ... 8- 8 LE D S . ....... ................... ................... .................... ................... ................... .................... .. .................... 8- 9 P ORTS ......[...]

  • Page 21

    Ins t allat i on and G e tting Started Guide H ARDWA RE S PE CIFICATION S ... ....... ....... ....... ....... ........ ....... ....... ....... ....... ... .A-1 E LE CTRI CAL S PE CIFI CA TIONS .................. .................... ................... ................... .................... ................... .. A-1 P H YSI CAL S PE CIFICA T [...]

  • Page 22

    Chap ter 1 Getting Started Introductio n This gu ide describe s how to inst all , c onfi gur e, and monitor th e follo wi ng devi ces : • HP Pro C urv e Ro uting Sw it ch 9308M • HP Pro C urv e Ro uting Sw it ch 9304M • HP Pro C urv e Ro uting Sw it ch 6308M-SX • HP Pro C urv e Sw it ch 62 08M-SX This gu ide also des c r ibe s how to m oni [...]

  • Page 23

    Ins t allat i on and G e tting Started Guide T ermi nology The f o llowin g table de fin es basic pro du c t t e rms u sed in this gui de . Product T e rms T e rm De finit i on chassi s or Ch assis dev i ce A switch o r routing switch t hat a ccept s o p tio nal modul es or po w e r supplie s. The HP 9304M routin g s w itc h and H P 9308M ro uting [...]

  • Page 24

    Ge tting Starte d me thod for e l ectro n ically searc h ing e i the r indi vid ual c hap ters or an enti r e m an ual for sp ecific topic s. Fo r a br ief des cr iption of the CD con t ents and ho w to u se the CD to sa ve tim e, do t he f o llowing: 1. Insert th e CD i n y our PC ’ s CD-ROM d rive. 2. Usin g t h e f ile manage r in yo ur PC , s[...]

  • Page 25

    Ins t allat i on and G e tting Started Guide • BGP4 re-ad ver tis es BGP rou t es even w hen O SPF or RI P rou t es to the sa me desti nation have a l owe r c ost • Re dist ri bu tion ch ange s ta ke pl ace imme di ately • Op tion to r edistribute Intern al BGP (IBGP) rou t es into R IP and O SPF • Dy namic BG P4 route ref r es h • BGP4 r[...]

  • Page 26

    Ge tting Starte d • Super Aggregat ed VLAN s • Support fo r simultaneous T e lne t c onf igu r ati on by multi p le users • New CLI comma nd for disp la ying dyn amic me mory utilizati o n • SNM P V2 vi ew • Enhance ment to s how de fault value s comm and • CLI enhan ceme nts to t he sta r tup - config and ru nning- con f ig fil e s •[...]

  • Page 27

    Ins t allat i on and G e tting Started Guide 1 - 6[...]

  • Page 28

    Chap ter 2 Installatio n This ch apter o u tline s t he p hysical in stall a ti on a nd net wo rk co nnecti on for t he H P 9304M , H P 9 308M, and HP 6 308M-SX rout ing sw it ches and th e H P 6 208M-SX switch . Unpacki ng a S ystem P ackage C onte n ts For a lis t o f in cluded p a rts , please refe r to the Re ad Me Fir st docum ent sh ipped wi [...]

  • Page 29

    Ins t allat i on and G e tting Started Guide In stallat i on Pr ocedures Summ ary Follow the s t ep s l ist ed below to install your routing s w itc h. De tails fo r each of the s te ps hig h li ghted below ar e pr ovide d in the bala nce of thi s chap te r . 1. Prepar ing the installat i on s i te (page 2-4 ) . Ensure that th e p hysic al en viron[...]

  • Page 30

    Installa tio n 13 . Cha ssis devic es only – Swapping Module s (pa ge 2-25 ) . If you a r e remo vin g a mo dule a nd pla ci ng a modu le of another typ e in its slo t, y ou need t o re con f igure the chassis sl ot for the modul e. In sta lla tion P r ecau tions Follow these pre c au tions when in stall i ng an H P sw itc h or rou t ing switch: [...]

  • Page 31

    Ins t allat i on and G e tting Started Guide 1. Pre parin g the In stallation Site Cabling Infrast r ucture Ensure th at the p r oper cabl ing is in stalled in the site. See “ Ha rdware Ov erview ” on pa ge 8- 1 f o r a su mmar y of s upporte d c ab lin g types a nd the i r specif ica t ions . Ins t allation Loca t ion Before ins ta lling the d[...]

  • Page 32

    Installa tio n Fi gure 2.1 I ns ta lling a Modu le Rem o ving Modules T o remo ve a m od u le from the c ha ssis, do the fol low ing : 1. Put on an ESD wr ist s t rap and at tac h the c lip e nd t o a metal su rface (e .g. an equ ipm ent rac k) to a ct as gr ound. WA R NING: T o avoid ris k of s hock, do not attach the cl ip end to the air flo w pa[...]

  • Page 33

    Ins t allat i on and G e tting Started Guide 3. In stalling (or Remo vi ng) Redund ant Pow er Sup p li es (Chass is Devices Onl y) Determining Po wer Supply Status If you a r e repla ci ng a po we r supply tha t has fai l ed an d you are n ot sure which su pply h as fai led , e n te r the follo w ing comma nd a t an y CL I c omma nd prompt : s how [...]

  • Page 34

    Installa tio n Fi gure 2.2 I ns ta lling a Pow e r S u pply Rem o ving P o wer Supplies T o remo ve a p o wer sup ply modu le from the c hassis, do the fol lowing: CAUTION: Pow e r s up p lies are h o t s w app able but the y s hould b e discon nected from AC pow er bef ore b e in g in stall ed or re moved. T hat is , the routin g s w itc h can be [...]

  • Page 35

    Installat ion and Getting Started Guide 2 - 8 Figure 2.3 Example of the front panel of an HP 9308M routing switch Figure 2.4 Example of the front panel of an HP 9304M routing switch 4. V erifying Proper Operation After you have installed any mod ules or redun dant pow er suppli es, but before mo unting the rou ting sw itch in i ts network l ocation[...]

  • Page 36

    Installa tio n NOTE: Chassis dev ices onl y – If your device h a s m o re tha n o ne p ow e r s upp ly insta lled, repe at this procedure f o r ea ch power supp l y . 1. Connec t the pow er co rd s upp li ed wi th the devic e t o th e po we r c on nector fou nd o n the p ower suppl y o n th e fro nt of th e d evi ce . 2. Insert th e other end in [...]

  • Page 37

    Ins t allat i on and G e tting Started Guide • Parity: Non e • Sto p bi ts: 1 • Flow cont rol : N one Att a ching a P C or T e rminal Using a Direct LAN Connection T o a ttac h a m ana gement s t ation using a d i rec t LAN connect ion : NOTE: Use this procedure if y ou are unabl e to make the se ria l c onnectio n de scribed above . Importan[...]

  • Page 38

    1 2 3 4 5 6 7 8 9 1 2 3 4 5 6 7 8 9 1 2 3 4 5 6 7 8 9 1 2 3 4 5 6 7 8 9 Installa tio n Y o u can cu sto mize the pro mpt by cha ngi ng the sy st em name . Se e “ En tering Sys t em Adminis t ration Informati on ” on page 9-3. If you d o not see one of thes e prompts : 1. Make su re the cable is secu rel y con nec ted to yo ur PC a nd to the H P[...]

  • Page 39

    Ins t allat i on and G e tting Started Guide 6. As signing a Pe rman en t Passwor d CLI access does not req u ir e a pa ss wo rd by defa ul t. If yo u wa nt to config ure a pass wo rd, y ou must us e the CL I. A pa ss wo rd ca nnot b e as si gned through the We b m an age ment i n te rface. The C L I c onta ins the followin g ac cess leve ls : • [...]

  • Page 40

    Installa tio n Ho w to Reco v e r F rom a L ost P ass word Recove ry fro m a lo st passw or d requi res di rec t ac ce ss to the se ria l po rt and a s yst em res et of t he devic e. NOTE: Y ou can p e rfo r m t h is pro ce dure only from the C L I. T o re cove r from a los t pass word : 1. Sta r t a CL I s essi on over th e s e rial i n terfac e t[...]

  • Page 41

    Ins t allat i on and G e tting Started Guide 5. Set the IP a n d ma sk addres se s. HP9300(config)# int e 1/5 HP9300(config-if-1/5)# ip address 192.22.3.44 255.255. 255.0 NOTE: Y ou can use t h e sy nt ax, ip add r ess <ip-addr> / <mask-b i ts> i f y ou know the s ub - net m ask l eng th. In the abov e e xampl e, you c ould e n te r ip [...]

  • Page 42

    Installa tio n or Syntax : [no ] ip addres s <ip - ad dr>/< mask- bits> Syntax : ip defaul t-gatew a y <i p-addr> 8. Mounting th e Device T he H P sw it ch and rou t ing s w itc he s can be ins t al led on a d esk top o r in a ra ck . WA R NING: The H P 930 4M chassis exc eeds 4 0 lbs. (18 kg), o r 47 .7 l bs. (21.6 k g ) w h en f[...]

  • Page 43

    Ins t allat i on and G e tting Started Guide Figu re 2. 7 In s tal ling an HP 9304M ro uting sw it ch in a rack mo u nt Rack Mount Inst allat ion – HP 6208M - SX or HP 6 308M- SX NOTE: Y ou need a #2 Phillips-head s c re wd riv e r f o r i n stall a tion. 1. Remove the rac k moun t k it from th e s h ippin g ca rto n. The kit cont ain s two L-s h[...]

  • Page 44

    Installa tio n 9. C onnecti n g Power to the D e vic e Wi th phy sical i n st all a ti on of the s w itc h or ro uting s w itc h comple te, it is now tim e to po we r u p th e s yst em an d c onnec t the n etwork de vices. CAUTION: There is no se para t e o n /o ff pow er sw i t ch for the device. The de vice is pow er ed on w hen the po wer co rd [...]

  • Page 45

    Ins t allat i on and G e tting Started Guide Connectors • 10 /10 0 Ba seT X po rts come wi th RJ45 jack s for s t an dard un shiel ded tw is te d p a ir (U TP /Categor y 5 ) cabl e c onnec tio ns. • 1 00Ba seF X po rts co me equip ped wi th MT -RJ connecto rs. • 1 000Bas e SX p o rts co me eq uipped wi th SC c onnec tors . • 1 000Bas eLX po[...]

  • Page 46

    Installa tio n T a bl e 2. 1 F ib er ca bl e l e ng th su mmary table Fiber T y pe Co re Di ameter (micron s) M odal Ba ndw id th (MHz*k m) Mi nimu m R a ng e (mete rs) 1 000Bas e -SX M MF 62 .5 16 0 2 – 20 0 a MM F 62.5 2 00 2 – 27 5 b MM F 50 40 0 2 – 50 0 MM F 50 5 00 2 – 55 0 c 1 000Bas e -LX MM F 62 .5 50 0 2 – 55 0 MM F 50 40 0 2 ?[...]

  • Page 47

    Ins t allat i on and G e tting Started Guide Cat-5 Crossov er Cable 1000BaseT 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 1 8 Figu re 2. 1 1 UTP crossover cab le for 1000BaseT NOTE: The 802. 3ab standard cal ls for autom atic n ego tia t ion of the connecti on bet w een two 1 00 0 Bas eT port s. Conse quentl y , a cro s sove r c abl e m ay no t b e re quired; [...]

  • Page 48

    Installa tio n Syntax : pi ng < ip add r> | <host name> [so u rce < i p a ddr >] [c ount <num >] [tim eou t < msec> ] [t tl <num >] [si ze <byte>] [quiet] [nu mer ic] [no - fragment] [ve r ify ] [data <1- t o-4 byte h ex> ] [b rief ] See th e Co mmand Li ne Inte rface R e ference fo r information abo [...]

  • Page 49

    Ins t allat i on and G e tting Started Guide en ter part of a c omma nd, the n enter “ ? ” o r pre ss T a b, t he CL I l i st s the o p tions y ou can en ter at this point in the comma nd string. If yo u e n ter an inv al i d c omm and fol l owed by ?, a me ssage ap pears ind ica tin g t he c omm and w as unreco gnize d. For exam ple: HP9300(co[...]

  • Page 50

    Installa tio n T a ble 2.2: CLI Line Ed iting Command s (Continue d) Ct rl-E Moves to the e nd of the c u rrent com m and line. Ctrl-F Move s th e c urs or forw ar d on e ch ar acter . Ct rl-K Dele tes all chara c ters fro m the c u rs or to the en d of t he c omma nd line. Ct rl-L; C trl -R Rep eats the c u rre nt c omm and line o n a ne w line. C[...]

  • Page 51

    Ins t allat i on and G e tting Started Guide As an al ternativ e to u si ng t he SN MP communi t y s t rings to log in , you can c onfi gu r e the d e vice to secure W eb man ageme nt ac ce ss using lo cal user ac coun ts, a RADIUS aut hentic a ti on s e rver , or a T ACACS /T ACACS+ s e rve r . Se e “ Secu ring Acc es s Method s ” on page 3 - [...]

  • Page 52

    Installa tio n 5. Enable or d i sabl e ele men ts on th e W eb m an age ment interfa c e by c licki ng on the ap propria t e rad i o b u ttons on the pane l. The fol l ow i ng figure i den tif i es the el emen ts y ou ca n c ha nge . Front Panel Front Pane l Pa ge Me nu Bottom Fra me Menu F r am e M enu T y pe (T ree Vi ew Fram e shown ) NOTE: The [...]

  • Page 53

    Ins t allat i on and G e tting Started Guide NOTE: If the slot has neve r conta i ne d a modul e or you are sw ap pin g in exa c tly the same type o f modu le, you do no t need to use th e m odule c o mmand. The slot requ ires c onf igu r ati on o nly if it has al rea dy be en c onf igured for a noth e r t ype of mo dule. USING THE CLI T o a dd a m[...]

  • Page 54

    Installa tio n T a ble 2. 3: Module O p tio ns (Co ntinu e d) Unmanag ed m od u le s J 4842A Pro C urv e 93 00 100 0Base-T M odule (8-port) 8-port- gig - co pper-modul e J 4140A HP Pro C urv e 9 300 10/100 M odule (24 - port ) 24-po r t-co pper-module J 4142A HP Pro C urv e 9 300 100Bas e F X M odule (24 - port MT -RJ) 24-po r t-10 0fx - modul e J [...]

  • Page 55

    Ins t allat i on and G e tting Started Guide USING THE WEB MAN A GEMENT INTE RF ACE� T o conf ig ur e a ch assis slot for a modu le: 1. L og on to t he dev ic e usi ng a val id us er n ame and pass wo rd for read -write ac cess . The Syste m con f igurat ion p anel i s disp laye d. 2. Cl ick on th e Modu le link to disp lay th e Mo du le panel, a[...]

  • Page 56

    Installa tio n 14. Next Steps Once t he i ni t ial insta lla tio n st ep s are com ple ted, y ou can p r oceed wi th enabl ing rou t in g protocols a nd config uring sp ecific fe at ur es on the sw it ch or ro ut ing sw it ch es as de sc ri be d i n “ C onfigu r ing Bas ic Featur es ” on page 9 - 1. Conf igura t ion detai l s for a ll rou t ing[...]

  • Page 57

    Ins t allat i on and G e tting Started Guide 2 - 30[...]

  • Page 58

    Chap ter 3 Securing Acces s This ch apter o u tline s t he p hysical in stall a ti on a nd net wo rk co nnecti on for t he H P 9304M , H P 9 308M, and HP 6 308M-SX rout ing sw it ches and th e H P 6 208M-SX switch . The H P 930 4 M, HP 9308M , and HP 6308M-SX ro uting s w itc hes a nd the HP 6208M -SX s w itc h pr ov ide the follo w ing me thods fo[...]

  • Page 59

    Ins t allat i on and G e tting Started Guide Securing Access Methods The f ollowin g table lists th e m an age ment a ccess met hods a va ilable on an HP device, ho w the y ar e s ecu red by de fau l t, and th e way s in wh ic h they ca n b e secu red . T a ble 3. 1: W a ys to secur e man a gemen t access to HP dev i ce s A ccess method Ho w t h e [...]

  • Page 60

    Se cu ring Ac cess T a ble 3 . 1: W ays to secu re ma nag e ment acce ss to H P devic es (C ontin ued) We b m an ageme nt a ccess SN MP read or read- writ e c omm unity st rings Re gulate W eb man agem ent acc e ss using ACLs 3- 4 Allo w We b m an age ment a cces s only from spe cif ic IP a ddress es 3- 5 Allo w We b managem ent ac ce ss only to c [...]

  • Page 61

    Ins t allat i on and G e tting Started Guide Using a n ACL to Res tri ct T e lnet Acces s T o conf igu r e a n ACL tha t res t ricts T e lnet a ccess to the d evice , e n ter comman ds such as the fol l owing: HP9300(config)# access-list 10 deny ho st 209.157.22.32 log HP9300(config)# access-list 10 deny 20 9.157.23.0 0.0.0.255 log HP9300(config)# [...]

  • Page 62

    Se cu ring Ac cess HP9300(config)# access-list 30 deny 20 9.157.25.0 0.0.0.255 log HP9300(config)# access-list 30 deny 20 9.157.26.0/24 log HP9300(config)# access-list 30 permit any HP9300(config)# snmp-server community public ro 25 HP9300(config)# snmp-server community private rw 30 HP9300(config)# write memory Syntax : snmp -s erve r c omm unity [...]

  • Page 63

    Ins t allat i on and G e tting Started Guide Rest ricting R e mote Access to th e D e vic e to Sp eci fic V LAN IDs Y o u can r e st ric t m ana gement ac ce ss to an HP device to p o rts wi thin a s pec ific port-based VLAN . VLAN-base d access cont rol app lies to the f o llowin g a ccess me thod s: • T e lnet acc ess • Web manag ement ac ces[...]

  • Page 64

    Se cu ring Ac cess Dis a bling Specific Access Me thods Y o u can s pecif ic ally dis able the follow i ng a c cess met hod s: • T e lnet acc ess • Web manag ement ac cess • SNMP acce ss NOTE: If y ou disa ble T e l net a ccess , you w ill not b e able to ac cess t he C L I ex c ept th rough a serial c on necti on to the mana gemen t module. [...]

  • Page 65

    Ins t allat i on and G e tting Started Guide Setti ng Passw or ds Pass wo rds c an be u sed to se cure t he f o llowing a c cess met hod s: • T e lnet acc ess ca n be se cured by settin g a T e lnet p a sswo rd . Se e “ Setti ng a T eln et Password ” on pag e 3-8. • Ac cess to the Privilege d EXEC and CONFI G lev els of th e CLI ca n be s e[...]

  • Page 66

    Se cu ring Ac cess Setting Passwords for Management Privilege Levels Y o u can s et one pass wo rd for e ach of th e follo wi ng mana gement pri v il ege l eve ls : • Super U s er lev el – Allows c omp lete r ead-and-write acce ss to the syst em . This is genera lly for sy st em admi nistra tors and i s t he only m an age ment p r ivilege lev e[...]

  • Page 67

    Ins t allat i on and G e tting Started Guide Y o u can g r an t addit i onal acc ess to a pri vil ege l eve l o n an i ndivi dual c omma nd basis . T o gr ant the ad dit i on al access , y ou sp ecify th e privi le ge l evel yo u are enhancing, the CL I l evel tha t co nta i ns th e c omma nd, and th e i ndivi dual c omma nd. NOTE: This featu r e a[...]

  • Page 68

    Se cu ring Ac cess 4. Enter no pa ssword at th e p r om pt. (Y ou canno t abbre v iate this comma nd. ) This co mmand will cau se the de vice to by pass the syste m passw ord check. 5. Enter b oot s yste m fl ash prima ry at th e p r om pt . 6. Aft e r the c ons ole p r ompt reap pears, assig n a ne w pas swor d. Disabl i ng P a ss word Encr yption[...]

  • Page 69

    Ins t allat i on and G e tting Started Guide This comma nd ad ds a loc al user acco unt with t he user name “ w onk a ” and the passw ord “ wi lly ” . Th is acc oun t h as the Super Us er priv ilege level; t h is user has fu ll a ccess to a ll con f igurat ion and d i splay featu r es . NOTE: If yo u configu r e l oca l u ser acco unts, you[...]

  • Page 70

    Se cu ring Ac cess 4. Enter the u s er na me in the User Name fiel d. T he nam e c an not conta i n b lan ks . 5. Enter the p a sswo rd i n the Pa ss wo rd f i el d. The pass wo rd c an not co nta in bla nks. 6. Selec t the man agem ent p r iv ilege le vel from the Privile ge p u lldow n menu. Y ou can s ele ct o ne o f the foll owing: • 0 (Read-[...]

  • Page 71

    Ins t allat i on and G e tting Started Guide En cryption of S N MP Co mm unity S t ri ng s Th e sof twa re autom a tically encr yp ts SNMP commun ity st rin gs. Us ers wi th read-on ly access or who do not hav e access to m ana gement fu nction s in the CL I cannot d i sp la y the string s. For u ser s w i th r ead-write acce ss, th e st rin gs are[...]

  • Page 72

    Se cu ring Ac cess Displaying the S N MP Community S t ri ng s T o disp lay t he c onf ig ured co mmunity st ring s, enter t he foll owing c omma nd at a n y CL I l ev e l: HP9300(config)# show snmp server Syntax : show snmp se rver See th e Co mmand Li ne Inte rface R e ference fo r an example of the inf o rmation d i sp laye d by the c omma nd. N[...]

  • Page 73

    Ins t allat i on and G e tting Started Guide 2. Selec t th e C o mmun ity Strin g li nk to di splay the SN MP Commu n ity String panel, as s how n in the fol l ow i ng ex ample. Thi s example sho w s t he tabl e l ist ed for a syst em th at i s conf igu r ed only wi th the def ault rea d -only commun ity st ri ng “ pu bl ic ” . 3. Selec t th e [...]

  • Page 74

    Se cu ring Ac cess • Web manag ement ac cess • Ac cess to the Privilege d EXEC l evel and CONFIG lev els of th e CL I The T ACACS a nd T ACACS+ prot ocols defin e how au the n ti cat i on , autho r iz ation, and acco unting informati on is s ent be tween an HP devi ce and an authentic a tion databa se on a T ACACS /T ACACS+ s e rver . T ACACS /[...]

  • Page 75

    Ins t allat i on and G e tting Started Guide T ACACS + Au thentication W hen T ACACS + authe n tic ati on tak es place, t he f o ll owing e v ents occur: 1. A u ser att emp ts to gain a cces s to the H P d e vice by doing one o f th e follo wi ng : • L ogging into t he d evice usin g T el net, SSH, o r the W eb m a n age ment i n te rfac e • En[...]

  • Page 76

    Se cu ring Ac cess 3. If the ev ent re quires T A CACS+ a cc ountin g, the HP device send s a T A CACS+ Ac c ountin g Sta r t p acket to the T ACACS + a ccoun tin g se rver , co nta i ni ng info rmation a bout th e e v ent. 4. The T ACACS+ acc oun ti ng server ackno w led ges the Ac coun ting Sta r t pa cket. 5. Th e T ACACS + acc oun ti ng server [...]

  • Page 77

    Ins t allat i on and G e tting Started Guide User enters s yst em co mman ds (for exam ple , relo ad , boot system ) Co mmand autho r iz ation (T ACACS+): a aa a u tho r ization c o mmands <p rivilege- lev el> default <meth od-l ist> Co mmand account ing (T ACACS+): a aa a ccoun ti ng c omm and s < p riv il ege-le v el > d e fault[...]

  • Page 78

    Se cu ring Ac cess 2. Set optio nal pa ram e ter s. See “ Setting Op tional T A CACS/T ACACS+ Parameters ” on page 3-21 . 3. Conf igure authentic a tion-m et hod lists . Se e “ Co nfi guring Auth enti cat ion-M e thod List s for T ACACS/ T A CACS+ ” on p age 3-2 2. 4. Op tionall y conf igure T ACACS+ aut hori zat io n. Se e “ Co nfiguri n[...]

  • Page 79

    Ins t allat i on and G e tting Started Guide • T i meout – This param e ter spec ifie s how many seconds the HP de vice wa its for a r e sponse from a T ACACS/ T ACACS + s e rver befo r e e i th er retrying the aut hentic a ti on request, o r det erm i ning tha t the T ACACS/ T ACACS + s e rvers are unavail able and movin g on to th e next auth[...]

  • Page 80

    Se cu ring Ac cess W hen yo u conf igu r e a u th enti cat ion-m e thod l ists for T ACACS /T ACACS+ auth ent icati on, you m ust create a s eparate authe n tic ati on-m et ho d li st for T elne t/SSH CLI ac cess , and fo r ac cess to the Privilege d EXEC l evel and CONFIG leve ls of the CLI. T o cr eate a n au the n tica tio n -method l ist th at [...]

  • Page 81

    Ins t allat i on and G e tting Started Guide T a ble 3 . 2: A u thenti cation M e tho d V a lues (Conti nued ) radius Authenti ca t e u si ng the database on a R ADIUS se rver . Y ou also must ide n tify the serve r to t he devic e u si ng t he radius-serv e r comma nd. non e D o not u se any authe n tica tion me tho d. The devic e auto mat ical ly[...]

  • Page 82

    Se cu ring Ac cess Y o u enable T ACACS+ com m and autho r ization b y specif ying a privi le ge l evel w hose c omm ands requi re au tho r iz ation. Fo r example, to c onfi gur e the H P d evice to pe rform au tho r iz ation for the com m and s ava il abl e a t the Super Us er privil ege leve l (th a t i s, all comma nds on the device) , enter the[...]

  • Page 83

    Ins t allat i on and G e tting Started Guide HP9300(config)# aaa accounting system default start-stop tacacs+ Syntax : aa a ac c oun tin g syst em de fau l t s t art-st op radi us | t a cacs+ | none Configuring an Interfa ce as the Sourc e for All T ACACS/T ACACS+ Packet s Y o u can d esi gnate the lo west -numbered IP addre ss configur ed a n Ethe[...]

  • Page 84

    Se cu ring Ac cess The f o ll owing table de scrib es the T AC ACS/T ACACS+ informati on dis pl ay ed b y t he show a aa com m and . T a ble 3 .3: Ou tput o f the s how a aa comman d for T ACACS/T ACACS+ Field D escript i on T acacs+ key The se tting configure d wi th t he tacacs-s erver key comm and. At the Sup e r U s er pr ivile ge lev el , the [...]

  • Page 85

    Ins t allat i on and G e tting Started Guide NOTE: The ke y param e te r a pplies onl y to T ACACS + se rve r s, n o t to T ACACS se rvers . If you ar e configuri ng for T ACACS authe n tic at i on, do no t configur e a key on the T ACACS se rver and d o n o t e n ter a k ey on th e H P de vice . 10. Cli ck Ap ply if you chan ged an y T ACACS /T AC[...]

  • Page 86

    Se cu ring Ac cess 17. Sel ect th e type of acces s for wh ich y ou are def ining the auth en t ication m et hod li st from the Ty pe fie ld ’ s pu lldow n menu . Eac h typ e of ac cess mu st have a separate authe n tic ati on-me t hod list . For ex ample, to de fin e t he a u thent ication-m e thod list for lo gging int o the C LI, se lect Login[...]

  • Page 87

    Ins t allat i on and G e tting Started Guide The authori z at ion me thod you select ed are d isp layed in th e tab l e at the top of the dialo g . Each ti me you a dd an autho r ization m et hod for a g i ve n a ccess type , th e s o ft wa re a ssigns a s eq uence num ber to the ent ry . W hen aut hori zat ion i s pe rfo r me d, the s o ft wa re t[...]

  • Page 88

    Se cu ring Ac cess Configuring RADIUS Security Y o u can u se a Re mote Authe n tication Dia l In Use r Servic e (RADI US) se rve r to sec u re th e follo wing types of access to th e HP swi t ch or ro ut ing swi t ch : • T e lnet acc ess • SSH access • Web manag ement ac cess • Ac cess to the Privilege d EXEC l evel and CONFIG lev els of t[...]

  • Page 89

    Ins t allat i on and G e tting Started Guide RADIUS Authorization W hen RADIUS au tho r ization ta ke s pla ce, the fol low ing events o ccu r: 1. A u ser pre vi ous ly authe n ticat ed b y a R ADIUS s e rver e n te rs a comm and o n the H P device. 2. The H P device l ook s at i ts con f ig ura t ion to see if the co mmand i s at a privil ege leve[...]

  • Page 90

    Se cu ring Ac cess Us er logs in us in g T eln et /SSH Lo gin au th en ticati on : a aa a u th entic ation logi n d e fault <metho d-l i st > EXEC a ccoun ting St art: a aa a ccoun ti ng e xec de fa ult sta r t-s t op <m ethod-l ist> System accounti ng Start: a aa a ccoun ti ng s ys te m d e fault sta r t-s t op <meth od-l ist> Us[...]

  • Page 91

    Ins t allat i on and G e tting Started Guide RADIUS Configura t ion Conside r at io ns • Y o u m ust deplo y at l east one R ADIUS server in your network . • HP devices suppo rt authe n ticat i on usin g up to eig h t R ADI US serve r s. The devic e tries to us e the s e rvers in th e orde r you add them to the d evice ’ s con f ig ura t ion [...]

  • Page 92

    Se cu ring Ac cess HP ’ s V en dor-I D is 1 1 , w i th V endor-T ype 1. The fol l ow i ng table d e sc ribes the H P v end or-specif ic attribu t es . T a ble 3.4 : HP vendor-spec i fic attribu t es for RADIUS Attribute N a me Attribute ID Data T y pe Desc ri ption hp -privile ge-l evel 1 intege r S pecifi es the pri vil ege l evel for the u s er[...]

  • Page 93

    Ins t allat i on and G e tting Started Guide Th e ho st <i p - addr > | <serv e r-name> para met er i s either a n IP addres s or an ASCII tex t st ring . The <auth - port> p a ram ete r i s the Au the n ticat i on port number; i t is an op tio nal pa ram e te r . T he defa ult is 16 45. The < ac c t-p o rt> para met er is t[...]

  • Page 94

    Se cu ring Ac cess W hen yo u configu r e a u th enti cat io n-m e thod l i sts for R AD IUS, you m ust cr eate a separa t e a u th enticatio n-m e thod list for T e lne t or SSH CLI a ccess and for CL I a ccess to the Pri v ileged EXEC lev el and CONFIG le vels of the CL I. T o cr eate a n au the n tica tio n -method l ist th at s pec ifies RADIUS[...]

  • Page 95

    Ins t allat i on and G e tting Started Guide T a ble 3 . 5: A u thenti cation M e tho d V a lues (Conti nued ) non e D o not u se any authe n tica tion me tho d. The devic e auto mat ical ly per mits ac cess . Method Param e ter D esc ription NOTE: For e x am ples of ho w to defi ne authentic a ti on-me t hod list s f o r type s of a u thent ica t [...]

  • Page 96

    Se cu ring Ac cess Conf ig uring RADIU S Account ing for CLI Commands Y o u can c onf ig ure RADIUS ac count ing for CL I c omma nds by s pecif ying a pri v il ege l eve l w h ose c omma nds require a c c ountin g . For e xa mpl e, to con f igure the HP devic e to p e rfo r m R ADIUS ac cou n ti ng for t he c omm and s av ailable at the Super U ser[...]

  • Page 97

    Ins t allat i on and G e tting Started Guide The c ommand s in this ex ample c onfi gure v i rtu al inte rface 1 , assi gn IP addre ss 10.0.0.3/ 24 t o the i n ter f ace, then de sign ate the int e rfa ce as the sourc e for al l R ADIUS packets from the rou t ing s w itc h. Syntax : ip rad i us s ourc e -inte r fac e et hernet <po r tnu m> | [...]

  • Page 98

    Se cu ring Ac cess T able 3.6: Outp ut of the s how a aa c ommand for RADIUS c onnec tio n The c u rre nt c on nec tio n st atus . is ca n b e “ no c onnec tion ” or “ conne cti on ac tiv e ” . Field D escript i on Th Th e s how web com m and disp lay s the priv ilege leve l o f W eb m an age ment interface u s er s. For example : HP6208(co[...]

  • Page 99

    Ins t allat i on and G e tting Started Guide 12. Ent er t he s e rver ’ s IP a ddr es s i n th e IP Addre ss fi eld . 13. If neede d, c ha nge the Authent ication p o rt and Acc ou n ting p o rt. (Th e defau l t v al ues wo rk i n most network s .) 14 . C li c k Ho me to retu rn to the Sys t em c onfi guratio n pane l, then s elec t the Sav e li [...]

  • Page 100

    Se cu ring Ac cess 22. Sel ect Co mmand s from the T y pe fie ld ’ s pulld ow n men u. 23. Sel ect a pri v il ege leve l b y clicking on one o f the follo wi ng rad i o b u ttons : • 0 – Autho r ization i s pe rfo r med fo r c omma nds availab le at the Su per U ser le vel (al l commands) • 4 – Autho r iz ation i s pe rfo r med for c o mm[...]

  • Page 101

    Ins t allat i on and G e tting Started Guide 27. T o s end an Accou n ting Start packe t to the R ADIUS acc ountin g se rver w h en a n au thenti ca t ed user es tabli sh es a T e l net or SSH session on the HP devic e, and an Acc ou n ting S t op packe t w hen the u ser lo gs ou t, s elect Ex ec from th e T y pe fie ld ’ s pulld ow n menu. 28. T[...]

  • Page 102

    Se cu ring Ac cess • Dat abase on a R ADIUS s e rver • No authentic a tion NOTE: The T ACACS/T ACACS+ , RADIUS, a nd T e lnet log i n pass w o rd authe n ti cation met hod s are not sup por ted fo r SNMP ac cess . NOTE: T o au thenti cat e T e l net acce ss to the CL I, y ou al so must enable the authe n ticat i on by entering the en abl e te l[...]

  • Page 103

    Ins t allat i on and G e tting Started Guide T o conf igu r e a n au thenti cat ion-m e th od l ist fo r the W eb m an age ment interface, enter a command s uc h as th e follo w ing: HP9300(config)# aaa authentication web -server default local This co mmand c onf igu r es the de vice to u s e the loca l u s er ac cou n ts to authen tic a te access [...]

  • Page 104

    Se cu ring Ac cess T a ble 3 . 7: A u thenti cation M e tho d V a lues (Conti nued ) non e D o not u se any authe n tica tion me tho d. The devic e auto mat ical ly per mits ac cess . Method Param e ter D esc ription USING THE WEB MANAG EME NT INTERF ACE T o config ure an au the n ti catio n -m etho d lis t wi th the Web m anage men t in terfac e, [...]

  • Page 105

    Ins t allat i on and G e tting Started Guide 7. Select the Sa ve link a t the b o ttom o f the di alog. Sele ct Y es w hen pro mpt ed to s ave th e c onf igu r ation ch ang e to the s t artup-conf ig file on the devic e ’ s f l ash m emory . 3 - 48[...]

  • Page 106

    Chap ter 4 Con f iguring Secure Shel l Secure Sh ell (SSH) is a mech anism fo r allow i ng s ecu re rem o te ac cess to manag ement fun c tion s o n an HP de vice . SSH pr ovide s a func tion si milar to T el net . Us ers can log in to a nd c onf igu r e the dev ice usin g a publi cly or commer ciall y ava il abl e SSH cli ent program , ju st as th[...]

  • Page 107

    Ins t allat i on and G e tting Started Guide Settin g the Host Nam e and Dom a in Nam e If yo u h a ve no t alrea dy done s o, est ablish a host n ame a nd d om a in na me for the HP devic e. For exam ple : HP9300(config)# hostname HP9300 HP9300(config)# ip dns domain-name hps hopping.com Syntax : ho stn ame <n ame> Syntax : ip dns doma in -n[...]

  • Page 108

    1 2 3 4 5 6 7 Co nfiguri ng Sec u re Shel l . The c li ent sends it s public ke y to the H P d evice. . The H P device com pare s the cl ien t ’ s public key t o those s t ore d in memo ry . . If the r e i s a match, th e H P device us es th e public key t o en cry pt a rando m seq ue n ce of bytes . . The H P device s end s thes e enc ryp t ed b[...]

  • Page 109

    Ins t allat i on and G e tting Started Guide 1024 65537 162566050678380006149460550286514061230306797782065166110686 648548574 94957339232259963157379681924847634614 532742178652767231995746941441604714682680 00644536790333304202912490569077182886 541839656556769025432881477252978135927821 67540629478392662275128774861815448523 99702361817331232847[...]

  • Page 110

    Co nfiguri ng Sec u re Shel l • W heth e r t he H P device allo ws user s t o l og i n wi tho u t supply ing a passw ord • The p o rt n umber for SSH connecti ons • Th e SSH log i n timeou t va lu e • A s pecif ic in terfa ce to be u sed as t he s our ce for all SSH tra f fic f r om the de vice Sett ing th e Numbe r of SSH Authe n tic ati o[...]

  • Page 111

    Ins t allat i on and G e tting Started Guide name and p asswo rd . Wi thout a u s er nam e and pas sw ord, a u s er is not gra n ted ac ce ss . See “ Setti ng U p Loca l Us er Acco unts ” on p age 3-1 1 for informatio n o n se tting up us er name s and pas s w ords on H P device s. If yo u enable empty pass wo rd log i ns, u s er s a re no t pr[...]

  • Page 112

    Co nfiguri ng Sec u re Shel l V i ewing SSH Con n ection I n form ation Up to five SSH conne ction s can be a cti ve on the HP dev ice. T o dis play inf o rmatio n about SSH c onnection s, enter the foll owing c omma nd: HP9300#show ip ssh Connection Version Encryption State Username 1 1.5 ARCFOUR 0x82 neville 2 1.5 IDEA 0x82 lynval 3 1.5 3DES 0x82[...]

  • Page 113

    Ins t allat i on and G e tting Started Guide 1 closed 2 closed 3 closed 4 closed 5 closed SSH connections: 1 established, client ip address 209. 157.22.8 16 seconds in idle 2 established, client ip address 209. 157.22.21 42 seconds in idle 3 established, client ip address 209. 157.22.68 49 seconds in idle 4 closed 5 closed Syntax : sh ow who T o te[...]

  • Page 114

    Co nfiguri ng Sec u re Shel l Th e cr ypto key gen e rate rsa publ ic_key and crypto key g e ne ra te r s a private _ke y st at emen ts ar e b oth g enerate d by th e c r ypto key gen era te rsa com m and . T he p u b lic k ey is vi sible ; th e pri vat e k ey is no t. Y ou m ay n eed to c opy t he publ ic key t o a “ know n h osts ” file (fo r[...]

  • Page 115

    Ins t allat i on and G e tting Started Guide 4 - 10[...]

  • Page 116

    Chap ter 5 Using Red undant Managemen t Modul es This chap ter de scrib es the redundant m anagem en t modu les and how to configur e and m anage th em . Red undant man ageme nt m odu les p r ov ide in cre as ed routi ng ca pacity a nd fail over for H P 9304 M o r HP 9308 M C h ass is de vice s. See the fo llowing s ect ion s fo r i n forma t ion :[...]

  • Page 117

    Ins t allat i on and G e tting Started Guide Configur ati on Consid eration s • Y o u can u se on e o r two re dunda nt m an age ment m od u le s in a Chassis devic e. • Y o u cannot u se older m an age ment mo dules in the same C hassi s devic e w i th re dunda nt m an age ment modu l es. • The f l as h c ode (system s o ftw ar e) i ma ge fi[...]

  • Page 118

    Us ing R e dun dant Managemen t Module s S yslog and SN MP T r aps W hen a s w itc hov er occurs, the sof twa re sends a Sys l og mess age t o the loca l Syslog buf fer and also to the SyslogD ser v er , if yo u have co nfigured the H P device t o us e one . In additi on, if you have configure d an SN MP tra p rece iver , the sof twa re se nds an S[...]

  • Page 119

    Ins t allat i on and G e tting Started Guide Co nfigur in g t he Chassis to Re ceive t h e M od ule W hen y ou pl an to ins e rt a modu le into a chassis sl ot , you first must c onfi gure t he slot to rec e ive the m odu le unles s the s lo t alread y con t ains the sa me type of m odu le . USING THE CL I T o pr epare s lot 1 to rece ive an 8-p o [...]

  • Page 120

    Us ing R e dun dant Managemen t Module s 3. Cl ick th e Add Modu le lin k to d isp lay t he f o llowing p anel. 4. Selec t slot nu mber fro m the Slot pulldow n m enu. • Slots on the HP 93 04M ar e n u mbere d 1 – 4 , fro m top t o bottom. • Slots on the HP 93 08M ar e n u mbere d 1 – 8 , fro m le ft to ri ght . 5. Selec t th e m odu le typ[...]

  • Page 121

    Ins t allat i on and G e tting Started Guide The < slo t-num> pa ram e ter specifie s the ch ass is sl ot : • Slots on an HP 93 04M c has si s are n um bered 1 – 4, fro m top to bo ttom. • Slots on an HP 93 08M c has si s are n um bered 1 – 8, fro m lef t to right. This co mmand o ve rrides t he defa ult and m akes the red undant mana[...]

  • Page 122

    Us ing R e dun dant Managemen t Module s Ins er ting t he M odule Y o u can rem ov e and inse rt modules wh en the s y st em is pow er ed o n. Make sure yo u adhere to the ca utions note d in “ Inst al la ti on Pr ec au tions ” on page 2-3. 1. Put on an ESD wr ist s t rap and at tac h the c lip e nd t o a metal su rface (suc h a s an e qui pmen[...]

  • Page 123

    Ins t allat i on and G e tting Started Guide USING THE CL I T o disp lay t he sta t us of a redunda nt m an agement m od u le using the C L I, e n ter the fol l ow ing co mman d a t any C LI le vel: HP9300> show module Module Status Ports Starting MAC S1: 8 Port Gig Management Module ACTIVE 8 00e0.5202.a2d4 S2: 24 Port Copper Module OK 24 00e0.5[...]

  • Page 124

    Us ing R e dun dant Managemen t Module s The Statu s co lumn s how s t he modul e sta t us . The redunda nt managemen t modu les ca n have one of t he fol lowing st at us es : • ACTIVE – T he mod ul e is cu rrentl y the a c tive ma nagem ent modu le. • ST ANDBY – The modu le i s the standb y m anag e ment modul e. The s t at uses above app [...]

  • Page 125

    Ins t allat i on and G e tting Started Guide Management module at slot 1 state chan ged, changed state from standby to active USING THE WEB MANAG EME NT INTERF ACE 1. L og on to t he dev ic e usi ng a val id us er n ame and pass wo rd for read -write ac cess . The Syste m con f igurat ion di alog is dis play ed. 2. Cl ick on th e plus si gn next t [...]

  • Page 126

    Us ing R e dun dant Managemen t Module s Automatically synchroniz ed Automatically synchronized Not automatically synchronized at star tup or s witchov er at regular , user-configurable b ut can be configured to synchronize intervals at star tup or s witchov er Star tup-config also automatically updated Also can be immediately Also can be immediate[...]

  • Page 127

    Ins t allat i on and G e tting Started Guide Sync config data: TRUE Sync boot image: FALSE Running-config sync interval is 10 s econds NOTE: The v al ues s how n in thi s exampl e a r e the d e fault va lue s. Syntax : sy nc-stand by NOTE: Th e sy nc-stan dby comm and ha s opti on a l p a ra meters . If yo u e n ter one of the para met ers , the C [...]

  • Page 128

    Us ing R e dun dant Managemen t Module s USING THE CL I T o immedi ately sy nchro n iz e the boo t code on the st andby module w i th the b oot co de on t he act ive m odule , enter the foll owing c omma nd a t the Pri v il eged EXEC le ve l of the CLI: HP9300# sync-standby boot Syntax : sy nc-stand by boot T o immedi ately sy nchro n iz e the fla [...]

  • Page 129

    Ins t allat i on and G e tting Started Guide Automating S y nchronization of Soft wa re Autom a ti c s yn ch ron i zatio n of th e flash c ode, run ni ng-c onf ig, and s yst em -co n fi g file is enabl ed by defa ul t. Autom a ti c s yn ch ron i zatio n of th e boot c ode i s dis abled by defaul t. T o cha nge the autom a tic s ynchr on iza t ion s[...]

  • Page 130

    Us ing R e dun dant Managemen t Module s 3. T o e nable automa t ic sync hr onization of the boot code , s e lect the ch eckbox next to Boo t Flash. 4. T o cha nge the synchro n izati on int e rval for the running-co n fig , en ter the new val ue in the R unning Conf igura t ion Interv al field. T o di sab le aut omatic synch r onizatio n of the ru[...]

  • Page 131

    Ins t allat i on and G e tting Started Guide 3. Selec t th e Swi tch -ov e r Ac tiv e Mo dul e link . A mes s age ap pears a skin g y ou to v e ri fy that you w a nt to sw itc h ov er from the a c ti ve module to th e s t an dby . 4. Selec t Y e s to switch ov er or N o to c ancel the s w itchover request. T e mperature Se ns or The redun dant m an[...]

  • Page 132

    Us ing R e dun dant Managemen t Module s power supply 4 not present power supply 1 to 4 from bottom to top fan 1 ok fan 2 bad fan 3 ok fan 4 ok Current temperature : 34.5 C degrees Warning level : 45 C degrees, shutdown level : 55 C degrees Syntax : sh ow c has s is USING THE WEB MANAG EME NT INTERF ACE 1. L og on to t he dev ic e usi ng a val id u[...]

  • Page 133

    Ins t allat i on and G e tting Started Guide Displ a ying T emper atu re Message s The s o ft wa re s ends a Sy sl og me ssage and a n SN M P tra p if the tem per atu r e c r osse s the wa rning or shutdow n threshol ds . The fol l ow i ng m et hods d esc rib e how to v iew the s ys tem log o n the de vice. If you h av e confi gure d th e de vice t[...]

  • Page 134

    Us ing R e dun dant Managemen t Module s USING THE WEB MANAG EME NT INTERF ACE 1. L og on to t he dev ic e usi ng a val id us er n ame and pass wo rd for read -write ac cess . The Syste m con f igurat ion di alog is dis play ed. 2. Selec t th e Ad va nc e li nk to dis play the fol l ow i ng panel. 3. Edit the v al ue in t he T emper atu r e W a rni[...]

  • Page 135

    Ins t allat i on and G e tting Started Guide . 3. Edit the v al ue in t he Ch assis Poll Interva l field to change p o llin g interv al . Y ou c an e n ter a v al ue from 0 – 6 553 5. The def ault is 60 sec onds. 4. Cl ick th e Apply bu tton to send the configura t ion c hange to the a c ti ve module ’ s runnin g-confi g f ile . 5. If you wan t[...]

  • Page 136

    Chap ter 6 Updating Softwa re Images and Con f igurati on Fil es This ch apter d esc ribes ho w to cop y and sa ve co nfigura t io n files a nd s o ft w a re image fil es. Downloadi n g and Uploading a Softwar e Im age on a TF TP Server For easy so ftw ar e i ma ge m an age ment, the HP 9308M , H P 9 304 M, an d H P 6 308M-SX routing sw it ches and[...]

  • Page 137

    Ins t allat i on and G e tting Started Guide USING THE WEB MAN A GEMENT INTE RF ACE T o in itiate tra nsf ers of sof twa re images t o a nd f r om a T F TP serve r fro m t he W eb m anagem ent interf ace : 1. L og on to t he dev ic e usi ng a val id us er n ame and pass wo rd for read -write ac cess . The Syste m con f igurat ion di alog is dis pla[...]

  • Page 138

    Up dating Sof t wa re Ima ges a nd C o nfigura t ion Fi le s USING THE CLI T o cha nge the block s ize for TF TP file tra n sf ers , enter a comm and s uch as t he foll owing a t the gl obal C ONF IG le vel o f the CLI : HP9300(config)# flash 2047 set flash copy block size to 2048 Syntax : [no ] flash <n um > The s o ft wa re roun ds up the &[...]

  • Page 139

    Ins t allat i on and G e tting Started Guide Compressed Secondary Code size = 0 , Ve rsion Maximum Code Image Size Supported: 281 7536 (0x002afe00) Boot Image Version 07.01.01 c. Copy the so ft wa re imag e file you ju st sav ed (in st ep a ) from th e TF TP s e rver back to secon dary f l as h on the routi ng s w itch and ve rify th at the c od e [...]

  • Page 140

    Up dating Sof t wa re Ima ges a nd C o nfigura t ion Fi le s Loading and Savin g Configu r ation Files Fo r easy configura t ion ma nagement , th e HP 9308M, H P 9 304M, a nd H P 6308M- SX routing sw i t ches a nd th e H P 6 208M-SX switch su pport both the dow nl oad a nd u pl oad of c onf ig uration fil es be tween the switch or routing sw itc h [...]

  • Page 141

    Ins t allat i on and G e tting Started Guide Logging Changes to the Startup-Config Fil e Y o u c an c onfigu re an HP devi ce to g enerate a Sysl og mess age w h en the s t artup-c on f ig file is cha nged. Th e trap is e nabled by defau l t. The f o llowin g Syslog message is ge nera t ed whe n the s t artu p-c onf ig fil e is c hanged : startup-c[...]

  • Page 142

    Up dating Sof t wa re Ima ges a nd C o nfigura t ion Fi le s 4. Selec t th e C o nfi gura t io n li nk to dis play the fol l ow i ng panel. 5. Enter the a ddr ess o f the TF TP s e rver in the TF TP Server IP field . 6. Enter the c onf igurat ion fil e name in the C onf ig uration File N a me fie l d. NOTE: The T F TP clien t on th e H P devi ce s [...]

  • Page 143

    Ins t allat i on and G e tting Started Guide HP 9 304 M or H P 9 308 M usi ng man ageme nt m odu le (MI) 1 28K HP 63 08M-SX or HP 6208 M-SX 64 K Product M aximum running-config and st artup-config file siz es a a. T he running-config and st ar t up-config file can each be t he size li st ed. T he max i mum size is not t he max im um com bined size [...]

  • Page 144

    Up dating Sof t wa re Ima ges a nd C o nfigura t ion Fi le s Error c ode Mes sage Exp lan a tion and ac tion 7 TF TP bus y , on ly on e TF TP session ca n b e ac tive. Another T F TP tra nsf er is ac ti ve on another CLI ses si on or W eb mana gement s e ssion. W a it, then retry th e t r ansfer . 8 File typ e check fai led. Y ou accide ntally att [...]

  • Page 145

    Ins t allat i on and G e tting Started Guide Relo ading a t a S p ecifi c T i me T o sch edule a s yst em re loa d for a speci f ic time, use o ne of t he f o ll owing m e thods . USING THE CLI T o sc hedule a s ystem rel oa d from the prim ary fla sh modul e for 6 : 00:00 AM , Janu ary 19 , 1999, ent er the followin g comma nd at th e g l obal CON[...]

  • Page 146

    Up dating Sof t wa re Ima ges a nd C o nfigura t ion Fi le s USING THE WEB MAN A GEMENT INTE RF ACE Y o u cannot c an cel a schedul ed reload u si ng the We b m an ageme nt i n terface. 6 - 1 1[...]

  • Page 147

    Ins t allat i on and G e tting Started Guide 6 - 12[...]

  • Page 148

    Chap ter 7 Software Ove r view This ch apter p r ovide s an ove r view of the softw are fea t ure s sup por ted on HP ProCurv e dev ices . • For confi gur ation d e tails fo r the se fea t ure s, see C hap ter 9 o f this guide and th e Ad vanced Co nf iguratio n a nd Man ageme nt G ui de, inclu de d in PDF f o rmat o n th e Product D o cumen t at[...]

  • Page 149

    Ins t allat i on and G e tting Started Guide NOTE: Some f eatu r es are supp orted only o n spec ific pro ducts or requ ire spec ific ha rd wa re confi gu r ations . See the c ha p ter s de scrib i ng thos e featu r es or c on t act Hewlett-Pa ckard or y our res ell er for i n forma t ion . Determining the Flash V ersion a Device Is Running T o de [...]

  • Page 150

    Softw ar e Ov er view NOTE: Y ou c an a ccess the ve rsion i n forma t io n w het her you h av e read-w ri t e ( “ set ” ) or read-only ( “ get ” ) ac cess . Feature List T able 7 . 2 o n p age 7-3 lists the m ajo r s o ftw a r e featu r es avail abl e i n t he t ypes of flas h s o ft wa re l ist ed in T a ble 7.1 on pag e 7 -1. Som e fea t[...]

  • Page 151

    Ins t allat i on and G e tting Started Guide T a ble 7 . 2: H P So ftwar e Featu res (C on tinued) T elnet X -1 1 T r ivial File T r ansfe r Proto col (T F T P) X X 7 -1 1 Sim ple Ne twork T i me Pro t oc ol (SN T P) X X 7 -1 1 Dom ain Nam e Server (DNS) re so lv er X X 7 -1 1 SNMPv2c X -12 Remo te M onitori ng ( RMON) X X 7 -1 2 SN MP ala r ms a n[...]

  • Page 152

    Softw ar e Ov er view T a ble 7 . 2: H P So ftwar e Featu res (C on tinued) Dy na mic Host Co nfiguration Pro tocol (DHCP) Ass ist X 7 -1 7 IP M ult icas t C ont ainm ent X X 7 -1 8 Feature S upported on.. . See page.. . Routing switc h Switch Layer 3 Sw itching Featu r es Protoco l -b ased V i rtu al LAN s (VLAN s) X X 7 -1 8 Layer 3 Routin g Feat[...]

  • Page 153

    Ins t allat i on and G e tting Started Guide Sh owing System De faults Y o u can d isp la y the def aults for s yst em pa ram ete rs us ing the fol low ing metho d. USING THE CL I T o disp lay t he d e fa ult in formation, enter the follow ing c om ma nd f r om an y l eve l o f the C L I: s how default [va l ue s] If yo u s pecify “ def aul t ”[...]

  • Page 154

    Softw ar e Ov er view • RSA ch all e nge -response authent i cation , wh ere a c oll ectio n of pu bli c key s are sto r ed on the device. Only cli ents with a priv ate k ey tha t co rres po nds to one of the stored publi c keys can gain acces s to the devic e us ing SSH. • Password authe n tic a tion , w her e u s er s a ttem pti ng to gain a [...]

  • Page 155

    Ins t allat i on and G e tting Started Guide • For rea d -wri te a ccess, ente r “ se t ” in t he U s er N a me fie ld and a read-write community st ring tha t y ou hav e c onfigu r ed on the devic e i n th e Pass wo rd fie l d, as show n in F i gu re 7 . 1. (For secur i ty , the softw are dis play s as teris ks whe n y ou typ e y our passw o[...]

  • Page 156

    Softw ar e Ov er view • T o disp lay g eneral syst em inf o rm ation, click o n a bla nk are a of the de vice ’ s m ana gement m odule. If the c has sis dis p lay is disable d as s how n in thi s exampl e, cl ick on th e obje ct sh own in th e c hassis win dow . The ob ject con t ains the product n ame. • T o disp lay i n forma t ion abou t a[...]

  • Page 157

    Ins t allat i on and G e tting Started Guide RADIUS S ecur i ty Y ou ca n fu rt he r secu re CL I access to the swi t ch or ro ut i ng swi t ch by co nf ig ur ing the de vice to cons ul t a Remo te Access Di al In U s er Serv ice (RADIUS) s e rver to au th entica t e u ser names and pas sw or ds . The sof twa re s up port s au the n ti ca tio n , a[...]

  • Page 158

    Softw ar e Ov er view Se e “ Sche duling a Sy st em Rel oad ” on pag e 6 -9. Te lnet As desc ribed i n “ Man ageme nt Interfaces ” on pag e 7 -7, HP devic es al low you to ac ces s the CL I t h rough a T e lnet c onnec tio n. T o establ ish th e T e l net conne ction, you need the fol low ing : • An IP addre ss on the HP device . Se e “[...]

  • Page 159

    Ins t allat i on and G e tting Started Guide See th e “ Co nfiguring IP ” c hapter i n th e Adva nced C o nfigura t io n and M an ageme nt Gu ide for inf o rmatio n. SN MPv2c Support HP devices su pport SN MP v2 c, i ncl ud ing supp ort f o r G etB ulk req ues ts . T he SN MPv 2c suppo rt is e nabled by de fau lt and canno t be disa ble d. Thu [...]

  • Page 160

    Softw ar e Ov er view NOTE: Y ou c an s pecify only o ne facility . Se e “ Conf iguri ng the Sys l og Serv ic e ” on p age 9-1 4 for confi gur ati on i n fo rma t ion. Pi ng and T r aceroute Fa cilities Aft e r you c onf igu r e a n IP addre ss for the d e vice, yo u can t est the devic e ’ s n e tw or k connectio n s usi ng the f o ll owin g[...]

  • Page 161

    Ins t allat i on and G e tting Started Guide • La yer 2 port - based VLAN member ship • 8 02.1 q tag NOTE: QoS is sup port ed onl y on th e HP 9304M , HP 9 308 M, an d HP 6308M -SX. On the H P HP 6 208M- SX, y ou c an as si gn ce rta i n types of traf fic to the high queu e inst ead of the no rmal queue , bu t the ot he r featu r es d e scribed[...]

  • Page 162

    Softw ar e Ov er view MAC Swi t ching Al l H P devices su ppo rt MAC sw it ching . M AC switc h ing enable s intell ige n t w i re-speed b r idg ing of Layer 2 pa cket s. The first tim e an HP device receiv es a pack et fro m a given MA C dest ina t ion, th e devic e m ake s a n entry in its L aye r 2 ca che. The ent ry c onsis t o f th e p a cket [...]

  • Page 163

    Ins t allat i on and G e tting Started Guide STP al so ensu res t hat th e devic e uses the m os t ef fic i en t p a th wh en mu lti p le p a th s ex ist b e tw ee n port s. Mor eover , if a se lecte d pa th fa ils , STP s ear ches for an d then e s tabli shes an alternate path to prevent o r lim it retra n smis si on of data. STP is disab le d by [...]

  • Page 164

    Softw ar e Ov er view VL AN T a gg ing HP sw itc hes sup port 802.1q VLAN tagg ing. VLAN tagging is a m e thod of i den tif yi ng a pa cket as a m ember of a VLAN . VLAN tag g ing enables y ou to configu r e p o rts on mu lti pl e sw itches in to a s i ng le VLAN . Us ing tagge d VLANs c an eas e netw o rk man agem ent and ensur es int e rop e rab [...]

  • Page 165

    Ins t allat i on and G e tting Started Guide NOTE: DHCP a s sist a pplie s o nly to HP switches. T o co nfigure an HP ro uting swi t ch to as sist DHCP p acket s, use the UDP He lp er featu r e. See “ Use r Da tagram Pro t oc ol (U DP ) H el per ” on p age 7-2 4. See th e “ Co nfiguring IP ” c hapter i n th e Adva nced C o nfigura t io n an[...]

  • Page 166

    Softw ar e Ov er view VL AN T a gg ing VLAN tag g ing (802. 1q) extends t he b ou nda ries of the VLAN by all owing cr eation of VLAN s tha t cr oss s w itc h b oundari es. This ease s n e twor k m an agement and ensure s in teroperabi lity wi th other de vices. See “ VLAN T aggin g ” on page 7-17 . Layer 3 Routi n g F e atures The f o llowin g[...]

  • Page 167

    Ins t allat i on and G e tting Started Guide IP Route Forw arding IPX Route Forw arding IP sub-net A IP sub-net B Appletalk IPX Network 1 IPX Network 2 Lay er 3 Switch Lay er 2 Switch Figu re 7. 3 Logic al rep r esentati o n of IS R w ithin HP ro uting sw it ch es Rout ing b e tween t he VLAN s is perf o rmed w i tho u t dedicatin g ph ys ical po r[...]

  • Page 168

    Softw ar e Ov er view HP routing s w itc hes ar e confi gur ed t o be co mpliant w i th R FC 1 583 OSPF V2 (R FC 1583 ) by de fau l t. Y o u also ca n c onfigu r e H P r outi ng sw it ch es to run t he l a test OPSF stand ard, RFC 2178. See th e “ Co nfiguring OSPF ” chapter i n th e Ad van ced Co nfig ura t ion and M an agement G uide for i n [...]

  • Page 169

    Ins t allat i on and G e tting Started Guide HP ’ s PBR routing is based o n st an dard a nd ex tended AC Ls a nd route-maps . The ACLs classi fy th e t r af fic . Ro ute maps that mat ch on the ACLs set rou t in g attribute s fo r the tra ffi c. HP' s impl ementati on of PB R uses hig h pe rfo r ma nce switch in g a l gorith ms including ro[...]

  • Page 170

    Softw ar e Ov er view AppleT alk Routing HP routing s w itches support Pha se II App l eT alk routing. H P ’ s imple men tat i on supports a ll the followin g App l eT al k pr ot oc ols: • Et he rT al k Li nk Ac cess Prot ocol (E LA P) – AppleT alk physical lay er protoco l • Dat agra m De li very Pro t ocol (D D P) – A ppleT alk equiv al[...]

  • Page 171

    Ins t allat i on and G e tting Started Guide For exam ple, a n HP ro uting switch running O SPF and RI P can p ass a rou t e learned through RI P to O SPF . The route r as soci ates a metric and o t her para met ers with a rout e w hen th e route r red ist rib u tes the ro ute to o t he r pr oto c ol s. Y ou can modi fy the se par ame t ers a nd p [...]

  • Page 172

    Softw ar e Ov er view For m o re detail s on VR RP a nd its confi gura t ion, s ee the “ Con f iguring VR R P a nd VR RPE ” chapter i n th e Advance d Co nfi gura t io n and M an age ment G uide . VR RP Ext e nded (VRRP) VR R PE i s an HP pr oto c ol that p r ovi des the benefits of VR RP wi th out the lim itatio ns . In fact, VR R PE c ombi ne[...]

  • Page 173

    Ins t allat i on and G e tting Started Guide 7 - 26[...]

  • Page 174

    Chap ter 8 Ha rdware Ove r view This chap te r pr ovides a ha rdw a re overv i ew of t he H P 930 8M, H P 9304 M, a nd H P 6308M-SX rou t ing sw i t ches a nd the HP 6208 M-SX sw it c h. • For inform ation about spe cif ic ha rdw a re st and ard s a nd spe cif icati ons, s ee the “ Ha rd wa re Specifi cat ions ” a ppendi x i n t he Ad vanc ed[...]

  • Page 175

    Ins t al lat i on and G e tt ing S t arte d G uide The H P 930 8 M and HP 93 04M c an be pop ula t ed wi th any o f the fo llo wi ng m odu les : • Redun dant M anagem ent modu les • J 4845A H P ProCurv e 9300 Gi gL X R ed undant Management M odule (8-po r t) (Fi gu r e 8 . 8) • J 4846A H P ProCurv e 9300 Gi gS X Redundant Ma nagement Modul e [...]

  • Page 176

    Hardware Ov erview Pwr Figu re 8. 4 J4847A HP Pro Cur ve 9300 Red und ant Managem ent Modu le (0-p or t) 1 5 7 10 11 12 13 14 15 16 Pwr 4 3 2 6 9 8 Figu re 8. 5 J4141A HP Pro Cur ve 9300 10/100 Mana ge me nt Mo dul e (16-p or t) Link Activity 1 6 7 8 5 4 2 Pwr Link Activity Link Activity Link Activity 3 Figu re 8. 6 J4144A HP Pro Cur ve 1000BaseSX [...]

  • Page 177

    Instal lation and Gett ing S tarte d Guide 8 - 4 Figure 8.13 J4844A HP ProCurve 9300 GigLX Module (8-port) NOTE: All 10/1 00 ports are auto-s ensi ng and aut o-negotiating for easy deployment int o existin g network topolog ies. Gigabit Etherne t interfaces are available in mult i-mode 1000Base SX, single- mode/multi-mod e 1000Bas eLX, and copper .[...]

  • Page 178

    Hardware Overview 8 - 5 Fixed-Port Switc h HP 6208M-SX and Routing Switch HP 6308M-SX Figure 8. 15 shows the HP 6308M-SX . Figure 8.16 shows the HP 62 08M-SX. Each devi ce provi des a seri al port for CLI managem ent and eight 100Mbps SX fiber ports for c onnectio n to Gigabit Ethe rnet lin ks. The HP 6 308M -SX routin g switch p rovides both Lay e[...]

  • Page 179

    Ins t al lat i on and G e tt ing S t arte d G uide Fixed-P ort Archi t ectur e L ayer 2 Arch itecture W hen a p ack et arri ves a t an HP 6208M -SX s w itc h, a s ear ch for t he M AC dest ina t ion a ddre ss is in iti a ted. If th e MAC desti nat ion ad dres s is found, the pa cket ’ s priority is de ter mi ned . The p ack et is the n forwarded [...]

  • Page 180

    Hardware Overview 8 - 7 Physical V iew This se ction describe s the externa l featur es of the HP 9304M, HP 9308 M, HP 6308M-SX, a nd HP 62 08M-SX. Figure 8.17 Example front panel of an HP 9304M routing switch Figure 8.18 Front panel of an HP ProCurve 6308M-SX routing switch Figure 8.19 Rear panel of an HP 6208M-SX switch or HP 6308M-SX routing swi[...]

  • Page 181

    Ins t al lat i on and G e tt ing S t arte d G uide NOTE: The rear p anel o f the H P 9 308 M a nd HP 9304M Chassis de vices p r ovide no net wo rk or p ower c onnec tio ns and therefo r e a r e n o t s how n. Sl ot and Por t Numbers The p o rt n u mber s o n a ll F ix ed-p o rt devices an d C hassis devi ces ar e labeled on the har dware . Howe ve [...]

  • Page 182

    Hardware Ov erview The C h assis de vi ces, the HP 9304M and H P 9308 M, co me stand ard wi th fou r fan s. The HP 9304M a lso comes st andard w i th four fa ns . The H P 9 308 M com es st andard wi th si x fans . LEDs Each dev ice i s equipped w i th LED s tha t de note po rt and p ower su pply s t atus . The ta ble s bel ow ref l ec t th e diffe [...]

  • Page 183

    Ins t al lat i on and G e tt ing S t arte d G uide T abl e 8 . 3: Po rt LED in dicator s fo r 10B a seT /10 0Bas e TX c h assis mod u les LED P osition S tate M eaning Li nk/Ac t iv ity L eft On Por t is c onn ected. Off No port co nnecti on exis ts. Blink ing Tra f fi c i s bei ng t r ans mi tted a nd received on that p o rt. FDX Right On The po r[...]

  • Page 184

    Hardware Ov erview Modules This se ction describe s the modules designed for the HP 9304M a nd H P 930 8M rou t ing s witc hes . Chassis M odules Chassis m odules in clud e these op tio ns: • Redun dant M anagem ent: • 8- port Gi gabit LX redun dant mana gemen t modu le s • 8- port Gi gabit SX redund ant ma nagemen t modu les • 0- port red [...]

  • Page 185

    Ins t al lat i on and G e tt ing S t arte d G uide St andard and Redundant Pow e r O p tions The Fixe d- po rt devi ces c ome st anda rd with tw o power supp lies. Re dund ant power is an op ti on fo r the Ch assi s de vice . Each pow e r s upply ca n b e c onnected to a sepa rate AC po we r sourc e fo r a dditio nal po we r red u n dan cy . Fi xed[...]

  • Page 186

    Chap ter 9 Confi guri ng Basic Features This ch apter d esc ribes ho w to con f igure basic, n on-p r oto col featu r es on HP dev ices us ing th e C LI and W eb man ageme nt i n terface. This ch apter c ont ain s proced ures for configuri ng the fol l ow i ng para met ers : • Ba sic S y stem Para meter s – se e “ Co nf ig ur ing Ba sic S yst[...]

  • Page 187

    Ins t allat i on and G e tting Started Guide Using the W eb Managem e nt In te rfa ce for B a si c Con fi gur ati on Chang es The W eb managemen t interfa ce enabl es you to easi ly ma ke numero u s co nfigura t io n c ha nges b y en tering or c hangi ng i n forma t ion o n c onfigu r ation p an e ls su ch as the o ne s how n in Figure 9.1 . Th is [...]

  • Page 188

    Co nfiguri ng Bas i c Fea t ure s • Enable o r disab le Spanning T r ee Pr otocol . • Enable o r disab le SNMP ope ration a nd confi gure SNMP communi ty str i ngs, trap rec e iv ers , a nd o t he r pa ram e ters . • Enable o r di sable IEEE 8 02.1 q VLAN tag gi ng. • Enable o r disab le Layer 2 s w itc h in g (routi ng swit ches only). •[...]

  • Page 189

    Ins t allat i on and G e tting Started Guide USING THE CL I Here is an ex ample o f ho w to c onf igure a s w itc h or rou t ing s w itc h na me, s yst em c ontac t, and l oca tio n: HP6208(config)# hostname oakland Oakland(config)# snmp-server contact S uzy Creamcheese Oakland(config)# snmp-server location Centerville Oakland(config)# end Oakland#[...]

  • Page 190

    Co nfiguri ng Bas i c Fea t ure s Configuring Simple Ne twork Ma nagem e nt (SNM P) Par a met e rs Us e the p r ocedures in thi s sect ion to pe rform the follo wing c onfi g ur ati on t asks: • Specify an SNMP t r ap rec e iv er . • Specify a s our ce addres s and co mmunity string for all tra ps se nt b y t he d evice. • Di sab le ind ivi d[...]

  • Page 191

    Ins t allat i on and G e tting Started Guide The c ommand in the example above adds trap rec eiver 2.2 . 2.2 an d configu r es the software to dis play the commun ity s t ring a ssoci ated wi th the rec e iver i n t he c lear . Whe n you save the ne w commun ity st ring to the st artup-c onf ig fil e , the s o ft wa re add s the f o llowin g c omma[...]

  • Page 192

    Co nfiguri ng Bas i c Fea t ure s The <num > p a ram ete r i s a lo opback i n terfac e o r virtua l i n terface n um ber . If y ou specify an Eth e rne t port, th e <portnum > i s the p o rt ’ s number (in c l udi ng the sl ot n um ber , if you a r e conf igu r ing an HP 9304M or HP 9308M . T o spec ify t he f i rs t IP addr ess c on[...]

  • Page 193

    Ins t allat i on and G e tting Started Guide • Co ld sta rt • Li nk up • Li nk do wn • Bridge ne w roo t • Bridge top o l ogy c hange • Lo cked addres s viola t io n • Modu le in sert • Modu le re move • BGP4 • OSPF • SRP • VRRP • VRRPE USING THE CL I T o st op li nk dow n oc curren c es fro m being repo rted, enter the fo[...]

  • Page 194

    Co nfiguri ng Bas i c Fea t ure s • The t im e st am p • The user name • W heth e r t he u ser logged i n or out • The CLI le ve l the u s er log ged into or out o f (Us e r EXEC o r Privil eged EXEC l ev e l) NOTE: Messa ges f o r a ccessi ng the User EXEC le vel app ly only to ac c ess th rough T e lnet. Th e devic e doe s not au the n ti[...]

  • Page 195

    Ins t allat i on and G e tting Started Guide • If yo u specif y a lo opback i n terface a s the s ing le so urc e for T e lnet p acket s, T e lne t se rv ers can re cei ve the pa cket s regard le ss of the sta t es of ind ivi dual lin ks . T hus, i f a lin k t o th e T e lnet server bec omes unavail abl e bu t the c lient o r se rve r c an b e re[...]

  • Page 196

    Co nfiguri ng Bas i c Fea t ure s T o disp lay i n forma t ion abou t SNTP a ssoci ation s, ente r the follo wi ng com m and: HP9300# show sntp associations address ref clock st when poll delay disp ~207.95.6.102 0.0 .0.0 16 202 4 0.0 5.45 ~207.95.6.101 0.0 .0.0 16 202 0 0.0 0.0 * synced, ~ configured Syntax : sh ow sn tp as soci ations The f ollow[...]

  • Page 197

    Ins t allat i on and G e tting Started Guide T a ble 9.2 : Ou tput f rom the show sntp sta t us c omm an d ( Conti nued ) clock of fset Of fse t of clock t o sync hr onized pe er r oot del ay T ota l d el ay along the path to the roo t cl oc k r oot dis pe r sion Di spers i on of the root pat h peer dis per sion Di spers i on of the sync hronized p[...]

  • Page 198

    Co nfiguri ng Bas i c Fea t ure s HP9300# clock summer-time Syntax : cl ock s ummer-time Although SN TP se rvers typi cally deliver the ti me and da te in Gre enw i ch Mean T ime (GM T ), you c an configur e the sw itc h or rou t ing s w itc h to adjus t the t ime for any o ne-hour of fse t fro m GM T o r for one of the follow i ng U . S. tim e z o[...]

  • Page 199

    Ins t allat i on and G e tting Started Guide 3. Selec t th e time z one by se lecting the of fset fro m Gr eenwic h Mean T i me tha t a pplies to your time z one . Fo r ex ample, to s et you r device to C a lifornia t i me, s e lect GM T -08, wh ich m eans Green w i ch M ean T ime minus ei ght ho urs . NOTE: Y ou do not ne ed to a d ju st for D a y[...]

  • Page 200

    Co nfiguri ng Bas i c Fea t ure s The Sysl og D se rvi ce on a Syslog s e rver rec e ives logging message s from appli ca t ions on t he loc al host o r fro m de vice s s uch as a ro uting s w itc h or switch. Sysl og D ad ds a time st amp to ea ch rec eived me ssage and d i rec ts messa ges t o a l og fil e. Most Un ix wo rks t ati ons come wi th [...]

  • Page 201

    Ins t allat i on and G e tting Started Guide • d ebuggi ng • emer genci es • e rrors • in fo rm at io na l • no tif ica tio ns • wa rnings The c omma nds in the e xam pl e abov e cha ng e the log l e vel to n o tific a ti on m ess ages o r hi ghe r . T he sof twa re w ill no t log informa t io nal or debugg ing mess ages . The c ha nge [...]

  • Page 202

    Co nfiguri ng Bas i c Fea t ure s • sys1 4 – re se rv ed for s yst em us e • cr on – cr on/at subs yste m • lo cal0 – re se rv ed for lo ca l us e • lo cal1 – re se rv ed for lo ca l us e • lo cal2 – re se rv ed for lo ca l us e • lo cal3 – re se rv ed for lo ca l us e • lo cal4 – re se rv ed for lo ca l us e • lo cal5[...]

  • Page 203

    Ins t allat i on and G e tting Started Guide 4. Selec t Di sab l e or En able n ex t to Loggin g to disa ble or enable the Syslo g se rvice o n th e d evi ce . T he servic e is e nabled by defau l t. 5. Op tionall y cha nge the number o f en tries the l o cal Sys log bu ffe r c an h old. T he buf fer si ze can be fro m 50 – 100 . The d e fault is[...]

  • Page 204

    Co nfiguri ng Bas i c Fea t ure s 4. Cl ick on th e checkb ox next to Syst em Logging to pl ace a checkm ark in the box. 5. Cl ick Ap ply to cl ear the log . Changing th e Default G i gabit Negotiat i on Mode Y o u can c onf ig ure the def ault G i gabit ne gotiation mode to b e o ne o f the fo llo wi ng : • Ne go tiat e- fu ll -a ut o – The po[...]

  • Page 205

    Ins t allat i on and G e tting Started Guide • Neg-off – T he port d oes not try to pe rfo rm a hands hake . Ins t ea d, the p o rt uses c onfigu r ation informati on man ually confi gure d by an ad mini strator . • Auto-Gig – T he port tries t o perform a handshak e wi th the other po rt to exch ange c ap abilit y i n fo rma t ion. • Ne [...]

  • Page 206

    Co nfiguri ng Bas i c Fea t ure s T o limi t the n um ber of b r oadca st pac ke ts sent o n p o rt 1 /3 to 8 0 ,00 0 , ente r the follo wi ng co mman ds : HP9300(config)# int ethernet 1/3 HP9300(config-if-1/3)# broadcast limit 80000 HP9300(config-if-1/3)# write memory USING THE WEB MANAG EME NT INTERF ACE Y o u cannot p e rfo rm this p r oce dur e[...]

  • Page 207

    Ins t allat i on and G e tting Started Guide Se tt in g a Messag e of the Day B anner Y o u can c onf ig ure the HP devic e to d isp lay a message o n a user ’ s terminal wh en he or s he est ablishes a T e lne t CLI sess ion. F o r e xampl e, to d isp lay t he mes s age “ W e lcome to HP 9 304M o r HP 9308 M! ” wh en a T el net CLI sessi on [...]

  • Page 208

    Co nfiguri ng Bas i c Fea t ure s Configuring Basic Por t Param e ters The p r oc edures in thi s sect ion d esc ribe h ow to c onfi gu r e the fo llo wi ng po rt param e te rs: • Name – s ee “ As sign i ng a P ort Name ” on page 9- 24 • Speed – se e “ M odifying Port Spee d ” on page 9-25 • Mode (h al f- dupl e x or full-d up lex[...]

  • Page 209

    Ins t allat i on and G e tting Started Guide Cl ick on th e C opy or M odi fy button next to a row of por t information to d isp lay a c onfigur ation pane l for th at p o rt. • Selec t Mod i fy to cha nge param e ters f o r a port. • Selec t Co py to appl y a port ’ s pa rameter se ttin gs to anot he r po rt. Here is an ex ample o f the Port[...]

  • Page 210

    Co nfiguri ng Bas i c Fea t ure s USING THE WEB MANAG EME NT INTERF ACE 1. L og on to t he dev ic e usi ng a val id us er n ame and pass wo rd for read -write ac cess . The Syste m con f igurat ion p anel i s disp laye d. 2. Cl ick on th e plus si gn next t o Conf igure in the tree view to di spl ay the co nfiguration o p tions . 3. Selec t th e Po[...]

  • Page 211

    Ins t allat i on and G e tting Started Guide 8. Select the Sa ve link a t the b o ttom o f the di alog. Sele ct Y es w hen pro mpt ed to s ave th e c onf igu r ation ch ang e to the s t artup-conf ig file on the devic e ’ s f l ash m emory . Modifying P o rt Mode Y o u can c onf ig ure a port to accept either f u ll-duplex (bi-di rec t ional ) or[...]

  • Page 212

    Co nfiguri ng Bas i c Fea t ure s Syntax : en abl e Y o u also ca n d is abl e o r re-enab le a v i rtu al interfac e. T o do so, enter com m and s suc h as the fol l ow i ng: HP9300(config)# interface ve v1 HP9300(config-vif-1)# disable Syntax : di sable T o re-ena ble a vi rtual interface , e n ter the ena b le command at the Int e rfac e con f i[...]

  • Page 213

    Ins t allat i on and G e tting Started Guide 7. Select the Sa ve link a t the b o ttom o f the di alog. Sele ct Y es w hen pro mpt ed to s ave th e c onf igu r ation ch ang e to the s t artup-conf ig file on the devic e ’ s f l ash m emory . Changing th e 802.3x G i gabit Negotiation Mode The g l ob ally configure d Gig abi t negotiat i on mode f[...]

  • Page 214

    Co nfiguri ng Bas i c Fea t ure s Modifying P o rt Prior ity (QoS) Y o u can g ive pr efe r ence t o th e inbound tra f fic o n s pecific port s by cha ngi ng the Q uality of Service (QoS) l evel on those p o rts . Fo r informat ion an d pro ce dure s, see th e “ Qualit y of Serv ic e (Q oS ) ” c hapter i n t he A d vanc ed Conf igura t ion an [...]

  • Page 215

    Ins t allat i on and G e tting Started Guide T o dis able L a yer 2 switch ing on ly on a s pecifi c interface, go to the Interf ace confi gur ation l evel for that int e rfac e, then dis able the fea t ure. The follo wi ng comm ands sh ow how to dis able Layer 2 s w itc h ing o n po rt 3 / 2: HP9300(config)# interface ethernet 3/2 HP9300(config-if[...]

  • Page 216

    Co nfiguri ng Bas i c Fea t ure s 5. Select the Sa ve link a t the b o ttom o f the di alog. Sele ct Y es w hen pro mpt ed to s ave th e c onf igu r ation ch ang e to the s t artup-conf ig file on the devic e ’ s f l ash m emory . Configuring Stat ic MAC Entries This se ction describe s how to c onfi gur e s t ati c MAC a ddre s ses. NOTE: HP rou[...]

  • Page 217

    Ins t allat i on and G e tting Started Guide 4. Enter o r ed it the M AC a ddre ss, if ne eded. Specify the addre ss in the follo wi ng format : xx-x x-xx -x x- xx -x x. 5. Change the VL AN numbe r if needed by editing the value in the VLAN I D fie l d. 6. Selec t th e p o rt n um ber from th e Slot (for C hassis devi ces) and Port p u ll do wn lis[...]

  • Page 218

    Co nfiguri ng Bas i c Fea t ure s USING THE WEB MANAG EME NT INTERF ACE T o e nable port - bas ed VLAN s on the sw it ch or routing sw it ch : 1. L og on to t he dev ic e usi ng a val id us er n ame and pass wo rd for read -write ac cess . The Syste m con f igurat ion p anel i s disp laye d. 2. Selec t th e b ox next t o Port, next to Po licy Bas e[...]

  • Page 219

    Ins t allat i on and G e tting Started Guide Configuring T r unk Gr o ups The T r unk G r oup fea t ure allows y ou to establis h multi p le hig h -speed load-s har ing lin ks bet we en two HP sw itc hes or rou t ing switc hes or betw e en an HP sw i t ch or ro uting sw itch and a se rv er . Y ou can c onf igu r e f r om 2 – 4 p o rts as a trunk [...]

  • Page 220

    Co nfiguri ng Bas i c Fea t ure s Figu re 9. 3 T ru nk group be tween a server an d a sw itch or ro uting sw it ch T r unk Group Rule s • Y o u can c onf ig ure up t o 64 tru nk groups on a C h assis d e vi ce, a nd u p to four tru nk gro ups on the Fixe d-port de vice s. • Each trun k g r oup m ust start w i th a pri mary port. Th e primary po[...]

  • Page 221

    Ins t allat i on and G e tting Started Guide T o cha nge po rt param e ters, you mu st ch ange t hem on the pri mary port. The s o ftw ar e a u toma tic a lly a pp lie s the c ha nge s t o the other port s in the tr unk group. Figure 9. 4 show s some ex amples of val id 2-p o rt tr unk group links betwee n device s. The trun k grou ps in thi s ex a[...]

  • Page 222

    Co nfiguri ng Bas i c Fea t ure s Figure 9. 5 show s exampl e o f tw o C hassis d e vices co nnecte d by mult i-s lot tru nk groups . Figu re 9. 5 E xam pl es o f mu lti- sl ot tru n k g ro ups 9 - 3 7[...]

  • Page 223

    Ins t allat i on and G e tting Started Guide Figure 9. 6 show s the v a li d 2 - po rt and 4 - port trunk g r oups on cha ssis 10/10 0 m odu les. V alid 2-por t trunk groups 1 3 5 7 9 10 1 12 3 14 5 16 7 18 9 20 1 22 23 24 2 4 6 8 1 1 1 1 1 2 V alid 4-por t trunk groups Figu re 9. 6 V al id 2-p o rt an d 4-p o rt trun k g roups o n chassis 10/100 m[...]

  • Page 224

    Co nfiguri ng Bas i c Fea t ure s T abl e 9 . 3: H P T r unk Gro up L o ad Sharing – Routing Sw it che s T run k G r oup T y pe T ra ffic T y pe Load-Sh a ring Basis Sw it ch IP Desti nation IP addre ss IPX D estinati on IPX addre ss Apple T alk D estination Appl eT alk a ddre ss All other Desti nation MAC addr ess Serv er All tr aff ic De st in [...]

  • Page 225

    Ins t allat i on and G e tting Started Guide NOTE: The t e xt sh ow n in i t al ics i n the C L I ex ample belo w sh ow s me ssages e c h oed to the scree n in answ er to the C L I comman ds en tered. Enter th ese comman ds on Ro ut er 1: HP9304(config)# trunk switch e 1/1 to 1/2 Trunk 2 is created for next power cycl e. Please save configuration t[...]

  • Page 226

    Co nfiguri ng Bas i c Fea t ure s NOTE: The pane l l ists port ranges only for t he slo ts tha t co nta in an act ive m odu le. In addition, only the ranges t hat are valid for the mo dule a r e l i st ed. The p o rt ra nges listed by the pa nel conta i n four port s , b u t t he d e fault numbe r of port s in a group i s tw o. If yo u se lect a g [...]

  • Page 227

    Ins t allat i on and G e tting Started Guide HP9300# reload NOTE: HP recom m ends t hat you reloa d th e s o ft wa re i mmedi ately after s aving a trunk g r oup c onfi gur ation t o flas h memo ry , bef ore mak ing further c onfi gur ati on c ha nge s. Syntax : trun k [se r ve r | swit ch] eth e rne t <p rim a ry-po r tnu m> to < portnum&[...]

  • Page 228

    Co nfiguri ng Bas i c Fea t ure s 4. Selec t a port range (fo r example , 5 – 8). On Ch assi s d evi ces, the port numbers i n cl ude th e slot n um bers. F or ex ample, you c an s elect 1/5 – 1/8. 5. Selec t 2 or 4 to indi cate th e numbe r of ports in each gro up. Eac h gro up must hav e the sa me num ber of po rts . 6. Selec t t he por t gro[...]

  • Page 229

    Ins t allat i on and G e tting Started Guide NOTE: Make su re yo u e n ter the low e r po rt i n the range bef ore the “ to ” and the higher po rt in the range afte r the “ to ” . As a sho r tc ut, y ou al so ca n e n ter jus t the l ower port in the range. The softw are autom a tically remo ves a ll h ig her po rts in addition to the s pec[...]

  • Page 230

    Co nfiguri ng Bas i c Fea t ure s Dele ting a T r un k Gr oup T o de lete a tru nk grou p, use ei the r of the fol l ow i ng m et hods. USING THE CL I T o de lete a tru nk grou p, use “ no ” in fron t of the comman d you use d to cr eat e the tru nk group. For example , to remove one of the trunk g r oups configure d in the exampl es abo ve, en[...]

  • Page 231

    Ins t allat i on and G e tting Started Guide The f ollowin g table describ es the inf ormation d isp laye d b y t he s how trun k com ma nd. T a ble 9 . 5: CLI T run k G r oup Info rm atio n Th is Field... Displays. .. T r unk T he trun k g r oup number . The software numb ers the gro ups in the disp l ay to make the disp lay easy to us e. T ype T [...]

  • Page 232

    Co nfiguri ng Bas i c Fea t ure s T abl e 9 . 6: W eb Manag e ment T runk Gr ou p Informati on ( Con t inued) Port M embe rs T he port s in the tru nk group. Th is Field... Displays. .. Configuring IP Mult ic ast T r aff i c Reduct i on ( HP 6208M - SX only) The H P 620 8M- SX forw ar ds al l IP multicast tra ffic by defaul t base d o n the L a yer[...]

  • Page 233

    Ins t allat i on and G e tting Started Guide NOTE: W hen one or more H P 6 208M-SX sw it ches are runn ing Layer 2 I P Mu lti cast T r af fic red u ction , c onfi gure o ne of t he sw it ches for activ e IGM P a nd leave the o t he r s witc hes c onfigu r ed for pas si ve IG MP . Howe ve r , if th e IP mult icas t domain con t ains a m ult ic ast-c[...]

  • Page 234

    Co nfiguri ng Bas i c Fea t ure s USING THE CL I T o e nable activ e IG MP , enter the fo llowin g c omma nd: HP6208(config)# ip multicast active HP6208(config)# write memory HP6208(config)# end HP6208# reload Syntax : [no ] ip mu lt ica st ac tiv e | pass iv e T o e nable passi ve IGMP , e n te r the follo wi ng co mmand: HP6208(config)# ip multic[...]

  • Page 235

    Ins t allat i on and G e tting Started Guide NOTE: Y ou must reload the s o ftw ar e after m a king th is confi gura t io n c ha nge and sa ving it t o the s t artup-c onf ig file. USING THE CL I T o modi fy the query in terval, enter a co mman d s uch as the f o llowin g: HP6208(config)# ip multicast query-int erval 120 Syntax : [no ] ip mu lt ica[...]

  • Page 236

    Co nfiguri ng Bas i c Fea t ure s USING THE WEB MANAG EME NT INTERF ACE Y o u cannot c on f igure t h is featu r e u s in g the W eb m anagement in terface . Defini ng M AC Addres s Filte rs MA C laye r fil t ering enable s you to build ac ces s li sts base d on MA C lay er headers i n the Eth e rn et/IEE E 802 .3 fra me. Y o u can fil t er o n th [...]

  • Page 237

    Ins t allat i on and G e tting Started Guide The <d est- mac> <mask> | an y pa ram e te r specif ies the d est ina t io n M AC a ddre ss. The sy nta x rule s are the same as those fo r the <s rc-ma c> <ma sk> | an y pa ram e te r . Use th e etype | llc | snap arg um ent if yo u w ant to filter o n inform ation b e yo nd t he[...]

  • Page 238

    Co nfiguri ng Bas i c Fea t ure s • If a M AC fi lter is already c o nf ig ured and y ou are adding a n ew o ne, click o n the Add M AC Fil t er lin k to di spla y the M AC Fi lte r configura t io n panel, a s sho w n i n th e follo w i ng exam ple. • If y ou are modi fying an exis tin g MAC filte r , cli ck on t he Modif y button to the rig h [...]

  • Page 239

    Ins t allat i on and G e tting Started Guide • If you a r e modifying an existing MAC fil t er g r oup, c lick on the Mo dify b u tton t o th e right of the r ow de scrib ing the filte r group to d i spla y the Filter G r oup conf igu r ation panel, as show n in the f o llowin g ex ample. 16. Sel ect th e p o rt ( and sl ot, if appl icable) f o r[...]

  • Page 240

    Co nfiguri ng Bas i c Fea t ure s Defini ng Br oadcast and M u lticast Filters Y o u can filt er L a ye r 2 broa dcast an d m u lt icast pa ckets on spec ifi c po rts . • La yer 2 broadcas t packets have the va lu e “ FFFFFF FFFFF F ” (all ones) i n the d est ination M AC addre ss fie ld. Y o u can c onf ig ure broadc ast fil t ers for al l t[...]

  • Page 241

    Ins t allat i on and G e tting Started Guide HP9300(config-bcast-filter-id-1)# writ e memory T o conf igu r e t w o filte r s, o ne to f ilter IP UDP traffic on po rts 1/1 – 1/ 4, a nd the oth e r to filter all broadcas t tra f fic on po rt 4 / 6, ente r the fo llo wi ng co mmands : HP9300(config)# broadcast filter 2 ip udp HP9300(config-bcast-fi[...]

  • Page 242

    Co nfiguri ng Bas i c Fea t ure s Locking a Port T o Restric t Ad dr esses Lo ck-ad d ress filt ers allow yo u to l im i t the numbe r of devices that ha ve acc ess to a spec ifi c port. Ac ces s viol at ion s ar e reported as SNMP traps. By defa ult this featu r e is di sable d. A m a ximu m of 2,048 e n tries can be s pecified for access. The de [...]

  • Page 243

    Ins t allat i on and G e tting Started Guide NOTE: The f o llowin g p r otocol s requ ire a s yst em res et bef ore the protoc ol w i ll be act ive on the s yst em : PIM, DVMRP , RI P , SRP, and IPX. T o re se t a syst em, sele ct the Rel o ad link (W eb) o r enter the reloa d comm and at the pr ivile ged le vel of the CL I. USING THE CL I T o enab[...]

  • Page 244

    Co nfiguri ng Bas i c Fea t ure s • IP routes • IP rout e filte rs • IP sub-nets per port and pe r devic e • St at ic ro ut es • IG MP • DVMRP ro utes • IPX/SAP entrie s • IPX/RIP entrie s • IPX/SAP filters • IPX/RIP filters • IPX forwa r din g filte rs • Apple T alk routes • Apple T alk zones The tabl es you can con f igu[...]

  • Page 245

    Ins t allat i on and G e tting Started Guide atalk-route atalk-zone-port atalk-zone-sys dvmrp igmp ip-cache ip-filter-port ip-filter-sys ipx-forward-filter ipx-rip-entry ipx-rip-filter ipx-sap-entry ipx-sap-filter l3-vlan ip-qos-session l4-real-server l4-virtual-server l4-server-port mac ip-route ip-static-route vlan spanning-tree mac-filter-port m[...]

  • Page 246

    Co nfiguri ng Bas i c Fea t ure s The <num > param e ter spec ifi es the maxim um nu mber o f sub-net ad dre sses for the e n ti re device and can be from 1 – 51 2. Th e d efa ul t is 25 6. HP9300(config)# system-max subnet-per- system 512 HP9300(config)# write memory HP9300(config)# exit HP9300# reload USING THE WEB MANAG EME NT INTERF ACE[...]

  • Page 247

    Ins t allat i on and G e tting Started Guide NOTE: T o moni tor jus t t he i n tr af fic, enter “ in ” inst ead o f “ both ” in t he abov e com m and . T o moni tor only the out tra ff i c, enter “ ou t ” inst ead o f “ both ” i n t he abov e com m and . USING THE WEB MANAG EME NT INTERF ACE EXAM P LE: Suppose you w ant to diagn ose[...]

  • Page 248

    Append ix A Hardware Specifica t ions This a ppe ndix l i sts the ha rd wa re specifi cat ion s fo r the H P 9304M, H P 93 08M, and H P 6 208M-SX routin g sw it ch es a nd the H P 6208M-SX sw itc h. Electri cal Specificati ons T abl e A .1 : Ele c trica l specifica tions Dev i ce Input V o lta g e Range Curren t Ratin g Line F re que ncy HP 6 208M-[...]

  • Page 249

    Ins t allat i on and G e tting Started Guide St or age Environment • Sto r age T em pera t ure : -40 ° – 158 ° F, -40 ° – 70 ° C • Sto r age H umidi ty: 9 5 % m aximum, n on-c on densi ng • Sto r age Al titude: 10,000 fee t (3,000 me ter) ma ximu m Electromagneti c Emissi ons • FC C Cl ass A, Part 15, Subpart B • EN 5 5022A C l as[...]

  • Page 250

    Append ix B Software Specifications This ap pendix li sts t he f o ll owing i n forma t ion : • St anda rd s comp liance • RFC su pport • Internet d r aft s sup port Stand ard s C o mpl iance The H P 930 4 M, HP 9308M , and HP 6208M-SX ro uting s w itc hes a nd the HP 6208M -SX s w itc h sup port the follo win g st andard s. NOTE: The ro utin[...]

  • Page 251

    Ins t allat i on and G e tting Started Guide RFC Support The f o ll owing table li sts the R FCs s upporte d b y th e H P 9304 M, H P 9308M, a nd H P 6208M -SX ro uting s w itc hes a nd the H P 6208M -SX s w itc h. NOTE: Som e dev ices su pport o n ly a sub se t of the RFCs. Fo r example , the H P 6 208M-SX sw it ch do es not s upport rout er-speci[...]

  • Page 252

    So ftw ar e Sp eci f ic ati ons T abl e B.1 : RFC Support (Co n tinue d) 1 213 MI B II Defi nition s 1 215 SN MP generi c trap s 1 256 IC MP Rout er Di scovery Prot ocol (I RDP) 1 267 Border Ga tew ay Pro t ocol ve rsion 4 (BG P 4) M IB 1 340 Assigne d n um bers (where a pplicabl e) 1 354 IP Forw a r din g T able M IB 1 398 Eth e rnet-Li ke MIB 1 4[...]

  • Page 253

    Ins t allat i on and G e tting Started Guide T abl e B.1 : RFC Support (Co n tinue d) 2 385 TCP MD5 Signatu re Opti on (for BGP4 ) 2 439 BGP R oute Flap Dampen in g 2 453 Route Informa t ion Pro t ocol (R IP ) v e rsi on 2 2 796 BGP R oute Re fle c tion 2 842 BGP C apab ili ty Advertisemen t 2 858 BGP M ult i-pr otocol Extensio n RFC Number Prot oc[...]

  • Page 254

    Ind ex Numer i cs 10 /1 00 mode 9- 26 1 000Bas eLx 8-1 0 1 000Bas e Sx 8-1 0 1 000Bas e T 8 - 10 1 00Ba seF x 8-10 10 0B as eF x Ports 8- 10 1 00Ba seT x 8-10 10 Bas e T 8-10 80 2. 3x G igabit nego ti at ion 9- 28 9 304M R o uting Sw itch 2- 8 9 308M R o uting Sw itch 2- 8 A AC powe r 8-11 c onnec tor 8-8 Ac cess CL I 2-21 a ugmen tin g pri vi l eg[...]

  • Page 255

    Ins t allat i on and G e tting Started Guide Ch as si s ar chitec ture 8- 5 ha rdware ov e rvi ew 8-1 modu l e 8-1 name 9-3 po ll in terval 5-19 repla ci ng pow e r supply 2 -6 sl ot an d port n um bers 8-8 s pecif ications A-1 sw apping m odules 2-4 CLI 7-7 access 2- 21 access leve l s 2- 12 a ttac hi ng s e rial cable 2-9 comma nd compl etion 2-2[...]

  • Page 256

    ov ervi ew 8-5 s pecif ications A-1 Flash c ode downl oading 6-1 imag e name 7- 1 up loadi ng 6-1 ve rsio n 7 -2 Flow c ont rol di sablin g 9 - 27 G Ga te wa y de fa ul t 2-14 Ge tting Hel p 1- 3 Gig abi t ne goti at i o n 9 - 19 , 9- 28 Glo bal CONF IG Level 2-1 2 Gr oundi ng ii, 2-3 H Ha lf-du pl e x mode 9-26 Ha ndles, Warning 2 - 1, 2 -3 Hardwa[...]

  • Page 257

    Ins t allat i on and G e tting Started Guide M MA C a ddre ss fi lter 9-51 a ddre ss lo ck 9-5 7 st ati c entr i es 9-3 1 sw itc hi ng 7 - 15 Man ageme nt m odu le redundan t 5- 1 Man ual no men cla tu re 1 -1 Mask , Network 2-1 Memo ry po rt bu ffer 8-8 Messag e TFTP error 6 -8 Mi rro r po rt 9- 6 1 Mode po rt 9- 2 6 Modu l e 8-1 c onnec tors 2-1 [...]

  • Page 258

    Q Query IG MP di sablin g 9 - 49 Quer y in terv al IP multi c as t La yer 2 9-47 R Ra ck in stalla tio n ch a ssis 2 -15 fixed- po rt de vice 2- 16 Ra ck Mo unting 2-3 , 2-1 6 warn ing 2 - 3, 2 - 15 Ra ck, Lo ading 2-3 RADIUS 3 -1, 3-31 Read- on ly comm un it y st ri ng 7- 8 Re ad-w rit e c ommunit y s t ri ng 7-8 no defa ul t 3- 13 Re dundan t lin[...]

  • Page 259

    Ins t allat i on and G e tting Started Guide Super U s er 2-12 Sw a pping mod ule s 2-4 Swi tch a ge t ime 9- 30 ar chitec ture 8- 6 c onfigu r ing ba sic L aye r 2 pa ram e ter s 9- 29 di sablin g 9 - 29 La yer 2 7-15 Sw it chov er redundan t managemen t mod u le 5-2 Syslog me ssage s 5-9 Syslog 7-12 , 9-14 bu ffer 9- 16 , 9- 1 8 c hangi ng f ac i[...]

  • Page 260

    T echnical information in this document is subject to change without notice. ©Copyright Hewlett-Packard Company 2000. All rights reser ved. Reproduction, adaptation, or translation without prior written permission is prohibited except as allowed under the copyright laws. Printed in U.S.A. 12/00 Manual Part Number 5969-2362[...]