Page 1: User Guide
Embedded Web System User Guide for the HP BladeSystem PC Blade Switch Document Part Number: 413353-003 March 2009...
Page 2 This document contains proprietary information that is protected by copyright. No part of this document may be photocopied, reproduced, or translated to another language without the prior written consent of Hewlett-Packard Company.
Page 3: Table Of Contents
Contents Preface 1 Getting Started Starting the Application ............1–1 Understanding the Interface .
Page 4 Contents Defining Port Authentication Properties ......... . 4–23 Defining Port Authentication.
Page 5 Contents Defining Classic Spanning Tree........... . . 9–3 Defining STP on Interfaces .
Page 6 Contents Defining QoS Advanced Mode ........... 13–11 Configuring DSCP Mapping .
Page 7: Preface
Preface The Embedded Web System (EWS) is an intricate network management system. The EWS configures, monitors, and troubleshoots network devices from a remote Web browser. The EWS web pages are easy-to-use and easy-to-navigate. In addition, the EWS provides real time graphs and RMON statistics to help system administrators monitor network performance.
Page 8: Intended Audience
Preface ■ Chapter 11, “Configuring SNMP” — Provides information for configuring SNMP access and management. ■ Chapter 13, “Configuring Quality of Service” — Provides information for Basic and Advanced Quality of Service, including DSCP and CoS mapping, policies, and configuring Trust mode.
Page 9: Getting Started
Getting Started This section provides an introduction to the user interface, and includes the following topics: ■ Starting the Application ■ Understanding the Interface ■ Resetting the Device ■ Logging Off the Device Starting the Application This section contains information for starting the application. To open the EWS application: 1.
Page 10: Understanding The Interface
Getting Started 3. Enter a user name and password. The default user name is admin. The device is not configured with a default password and can be configured without entering a password. Passwords are both case sensitive and alphanumeric. 4. Click .
Page 11: Using The Management Buttons
Getting Started The following table lists the interface components with their corresponding numbers: Interface Components Component Description 1 Tree View The Tree View provides easy navigation through the configurable device features. The main branches expand to provide the subfeatures. 2 Device View The device view provides information about device ports, current configuration and status, table information, and feature components.
Page 12: Device Representation
Getting Started EWS Information Tabs Link Name Description Sign Out Signs users out of the EWS. Save Saves the current device configuration. Device Representation The Zoom View page displays a detailed graphical representation of the device. To open the Zoom View: »...
Page 13: Adding Device Information
Getting Started Adding Device Information User-defined information can be added to specific EWS pages, by opening a new Add page. To add information to tables or EWS pages: 1. Open an EWS page. 2. Click . An Add page opens, for example, the Add Port Mirroring page: Add Port Mirroring 3.
Page 14: Resetting The Device
Getting Started Resetting the Device The Reset page enables the device to be reset from a remote location. Save all changes to the Running Configuration file before resetting the device. This prevents the current device configuration from being lost. To reset the device: 1.
Page 15: Defining System Information
Defining System Information The System Information page contains parameters for configuring general device information, including the System Name, System Location, System Contact, System Object ID, System Up Time, Base MAC addresses, Hardware Version, Software Version, and Boot Version. To define the general system information: 1.
Page 16 Defining System Information ■ Hardware Version — Displays the installed device hardware version number. ■ Software Version — Displays the installed software version number. ■ Boot Version — Displays the current boot version running on the device. www.hp.com Embedded Web System User Guide...
Page 17: Configuring System Time
Configuring System Time This section provides information for configuring system time parameters, including: ■ Configuring Daylight Savings Time ■ Configuring SNTP Configuring Daylight Savings Time The System Time page contains fields for defining system time parameters for both the local hardware clock and the external SNTP clock.
Page 18 Configuring System Time ■ Finland — From the last weekend of March until the last weekend of October. ■ France — From the last weekend of March until the last weekend of October. ■ Germany — From the last weekend of March until the last weekend of October. ■...
Page 19 Configuring System Time ■ Syria — From March 31 until October 30. ■ Taiwan — Taiwan does not use Daylight Savings Time. ■ Turkey — From the last weekend of March until the last weekend of October. ■ United Kingdom — From the last weekend of March until the last weekend of October. ■...
Page 20 Configuring System Time ◆ European — The device switches to DST at 1:00 am on the last Sunday in March and reverts to standard time at 1:00 am on the last Sunday in October. The European option applies to EU members and other European countries using the EU standard. ◆...
Page 21: Configuring Sntp
Configuring System Time ◆ Month — The month of the year in which DST ends every year. The possible field range is Jan-Dec. ◆ Time — The time at which DST ends every year. The field format is HH:MM. For example, 05:30.
Page 22: Defining Sntp Global Settings
Configuring System Time Defining SNTP Global Settings The SNTP Settings page provides information for defining SNTP parameters globally. To define SNTP global parameters: 1. Click System > Time > SNTP Settings. The SNTP Settings page opens: SNTP Settings The SNTP Settings page contains the following fields: ❏...
Page 23: Defining Sntp Servers
Configuring System Time ◆ In progress — Indicates the SNTP server is currently sending or receiving SNTP information. ◆ Unknown — Indicates the progress of the SNTP information currently being sent is unknown. For example, the device is currently looking for an interface. ❏...
Page 24: Defining Sntp Authentication
Configuring System Time Defining SNTP Authentication The SNTP Authentication page provides parameters for defining the means by which the SNTP server is authenticated. To define SNTP authentication: 1. Click System > Time > SNTP Authentication. The SNTP Authentication page opens: SNTP Authentication The SNTP Authentication page contains the following fields: ❏...
Page 25 Configuring System Time To define SNTP authentication parameters: 1. Click . The SNTP Authentication page opens: Add SNTP Authentication 2. Define the Encryption Key ID, Authentication Key, and Trusted Key fields. 3. Click . The SNTP Authentication Key is added, and the device is updated Embedded Web System User Guide www.hp.com...
Page 26 Configuring System Time 3-10 www.hp.com Embedded Web System User Guide...
Page 27: Configuring Device Security
Configuring Device Security This section provides access to security pages that contain fields for setting security parameters for ports, device management methods, users, and server security. This section contains the following topics: ■ Configuring Authentication Methods ■ Configuring Network Security Configuring Authentication Methods This section provides information for configuring device authentication methods.
Page 28 Configuring Device Security To configure access profiles: 1. Click Management Security > Access Method > Access Profiles. The Access Profiles page opens: Access Profiles The Access Profiles page contains the following fields: ❏ Access Profile Name — Defines the access profile name. The access profile name can contain up to 32 characters.
Page 29 Configuring Device Security ◆ All — Assigns all management methods to the rule. ◆ Telnet — Assigns Telnet access to the rule. If selected, users accessing the device using Telnet meeting access profile criteria are permitted or denied access to the device.
Page 30: Defining Profile Rules
Configuring Device Security Defining Profile Rules Access profiles can contain up to 128 rules that determine which users can manage the switch module, and by which methods. Users can also be blocked from accessing the device. Rules are composed of filters including: ■...
Page 31 Configuring Device Security ◆ VLAN — Attaches the rule to the selected VLAN. ❏ Management Method — Defines the management method for which the rule is defined. Users with this access profile can access the device using the management method selected.
Page 32: Defining Authentication Profiles
Configuring Device Security To modify a profile rule: 1. Click Management Security > Access Method > Profile Rules. The Profile Rules page opens. 2. Select a Profile Rule entry. 3. Click . The Profile Rule Settings page opens: Edit Profile Rule Settings 4.
Page 33 Configuring Device Security To define authentication profiles: 1. Click Management Security > Authentication > Authentication Profiles. The Authentication Profiles page opens. Authentication Profiles The Authentication Profiles page contains the following sections: ❏ The Login Authentication Profiles section allows network administrators to select the authentication method by which system users are logged onto the device.
Page 34 Configuring Device Security 2. Click . The Add Authentication Profile page opens: Add Authentication Profile 3. Define the Profile Name and Authentication Methods fields. 4. Click . The authentication profile is defined, and the device is updated. To modify an authentication profile: 1.
Page 35: Mapping Authentication Methods
Configuring Device Security Mapping Authentication Methods After authentication profiles are defined, they can be applied to management access methods. For example, console users can be authenticated by Authentication Profile List 1, while Telnet users are authenticated by Authentication Method List 2. Authentication methods are selected by using arrows to move the methods to the Selected Methods list.
Page 36 Configuring Device Security ◆ Local, RADIUS — Indicates that authentication first occurs locally. If authentication cannot be verified locally, the RADIUS server authenticates the management method. If the RADIUS server cannot authenticate the management method, the session is blocked. ◆ RADIUS, Local —...
Page 37: Defining Tacacs+ Authentication
Configuring Device Security ◆ RADIUS, Local — Indicates that authentication first occurs at the RADIUS server. If authentication cannot be verified at the RADIUS server, the session is authenticated locally. If the session cannot be authenticated locally, the session is blocked.
Page 38 Configuring Device Security The TACACS+ default parameters are user-assigned defaults. The default settings are applied to newly defined TACACS+ servers. If default values are not defined, the system defaults are applied to the new TACACS+ servers. To define TACACS+ authentication settings: 1.
Page 39 Configuring Device Security ❏ Timeout for Reply — Defines the amount of time in seconds that passes before the connection between the device and the TACACS+ times out. The field range is 1-1000 seconds. ❏ Single Connection — Maintains a single open connection between the device and the TACACS+ server.
Page 40: Defining Radius Settings
Configuring Device Security 3. Click . The TACACS Host Settings page opens: TACACS Host Settings 4. Define the Priority, Source IP Address, Key String, Authentication Port, Timeout for Reply, and Single Connection fields. 5. Click . The TACACS host settings are saved, and the device is updated. Defining RADIUS Settings Remote Authorization Dial-In User Service (RADIUS) servers provide additional security for networks.
Page 41 Configuring Device Security RADIUS The RADIUS page contains the following fields: ❏ Default Retries — Defines the number of transmitted requests sent to the RADIUS server before a failure occurs. Possible field values are 1-10. The default value is 3. ❏...
Page 42 Configuring Device Security ❏ Dead Time — Defines the amount of time (in minutes) that a RADIUS server is bypassed for service requests. The range is 0-2000. The default is 0 minutes. ❏ Key String — Defines the default key string used for authenticating and encrypting all RADIUS communications between the device and the RADIUS server.
Page 43: Configuring Passwords
Configuring Device Security 3. Click . The RADIUS Server Settings page opens: RADIUS Server Settings 4. Define the IP Address, Priority, Authentication Port, Timeout for Reply, Dead Time, Key String, Source IP Address, and Usage Type fields. 5. Click . The RADIUS server settings are saved, and the device is updated. Configuring Passwords This section contains information for defining device passwords, and includes the following topics:...
Page 44 Configuring Device Security To define local users: 1. Click Management Security > Passwords > Local Users. The Local Users page opens: Local Users The Local Users page contains the following fields: ❏ User Name — Displays the user name. ❏ Access Level —...
Page 45: Defining Line Passwords
Configuring Device Security ❏ Confirm Password — Verifies the password. To modify the settings for a local user: 1. Click Management Security > Passwords > Local Users. The Local Users page opens. 2. Select a Local User entry. 3. Click .
Page 46 Configuring Device Security 1. Click Management Security > Passwords > Line Password. The Line Password page opens: Line Password The Line Password page contains the following fields: ❏ Console Line Password — Defines the line password for accessing the device using a Console session.
Page 47: Defining Enable Passwords
Configuring Device Security Defining Enable Passwords The Enable Password page sets a local password for a particular access level. To enable passwords: 1. Click Management Security > Passwords > Enable Password. The Enable Password page opens: Enable Password The Enable Password page contains the following fields: ❏...
Page 48: Configuring Network Security
Configuring Device Security Configuring Network Security Network security manages both access control lists and locked ports. This section contains the following topics: ■ Network Security Overview ■ Defining Port Authentication Properties ■ Defining Port Authentication ■ Configuring Traffic Control Network Security Overview This section provides an overview of network security and contains the following topics: ■...
Page 49: Defining Port Authentication Properties
Configuring Device Security Advanced port-based authentication is implemented in the following modes: ■ Single Host Mode — Allows port access only to the authorized host. ■ Multiple Host Mode — Multiple hosts can be attached to a single port. Only one host must be authorized for all hosts to access the network.
Page 50: Defining Port Authentication
Configuring Device Security ◆ RADIUS — Provides port authentication using the RADIUS server. ◆ RADIUS, None — Provides port authentication, first using the RADIUS server. If the port is not authenticated, no authentication method is used, and the session is permitted.
Page 51 Configuring Device Security The Port Authentication page contains the following fields: ❏ Copy From Entry Number — Copies port authentication information from the selected port. ❏ To Entry Number(s) — Copies port authentication information to the selected port. ❏ Port — Displays a list of interfaces on which port-based authentication is enabled. ❏...
Page 52 Configuring Device Security 2. Click . The Port Authentication Settings page opens: Port Authentication Settings 3. Modify the Admin Port Control, Enable Periodic Reauthentication, Quiet Period, Resending EAP, Supplicant Timeout, and Server Timeout fields. In addition to the fields on the Port Authentication page, the Settings page includes the following field: ❏...
Page 53: Configuring Multiple Hosts
Configuring Device Security Configuring Multiple Hosts The Multiple Host page allows network managers to configure advanced port-based authentication settings for specific ports and VLANs. For more information on advanced port-based authentication, see Advanced Port-Based Authentication. To define the network authentication global properties: 1.
Page 54 Configuring Device Security ◆ Disable — Indicates that traps are disabled for Multiple hosts. ❏ Trap Frequency — Defines the time period by which traps are sent to the host. The Trap Frequency field can be defined only if multiple hosts are disabled. The possible field range is 1-1000000.
Page 55: Defining Authentication Hosts
Configuring Device Security Defining Authentication Hosts The Authenticated Host page contains a list of authenticated users. To define authenticated users: 1. Click Network Security > 802.1x > Authenticated Host. The Authenticated Host page opens: Authenticated Host The Authenticated Host page contains the following fields: ❏...
Page 56: Viewing Eap Statistics
Configuring Device Security Viewing EAP Statistics The EAP Statistics page contains information about EAP packets received on a specific port. To view the EAP statistics: 1. Click Network Security > 802.1x > EAP Statistics. The EAP Statistics page opens: EAP Statistics The EAP Statistics page contains following fields: ❏...
Page 57: Configuring Traffic Control
Configuring Device Security ❏ Request ID Frames Transmit—Indicates the number of EAP Req/ID frames transmitted via the port. ❏ Request Frames Transmit—Indicates the number of EAP Request frames transmitted via the port. ❏ Invalid Frames Receive—Indicates the number of unrecognized EAPOL frames received on this port.
Page 58 Configuring Device Security ■ Binding Device Security ACLs Defining IP Based Access Control Lists The IP Based ACL page contains information for defining IP Based ACLs, including defining the ACEs defined for IP Based ACLs. To define IP Based ACLs: 1.
Page 59 Configuring Device Security ❏ Source Port — Defines the TCP/UDP source port to which the ACE is matched. This field is active only if 800/6-TCP or 800/17-UDP are selected in the Select from List menu. The possible field range is 0 - 65535. ❏...
Page 60 Configuring Device Security 2. Click . The Add IP Based ACL page opens: Add IP Based ACL In addition to the fields in the IP Based ACL page, the Add IP Based ACL page contains the following fields: ❏ New Rule Priority — Defines the new rule priority. ❏...
Page 61 Configuring Device Security ◆ Rst — Indicates the connection is dropped. - Set — Enables filtering packets by Rst flags. - Unset — Disables filtering packets by Rst flags. - Don’t care — Indicates that Rst packets do not influence the packet filtering process.
Page 62 Configuring Device Security 5. Click . The Add IP Based Rule page opens. Add IP Based Rule 6. Define the fields. 7. Click . The IP Based ACL is defined, and the device is updated. To modify an IP-based ACL: 1.
Page 63: Defining Mac Based Access Control Lists
Configuring Device Security 3. Click . The Rules Associated with IP-ACL page opens: Rules Associated with IP-ACL 4. Modify the fields. 5. Click . The IP Based ACL is defined, and the device is updated. Defining MAC Based Access Control Lists The MAC Based ACL page allows you to define a MAC-based ACL.
Page 64 Configuring Device Security MAC Based ACL The MAC Based ACL page contains the following fields: ❏ ACL Name — Displays the user-defined MAC based ACLs. ❏ Priority — Indicates the ACE priority, which determines which ACE is matched to a packet on a first-match basis.
Page 65 Configuring Device Security ◆ Shutdown — Drops packet that meet the ACL criteria, and disables the port to which the packet was addressed. Ports are reactivated from the Interface Configuration Page, see "Chapter 6, in section “Configuring Ports.”. 2. Click .
Page 66 Configuring Device Security 1. Click Network Security > Access Control List > MAC Based ACL. The MAC Based ACL page opens. 2. Click . The Edit Rule page opens: Edit Rule 3. Modify the fields. 4. Click . The MAC based ACL is defined, and the device is updated. Binding Device Security ACLs When an ACL is bound to an interface, all the ACE rules that have been defined are applied to the selected interface.Whenever an ACL is assigned on a port, LAG, or VLAN, flows from that...
Page 67 Configuring Device Security ACL Binding The ACL Binding page contains the following fields: ❏ Copy From Entry Number — Copies the ACL information from the defined interface. ❏ To Entry Number(s) — Copies the ACL information to the defined interface. ❏...
Page 68: Managing Port Security
Configuring Device Security Managing Port Security Network security can be increased by limiting access on a specific port only to users with specific MAC addresses. The MAC addresses can be dynamically learned or statically configured. Locked port security monitors both received and learned packets that are received on specific ports.
Page 69 Configuring Device Security ◆ Locked — Indicates the port is currently locked. ❏ Learning Mode — Defines the locked port type. The Learning Mode field is enabled only if Locked is selected in the Interface Status field.The possible field values are: ◆...
Page 70: Enabling Storm Control
Configuring Device Security 4. Click . The port security settings are defined, and the device is updated. Enabling Storm Control Storm control limits the amount of Multicast and Broadcast frames accepted and forwarded by the device. When Layer 2 frames are forwarded, Broadcast and Multicast frames are flooded to all ports on the relevant VLAN.
Page 71 Configuring Device Security ❏ Broadcast Rate Threshold — Indicates the maximum rate (kilobits per second) at which unknown packets are forwarded. The range is 70-100,000. The default value is 3500. ❏ Broadcast Mode — Specifies the Broadcast mode currently enabled on the device. The possible field values are: ◆...
Page 72 Configuring Device Security 4-46 www.hp.com Embedded Web System User Guide...
Page 73 Configuring System Logs This section provides information for managing system logs. System logs enable viewing device events in real time and recording the events for later usage. System Logs record and manage events, and report errors and informational messages. Event messages have a unique format, which is the Syslog protocols recommended message format for all error reporting.
Page 74: Configuring System Logs
Configuring System Logs Defining General Log Properties The Logs Properties page contains fields for defining which events are recorded to which logs. It contains fields for enabling logs globally and parameters for defining logs. Log messages are listed from highest to lowest severity. To define system log parameters: 1.
Page 75: Viewing Memory Logs
Configuring System Logs ✎ When a severity level is selected, all severity level choices above the selection are selected automatically. ❏ Console — Defines the minimum severity level from which logs are sent to the console. ❏ Memory Logs — Defines the minimum severity level from which logs are sent to the log file stored in RAM (Cache).
Page 76: Viewing Flash Logs
Configuring System Logs Viewing Flash Logs The Flash page contains information about log entries saved to the log file in Flash memory, including the time the log was generated, the log severity, and a description of the log message. The Flash logs are available after reboot. To view the Flash logs: »...
Page 77: Defining System Log Servers
Configuring System Logs Defining System Log Servers The Servers page contains information for viewing and configuring the remote log servers. New log servers can be defined, and the log severity can be sent to each server. To define a system log server: 1.
Page 78 Configuring System Logs 2. Click . The Add Syslog Server page opens: Add Syslog Server 3. Define the Log Server IP Address, UDP Port, Facility, Description, and Minimum Severity fields. 4. Click . The system log server is defined, and the device is updated. www.hp.com Embedded Web System User Guide...
Page 79: Configuring Interfaces
Configuring Interfaces This section provides information for configuring ports, LAGs, and LACP, and includes the following topics: ■ Configuring Ports ■ Aggregating Ports ■ Configuring VLANs Configuring Ports The Port Configuration page contains fields for defining port parameters. To define port parameters: 1.
Page 80 Configuring Interfaces ❏ Port Type — Displays the port type. The possible field values are: ◆ 1000M-copper — Indicates the port has a copper port connection and is operating at 1000 Mbps. ◆ 1000M-fiber — Indicates the port has a fiber optic port connection. ❏...
Page 81 Configuring Interfaces ❏ Flow Control — Displays the flow control status on the port. Operates when the port is in full duplex mode. ❏ MDI/MDIX — Displays the MDI/MDIX status on the port. Hubs and switches are deliberately wired opposite from the way that end stations are wired, so that when a hub or switch is connected to an end station, a straight through Ethernet cable can be used, and the pairs are matched up properly.
Page 82: Aggregating Ports
Configuring Interfaces 4. Modify the fields. 5. Click . The port parameters are saved. Aggregating Ports Link Aggregation optimizes port usage by linking a group of ports together to form a single LAG. Aggregating ports multiplies the bandwidth between the devices, increases port flexibility, and provides link redundancy.
Page 83: Configuring Lag Parameters
Configuring Interfaces Configuring LAG Parameters The LAG Configuration page contains fields for configuring parameters for LAGs. The device supports up to eight ports per LAG and eight LAGs per system. To define LAG parameters: LAG Configuration 1. Click Layer 2 > Interface > LAG Configuration. The page opens: LAG Configuration The LAG Configuration page contains the following fields:...
Page 84 Configuring Interfaces ❏ Auto Negotiation — Displays the auto negotiation status of the LAG. Auto negotiation is a protocol between two link partners that enables a port to advertise its transmission rate, duplex mode, and flow control abilities to its partner. ❏...
Page 85: Configuring Lag Membership
Configuring Interfaces Configuring LAG Membership The LAG Membership page contains fields for defining membership for LAGs. To define LAG membership: 1. Click Layer 2 > Interface > LAG Membership. The LAG Membership page opens: LAG Membership The LAG Membership page contains the following fields: ❏...
Page 86 Configuring Interfaces 2. Click . The LAG Membership Settings page opens: LAG Membership Settings 3. Define the fields. 4. Click . The LAG membership is defined, and the device is updated. www.hp.com Embedded Web System User Guide...
Page 87: Configuring Lacp Parameters
Configuring Interfaces Configuring LACP Parameters LAG ports can contain different media types if the ports are operating at the same speed. Aggregated links can be set up manually or can be automatically established by enabling LACP on the relevant links. Aggregate ports can be linked into link-aggregation port groups. Each group is comprised of ports with the same speed.
Page 88: Configuring Vlans
Configuring Interfaces 2. Click . The LACP Parameters Settings page opens: LACP Parameters Settings 3. Edit the LACP Port Priority and LACP Timeout fields. 4. Click . The LACP settings are saved, and the device is updated. Configuring VLANs VLANs are logical subgroups with a Local Area Network (LAN), which combine user stations and network devices into a single unit, regardless of the physical LAN segment to which they are attached.
Page 89: Defining Vlan Properties
Configuring Interfaces Defining VLAN Properties The VLAN Properties page provides information and global parameters for configuring and working with VLANs. To define VLAN properties: 1. Click Layer 2 > VLAN > Properties. The VLAN Properties page opens: VLAN Properties The VLAN Properties page contains the following fields: ❏...
Page 90 Configuring Interfaces 2. Click . The Add VLAN page opens: Add VLAN 3. Define the VLAN ID and VLAN Name fields. 4. Click . The VLAN properties are defined, and the device is updated. ✎ When the Spanning Tree VLAN Separation option is enabled, the switch only retransmits BPDUs on the VLAN they were received from.
Page 91: Defining Vlan Membership
Configuring Interfaces Defining VLAN Membership The VLAN Membership page contains a table that maps VLAN parameters to ports. Ports are assigned VLAN membership by toggling through the Port Control settings. To define VLAN membership: 1. Click Layer 2 > VLAN > Membership. The VLAN Membership page opens: VLAN Membership The VLAN Membership page contains the following fields: ❏...
Page 92: Defining Vlan Interface Settings
Configuring Interfaces ❏ Forbidden (Purple) — Denies the interface VLAN membership, even if GARP indicates the port is to be added. 2. Select a VLAN in the VLAN ID field. The VLAN membership settings are displayed. 3. Define the fields. 4.
Page 93 Configuring Interfaces ◆ Trunk — Indicates the port belongs to VLANs in which all ports are tagged, except for one port that can be untagged. ❏ PVID — Assigns a VLAN ID to untagged packets. The possible values are 1-4094. VLAN 4095 is defined as per standard industry practice as the Discard VLAN.
Page 94: Configuring Garp
Configuring Interfaces Configuring GARP This section contains information for configuring Generic Attribute Registration Protocol (GARP). This section includes the following topics: ■ Defining GARP ■ Defining GVRP ■ Viewing GVRP Statistics Defining GARP GARP is a general-purpose protocol that registers any network connectivity or membership-style information.
Page 95 Configuring Interfaces ❏ Join Timer — Indicates the amount of time, in centiseconds, that PDUs are transmitted. The default value is 20 centiseconds. ❏ Leave Timer — Indicates the amount of time lapse, in centiseconds, that the device waits before leaving its GARP state. Leave time is activated by a Leave All Timer message sent/received, and is cancelled by a Join message received.
Page 96: Defining Gvrp
Configuring Interfaces Defining GVRP GARP VLAN Registration Protocol (GVRP) is specifically provided for automatic distribution of VLAN membership information among VLAN-aware bridges. GVRP allows VLAN-aware bridges to automatically learn VLANs to bridge ports mapping, without having to individually configure each bridge and register VLAN membership. To define GVRP on the device: 1.
Page 97 Configuring Interfaces ❏ Dynamic VLAN Creation — Indicates if Dynamic VLAN creation is enabled on the interface. The possible field values are: ◆ Enabled — Enables Dynamic VLAN creation on the interface. ◆ Disabled — Disables Dynamic VLAN creation on the interface. ❏...
Page 98: Viewing Gvrp Statistics
Configuring Interfaces Viewing GVRP Statistics The GVRP Statistics page contains device statistics for GVRP. To view GVRP statistics: » Click Layer 2 > VLAN > GVRP Statistics. The GVRP Statistics page opens: GVRP Statistics The GVRP Statistics page contains the following fields: ❏...
Page 99 Configuring Interfaces ❏ Invalid Protocol ID — Displays the device GVRP Invalid Protocol ID statistics. ❏ Invalid Attribute Type — Displays the device GVRP Invalid Attribute ID statistics. ❏ Invalid Attribute Value — Displays the device GVRP Invalid Attribute Value statistics. ❏...
Page 100 Configuring Interfaces 6-22 www.hp.com Embedded Web System User Guide...
Page 101: Defining Ip Addresses
Defining IP Addresses This section provides information for defining device IP addresses, and includes the following: ■ Configuring IP Addressing ■ Defining Domain Name Servers Configuring IP Addressing This section contains information for defining IP interfaces, and includes the following sections: ■...
Page 102 Defining IP Addresses ❏ Active Default Gateway — Indicates if the default gateway is active. ❏ Remove User Defined — Removes the default gateway. The possible field values are: ◆ Checked — Removes the selected default gateway. ◆ Unchecked — Maintains the default gateway. ❏...
Page 103: Defining Arp
Defining IP Addresses ❏ Network Mask — Defines the device IP network mask. If this field is defined, the Prefix Length field cannot be defined. ❏ Prefix Length — Defines the device prefix length. Devices that share a prefix are part of the same subnet.
Page 104 Defining IP Addresses ❏ Interface — Displays the interface type for which ARP parameters are displayed. The possible field values are: ◆ Port — Indicates the port for which ARP parameters are defined. ◆ LAG — Indicates the LAG for which ARP parameters are defined. ◆...
Page 105: Defining Domain Name Servers
Defining IP Addresses 3. Modify the Interface, IP Address, and MAC Address fields. 4. Click . The ARP interface is modified, and the device is updated. Defining Domain Name Servers Domain Name System (DNS) converts user-defined domain names into IP addresses. Each time a domain name is assigned, the DNS service translates the name into a numeric IP address.
Page 106 Defining IP Addresses ❏ Type — Displays the IP address type. The possible field values are: ◆ Dynamic — Indicates the IP address is dynamically created. ◆ Static — Indicates the IP address is a static IP address. ◆ DHCP — Indicates the IP address was retrieved using DCHP. ❏...
Page 107: Defining Dns Host Mapping
Defining IP Addresses Defining DNS Host Mapping The Host Mapping page provides information for defining DNS Host Mapping. To define DNS hosts: 1. Click System > Domain Name System > Host Mapping. The Host Mapping page opens: Host Mapping The Host Mapping page contains the following fields: ❏...
Page 108 Defining IP Addresses www.hp.com Embedded Web System User Guide...
Page 109: Defining The Forwarding Database
Defining the Forwarding Database Packets addressed to destinations stored in either the Static or Dynamic databases are immediately forwarded to the port. The Dynamic MAC Address Table can be sorted by interface, VLAN, or MAC Address, whereas MAC addresses are dynamically learned as packets from sources that arrive at the device.
Page 110 Defining the Forwarding Database The Static Addresses page contains the following fields: ❏ VLAN ID — Displays the VLAN ID number to which the entry refers. ❏ MAC Address — Displays the MAC address to which the entry refers. ❏ Interface —...
Page 111: Defining Dynamic Forwarding Database Entries
Defining the Forwarding Database Defining Dynamic Forwarding Database Entries The Dynamic Addresses page contains parameters for querying information in the Dynamic MAC Address Table, including the interface type, MAC addresses, VLAN, and table storing. The Dynamic MAC Address table contains information about the aging time before a dynamic MAC address is erased, and includes parameters for querying and viewing the Dynamic MAC Address table.
Page 112 Defining the Forwarding Database ❏ MAC Address — Specifies the MAC address for which the table is queried. ❏ VLAN ID — Specifies the VLAN ID for which the table is queried. ❏ Address Table Sort Key —Specifies the means by which the Dynamic MAC Address Table is sorted.
Page 113 Configuring Spanning Tree Spanning Tree Protocol (STP) provides tree topography for any arrangement of bridges. STP also provides a single path between end stations on a network, eliminating loops. Loops occur when alternate routes exist between hosts. Loops in an extended network can cause bridges to forward traffic indefinitely, resulting in increased traffic and reducing network efficiency.
Page 114: Configuring Spanning Tree
Configuring Spanning Tree This section contains the following topics: ■ Defining Classic Spanning Tree ■ Defining STP on Interfaces ■ Defining Rapid Spanning Tree ■ Defining Multiple Spanning Tree Instance 0 is reserved for VLAN 4094 (default VLAN to drop all frames). ✎...
Page 115: Defining Classic Spanning Tree
Configuring Spanning Tree Defining Classic Spanning Tree The STP Properties page contains parameters for enabling STP on the device. To enable STP on the device: 1. Click Layer 2 > Spanning Tree > Properties. The STP Properties page opens. STP Properties The STP Properties page contains the following fields: ❏...
Page 116 Configuring Spanning Tree ◆ Short — Specifies 1 through 65,535 range for port path cost. This is the default value. ◆ Long — Specifies 1 through 200,000,000 range for port path cost. The default path cost assigned to an interface varies according to the selected method (Hello Time, Max Age, or Forward Delay).
Page 117: Defining Stp On Interfaces
Configuring Spanning Tree Defining STP on Interfaces Network administrators can assign STP settings to specific interfaces using the STP Interface Settings. The Global LAGs section displays the STP information for Link Aggregated Groups. To assign STP settings to an interface: 1.
Page 118 Configuring Spanning Tree ◆ Blocking — Indicates that the port is currently blocked and cannot forward traffic or learn MAC addresses. Blocking is displayed when Classic STP is enabled. ❏ Port Role — Displays the port role assigned by the STP algorithm to provide to STP paths.
Page 119 Configuring Spanning Tree 2. Click . The STP Interface Settings page opens: STP Interface Settings 3. Select Enable in the STP field. 4. Define the Port Fast, Enable Root Guard, Path Cost, Default Path Cost, and Priority fields. 5. Click .
Page 120: Defining Rapid Spanning Tree
Configuring Spanning Tree Defining Rapid Spanning Tree While Classic STP prevents Layer 2 forwarding loops in a general network topology, convergence can take between 30-60 seconds. This time may delay detecting possible loops and propagating status topology changes. Rapid Spanning Tree Protocol (RSTP) detects and uses network topologies that allow a faster STP convergence without creating forwarding loops.
Page 121 Configuring Spanning Tree ❏ Backup — Provides a backup path to the designated port path toward the Spanning Tree leaves. Backup ports occur only when two ports are connected in a loop by a point-to-point link, or when a LAN has two or more connections to a shared segment. ❏...
Page 122: Defining Multiple Spanning Tree
Configuring Spanning Tree 2. Click . The Rapid STP Settings page opens: Rapid STP Settings 3. Define the fields. 4. Click . RSTP is defined for the selected interface, and the device is updated. Defining Multiple Spanning Tree Multiple Spanning Tree Protocol (MSTP) provides differing load balancing scenarios. For example, while port A is blocked in one STP instance, the same port can be placed in the Forwarding state in another STP instance.
Page 123: Defining Mstp Instance Settings
Configuring Spanning Tree The MSTP Properties page contains the following fields: ❏ Region Name — User-defined STP region name. ❏ Revision — An unsigned 16-bit number that identifies the revision of the current MSTP configuration. The revision number is required as part of the MSTP configuration. The possible field range is 0-65535.
Page 124 Configuring Spanning Tree To define MSTP instance settings: 1. Click Layer 2 > Multiple STP > Instance Settings. The MSTP Instance Settings page opens: MSTP Instance Settings The MSTP Instance Settings page contains the following fields: ❏ Instance ID — Specifies the VLAN group to which the interface is assigned. ❏...
Page 125: Defining Mstp Interface Settings
Configuring Spanning Tree Defining MSTP Interface Settings Network Administrators can assign MSTP Interface settings in the MSTP Interface Settings page To define MSTP interface settings: 1. Click Layer 2 > Multiple STP > Interface Settings. The MSTP Interface Settings page opens: MSTP Interface Settings The MSTP Interface Settings page contains the following fields:...
Page 126 Configuring Spanning Tree ❏ Role — Indicates the port role assigned by the STP algorithm to provide to STP paths. The possible field values are: ◆ Root — Provides the lowest cost path to forward packets to the root device. ◆...
Page 127 Configuring Spanning Tree 2. Click . The MSTP Interface Table opens: MSTP Interface Table 3. Define the Port Priority and the Path Cost fields. 4. Click . The MSTP interface settings are defined, and the device is updated. Embedded Web System User Guide www.hp.com 9-15...
Page 128: Instance To Vlan
Configuring Spanning Tree Instance to VLAN The VLAN screen enables mapping VLANs to MSTP Instances. When configuring VLANs to MSTP instances, note the following: ■ VLAN 1 mapped to MSTP instance 1 by default. ■ VLAN 2 mapped to MSTP instance 2 by default. To map VLANs to MSTP Instances: 1.
Page 129: Configuring Multicast Forwarding
Configuring Multicast Forwarding Multicast forwarding allows a single packet to be forwarded to multiple destinations. Layer 2 Multicast service is based on a Layer 2 switch receiving a single packet addressed to a specific multicast address. Multicast forwarding creates copies of the packet, and transmits the packets to the relevant ports.
Page 130 Configuring Multicast Forwarding The IGMP Snooping page contains the following fields: ❏ Enable IGMP Snooping Status — Indicates if IGMP Snooping is enabled on the device. IGMP Snooping can be enabled only if Bridge Multicast Filtering is enabled. The possible field values are: ◆...
Page 131: Defining Multicast Bridging Groups
Configuring Multicast Forwarding 5. Modify the VLAN ID, IGMP Status Enable, Auto Learn, Host Timeout, MRouter Timeout, and Leave Timeout fields. 6. Click . The IGMP global parameters are sent, and the device is updated. Defining Multicast Bridging Groups The Multicast Group page displays the ports and LAGs attached to the Multicast service group in the Port and LAG tables.
Page 132 Configuring Multicast Forwarding ❏ LAGs — Displays the LAGs that can be added to a Multicast service. The following table contains the IGMP port and LAG members management settings: IGMP Port/LAG Members Table Control Settings Port Control Definition Dynamically joins ports/LAG to the Multicast group in the Current Row. Attaches the port to the Multicast group as a static member in the Static Row.
Page 133: Defining Multicast Forward All Settings
Configuring Multicast Forwarding Defining Multicast Forward All Settings The Multicast Forward All page contains fields for attaching ports or LAGs to a device that is attached to a neighboring Multicast router/switch. Once IGMP Snooping is enabled, Multicast packets are forwarded to the appropriate port or VLAN. Unless LAGs are defined, only a Multicast Forward All table displays.
Page 134 Configuring Multicast Forwarding The following table summarizes the Multicast settings which can be assigned to ports in the Multicast Forward All page. Bridge Multicast Forward All Router/Port Control Settings Table Port Control Definition Attaches the port to the Multicast router or switch as a dynamic port. Attaches the port to the Multicast router or switch as a static port.
Page 135: Configuring Snmp
Configuring SNMP Simple Network Management Protocol (SNMP) provides a method for managing network devices. The device supports the following SNMP versions: ■ SNMP version 1 ■ SNMP version 2c ■ SNMP version 3 SNMP v1 and v2c The SNMP agents maintain a list of variables, which are used to manage the device. The variables are defined in the Management Information Base (MIB).
Page 136: Configuring Snmp Security
Configuring SNMP Configuring SNMP Security This section contains information for configuring SNMP security parameters, and contains the following topics: ■ Defining SNMP Security ■ Defining SNMP Views ■ Defining SNMP Group Profiles ■ Defining SNMP Group Membership ■ Defining SNMP Communities Defining SNMP Security The SNMP Security Global Parameters page permits the enabling of both SNMP and Authentication notifications.
Page 137: Defining Snmp Views
Configuring SNMP 2. Define the Local Engine ID and Use Default fields. 3. Click . The SNMP global security parameters are set, and the device is updated. Defining SNMP Views SNMP Views provide or block access to device features or portions of features. For example, a view can be defined which provides that SNMP group A has Read Only (R/O) access to Multicast groups, while SNMP group B has Read-Write (R/W) access to Multicast groups.
Page 138: Defining Snmp Group Profiles
Configuring SNMP 2. Click . The Add SNMP View page opens: Add SNMP View 3. Define the View Name field. 4. Define the Subtree ID Tree using Select from List or Insert. 5. Define the View Type field. 6. Click .
Page 139 Configuring SNMP The SNMP Group Profile page contains the following fields: ❏ Group Name — Displays the user-defined group to which access control rules are applied. The field range is up to 30 alphanumeric characters. ❏ Security Model — Defines the SNMP version attached to the group. The possible field values are: ◆...
Page 140: Defining Snmp Group Membership
Configuring SNMP 3. Click . The SNMP Group Profile Settings page opens: SNMP Group Profile Settings 4. Modify the Group Name, Security Model, Security Level, and Operation fields. 5. Click . The SNMP group profile is modified, and the device is updated. Defining SNMP Group Membership The SNMP Group Membership page enables assigning system users to SNMP groups, as well as defining the user authentication method.
Page 141 Configuring SNMP ❏ Engine ID — Displays either the local or remote SNMP entity to which the user is connected. Changing or removing the local SNMP Engine ID deletes the SNMPv3 user database. ◆ Local — Indicates that the user is connected to a local SNMP entity. ◆...
Page 142 Configuring SNMP 3. Define the User Name, Engine ID, Group Name, Authentication Method, Password, Authentication Key, and Privacy Key fields. 4. Click . The SNMP group membership is modified, and the device is updated. To modify SNMP group membership settings: 1.
Page 143: Defining Snmp Communities
Configuring SNMP Defining SNMP Communities Access rights are managed by defining communities in the SNMP Communities page. When the community names are changed, access rights are also changed. SNMP communities are defined only for SNMP v1 and SNMP v2c. To define SNMP communities: 1.
Page 144 Configuring SNMP The SNMP Communities Advanced Table contains the following fields: ❏ Management Station — Displays the management station IP address for which the advanced SNMP community is defined. ❏ Community String — Defines the password used to authenticate the management station to the device.
Page 145: Configuring Snmp Notifications
Configuring SNMP Configuring SNMP Notifications This section contains information for configuring SNMP Notifications, and contains the following topics: ■ Defining SNMP Notification Global Parameters ■ Defining SNMP Notification Filters ■ Defining SNMP Notification Recipients Defining SNMP Notification Global Parameters The SNMP Notification Properties page contains parameters for defining SNMP notification parameters.
Page 146: Defining Snmp Notification Filters
Configuring SNMP Defining SNMP Notification Filters The SNMP Notification Filter page permits filtering traps based on OIDs. Each OID is linked to a device feature or a portion of a feature. The SNMP Notification Filter page also allows network managers to filter notifications. To define SNMP notification filters: 1.
Page 147: Defining Snmp Notification Recipients
Configuring SNMP Defining SNMP Notification Recipients The SNMP Notification Recipient page contains information for defining filters that determine whether traps are sent to specific users, and the trap type sent. SNMP notification filters provide the following services: ■ Identifying Management Trap Targets ■...
Page 148 Configuring SNMP ❏ Filter Name — Indicates if the SNMP filter for which the SNMP Notification filter is defined. ❏ Timeout — Indicates the amount of time (in seconds) the device waits before resending informs. The default is 15 seconds. ❏...
Page 149 Configuring SNMP 2. Click . The Add SNMP Notification Recipient page opens: Add SNMP Notification Recipient 3. Define the Recipient IP, Notification Type, SNMPv1,2 or SNMPv3, UPD Port, Filter Name, Timeout, and Retries fields. 4. Click . The SNMP Notification recipients are defined, and the device is updated.
Page 150 Configuring SNMP 3. Click . The SNMP Notification Receiver Settings page opens: SNMP Notification Receiver Settings 4. Modify the Notification Type, SNMPV1,v2c or SNMPv3, UPD Port, Filter Name, TImeout, and Retries fields. 5. Click . The SNMP notification recipients are defined, and the device is updated.
Page 151: Managing System Files
Managing System Files The configuration file structure consists of the following configuration files: ■ Startup Configuration File — Contains the commands required to reconfigure the device to the same settings as when the device is powered down or rebooted. The Startup file is created by copying the configuration commands from the Running Configuration file or the Backup Configuration file.
Page 152: Downloading System Files
Managing System Files Downloading System Files There are two types of files, firmware files and configuration files. The firmware files manage the device, and the configuration files configure the device for transmissions. Only one type of download can be performed at any one time. To download a file: 1.
Page 153: Uploading System Files
Managing System Files ❏ Destination File Name — Specifies the destination file to which to the configuration file is downloaded. The possible field values are: ◆ Running Configuration — Downloads commands into the Running Configuration file. ◆ Startup Configuration — Downloads the Startup Configuration file, and overwrites the old Startup Configuration file.
Page 154: Copying Files
Managing System Files The Configuration Upload section contains the following fields: ❏ TFTP Server IP Address — Specifies the TFTP Server IP Address to which the Configuration file is uploaded. ❏ Destination File Name— Specifies the file name to which the Configuration file is uploaded.
Page 155: Activating The Image File
Managing System Files ❏ Copy Configuration — Copies the Running Configuration file to the Startup Configuration file. ◆ Source File Name — Indicates the Running Configuration file is selected. ◆ Destination File Name — Indicates the Startup Configuration file is selected. ◆...
Page 156 Managing System Files ■ After Reset — Displays the image file which is active on the unit after the device is reset. The possible field values are: ❏ Image 1 - Activates image file 1 after the device is reset. ❏...
Page 157: Configuring Quality Of Service
Configuring Quality of Service This section contains information for configuring QoS, and includes the following topics: ■ Quality of Service Overview ■ Defining General QoS Settings ■ Defining QoS Basic Mode ■ Defining QoS Advanced Mode Quality of Service Overview Quality of Service (QoS) provides the ability to implement QoS and priority queuing within a network.
Page 158: Defining General Qos Settings
Configuring Quality of Service Defining General QoS Settings This section contains information for defining general QoS settings and includes the following topics: ■ Configuring QoS General Settings ■ Restoring Factory Default QoS Interface Settings ■ Defining Queues ■ Defining Rate Limiting ■...
Page 159: Restoring Factory Default Qos Interface Settings
Configuring Quality of Service ❏ Copy from Entry Number — Copies the QoS settings from the selected interfaces. ❏ To Entry Number(s) — Indicates the table entries to which the QoS settings are copied. ❏ Ports — Displays QoS settings for ports. ❏...
Page 160: Defining Rate Limiting
Configuring Quality of Service QoS Queue The Queue page contains the following fields: ❏ Strict Priority — Specifies whether traffic scheduling is based strictly on queue priority. ❏ WRR — Assigns WRR weights to queues. This field is enabled only for queues in WRR queue mode.
Page 161 Configuring Quality of Service Bandwidth Settings The Bandwidth Settings page contains the following fields: ❏ Ports — Displays bandwidth settings for ports. ❏ LAGs — Displays bandwidth settings for LAGs. ❏ Port — Displays the port associated with the listed settings. ❏...
Page 162 Configuring Quality of Service Modify Bandwidth Settings 3. Define the fields. 4. Click . The bandwidth settings are defined, and the device is updated. 13-6 www.hp.com Embedded Web System User Guide...
Page 163: Mapping Cos Values To Queues
Configuring Quality of Service Mapping CoS Values to Queues The CoS to Queue Mapping page contains fields for mapping CoS values to traffic queues. To map CoS values to queues: 1. Click QoS > General > CoS to Queue Mapping. The CoS to Queue Mapping page opens: CoS to Queue Mapping The CoS to Queue Mapping page contains the following fields: ❏...
Page 164: Mapping Dscp Values To Queues
Configuring Quality of Service Mapping DSCP Values to Queues The page contains fields for mapping DSCP settings to traffic queues. For example, a packet with a DSCP tag value of 3 can be assigned to queue 2. To map DSCP values to Queues: 1.
Page 165: Defining Qos Basic Mode
Configuring Quality of Service Defining QoS Basic Mode The QoS Basic Mode page contains links to QoS pages on which Trust Mode and DSCP Rewriting are configured. This section contains the following topics: ■ Defining Basic Mode Settings ■ Rewriting Basic Mode DSCP Values Defining Basic Mode Settings Use the QoS Basic Mode General page to configure the Global Trust Mode, which is set on specified interfaces.
Page 166: Rewriting Basic Mode Dscp Values
Configuring Quality of Service 2. Define the Trust Mode. 3. Click Rewriting Basic Mode DSCP Values The Rewriting Basic Mode DSCP Values page to configure the method for rewriting DSCP tags. To define DSCP values: 1. Click QoS > Basic Mode > DSCP Rewrite. The DSCP Rewrite page opens. DSCP Rewrite The DSCP Rewrite page contains the following fields: ❏...
Page 167: Defining Qos Advanced Mode
Configuring Quality of Service Defining QoS Advanced Mode The QoS Advanced Mode page contains links to QoS pages for configuring advanced settings. This section contains the following topics: ■ Configuring DSCP Mapping ■ Class Mapping ■ Defining Aggregate Policer ■ Defining Policies ■...
Page 168: Class Mapping
Configuring Quality of Service Class Mapping One IP ACL and/or one MAC ACL comprise a class map. Class maps are configured to match packet criteria, and are matched to packets on a first-fit basis. For example, Class Map A is assigned packets based only on an IP-based ACL or a MAC-based ACL.
Page 169 Configuring Quality of Service 2. Click . The Add QoS Class Map page opens. Add QoS Class Map In addition to the fields in the Class Map page, the Add QoS Class Map page contains the following field: ❏ Preferred ACL — Indicates if packets are first matched to an IP based ACL or a MAC based ACL.
Page 170: Defining Aggregate Policer
Configuring Quality of Service Defining Aggregate Policer After a packet is classified, the policing process begins. A policer specifies the bandwidth limit for incoming traffic on the classified flow and actions are defined for packets that exceed the limits. These actions include forwarding packets, dropping packets, or remarking packets with a new DSCP value.
Page 171 Configuring Quality of Service 2. Click . The Add QoS Aggregate Policer page opens. Add QoS Aggregate Policer 3. Define the fields. 4. Click . The aggregated policer is added, and the device is updated. To modify an aggregated policer: 1.
Page 172: Defining Policies
Configuring Quality of Service Defining Policies A policy is a collection of classes, each of which is a combination of a class map and a QoS action to apply to matching traffic. Classes are applied in a first-fit manner within a policy. Before configuring policies for classes whose match criteria are defined in a class map, define a class map or specify the name of the policy map to be created, added to, or modified.
Page 173 Configuring Quality of Service 2. Click . The Add QoS Policy Profile page opens. Add QoS Policy Profile In addition to the fields in the Policy Table page, the Add QoS Policy Profile page contains the following fields: ❏ Class Map — Indicates the class map attached to the policy. The class maps are user-defined in the Class Map page.
Page 174 Configuring Quality of Service ◆ Remark DSCP — Remarks packet’s DSCP values exceeding the defined CIR value. ◆ None — Forwards packets exceeding the defined CIR value. 3. Define the fields. 4. Click . The policy is defined, and the device is updated. To modify an aggregated policer: 1.
Page 175: Setting Policy Binding
Configuring Quality of Service Setting Policy Binding The QoS Policy Binding page attaches policies to interfaces. To bind policies to interfaces: 1. Click QoS > Advanced Mode > Policy Binding. The Policy Binding page opens: Policy Binding The Policy Binding page contains the following fields: ❏...
Page 176 Configuring Quality of Service To modify an aggregated policer: 1. Click QoS > Advanced Mode > Policy Binding. The Policy Binding page opens. 2. Click . The QoS Policy Binding Settings page opens. QoS Policy Binding Settings 3. Modify the fields. 4.
Page 177: Managing Device Diagnostics
Managing Device Diagnostics Device diagnostics provide information about how the device is operating, including mirroring network traffic and cable tests. This section contains the following topics: ■ Configuring Port Mirroring ■ Viewing Integrated Cable Tests ■ Viewing Optical Transceivers ■ Viewing CPU Utilization Configuring Port Mirroring Port mirroring monitors and mirrors network traffic by forwarding copies of incoming and...
Page 178 Managing Device Diagnostics ❏ Destination Port — Defines the port number to which port traffic is copied. Note that this port has to be detached from its VLAN before mirroring is configured. ❏ Source Port — Indicates the port from which the packets are mirrored. ❏...
Page 179: Viewing Integrated Cable Tests
Managing Device Diagnostics 5. Click . The port mirroring settings are modified, and the device is updated. Viewing Integrated Cable Tests The Ethernet Ports page contains fields for performing tests on copper cables. Cable testing provides information about where errors occurred in the cable, the last time a cable test was performed, and the type of cable error that occurred.
Page 180: Viewing Optical Transceivers
Managing Device Diagnostics 2. Click . The cable test is performed. 3. Click . The Copper Cables Extended Feature page opens, and the copper cable test results are displayed. Copper Cables Extended Feature Viewing Optical Transceivers The Optical Transceivers page allows network managers to perform tests on Fiber Optic cables. Optical transceiver diagnostics can be performed only when the link is present.
Page 181: Viewing Cpu Utilization
Managing Device Diagnostics ❏ Temperature — Displays the temperature ( C) at which the cable is operating. ❏ Voltage — Displays the voltage at which the cable is operating. ❏ Current — Displays the current at which the cable is operating. ❏...
Page 182 Managing Device Diagnostics ❏ Time — Time is reflected by the horizontal scale of the graph. This scale indicates the time, at 15 second intervals, that usage samples are taken. 14-6 www.hp.com Embedded Web System User Guide...
Page 183: Viewing Statistics
Viewing Statistics This section provides device statistics for RMON, interfaces, and Etherlike. This section contains the following topics: ■ Viewing Interface Statistics ■ Managing RMON Statistics Viewing Interface Statistics This section contains the following topics: ■ Viewing Interface Statistics ■ Viewing Etherlike Statistics Viewing Interface Statistics The Interface page contains statistics for both received and transmitted packets.
Page 184 Viewing Statistics The Interface page contains the following fields: ❏ Interface — Indicates the device for which statistics are displayed. The possible field values are: ◆ Port — Defines the specific port for which interface statistics are displayed. ◆ LAG — Defines the specific LAG for which interface statistics are displayed. ❏...
Page 185: Viewing Etherlike Statistics
Viewing Statistics Viewing Etherlike Statistics The Etherlike page contains interface statistics. To view Etherlike Statistics: 1. Click Statistics/RMON > Interface Statistics > Etherlike. The Etherlike page opens: Etherlike The Etherlike page contains the following fields: ❏ Interface — Indicates the device for which statistics are displayed. The possible field values are: ◆...
Page 186: Managing Rmon Statistics
Viewing Statistics ❏ Internal MAC Receive Errors — Displays the number of internal MAC received errors on the selected interface. ❏ Received Pause Frames — Displays the number of received paused frames on the selected interface. ❏ Transmitted Paused Frames — Displays the number of paused frames transmitted from the selected interface.
Page 187 Viewing Statistics To view RMON statistics: 1. Click Statistics/RMON > Statistics. The RMON Statistics page opens: RMON Statistics The RMON Statistics page contains the following fields: ❏ Interface — Indicates the device for which statistics are displayed. The possible field values are: ◆...
Page 188: Configuring Rmon History
Viewing Statistics ❏ Multicast Packets Received — Displays the number of good Multicast packets received on the interface since the device was last refreshed. ❏ CRC & Align Errors — Displays the number of CRC and Align errors that have occurred on the interface since the device was last refreshed.
Page 189 Viewing Statistics To view RMON history information: 1. Click Statistics/RMON > History > History Control. The RMON History Control page opens: RMON History Control ✎ This image may not contain all possible fields for this page. The complete list is provided in the following bullets.
Page 190: Viewing The Rmon History Table
Viewing Statistics 2. Click . The RMON Add Event Entry page opens: RMON Add History Entry 3. Define the Source Interface, Owner, Max. No. of Samples to Keep, and Sampling Interval fields. 4. Click . The new entry is added to the RMON History Control, and the device is updated.
Page 191: Configuring Rmon Events
Viewing Statistics ❏ Owner — Displays the RMON station or user that requested the RMON information. The field range is 0-20 characters. ❏ Sample No.— Indicates the sample number from which the statistics were taken. ❏ Received Bytes (Octets) — Displays the number of octets received on the interface since the device was last refreshed.
Page 192 Viewing Statistics 1. Click Statistics/RMON > Events > Events Control. The RMON Events Control page opens: RMON Events Control The RMON Events Control page contains the following fields: ❏ Event Entry — Displays the event. ❏ Community — Displays the community to which the event belongs. ❏...
Page 193: Viewing The Rmon Events Logs
Viewing Statistics 4. Click . the event entry is added and the device is updated. To modify the Event Control statistics settings: 1. Click Advanced Setup > RMON > Events > Events Control. 2. Select an event entry. 3. Click .
Page 194: Defining Rmon Alarms
Viewing Statistics ❏ Log Time — Displays the time when the log entry was entered. ❏ Description — Displays the log entry description. Defining RMON Alarms The RMON Alarm page contains fields for setting network alarms. Network alarms occur when a network problem, or event, is detected.
Page 195 Viewing Statistics ◆ LOG — Indicates there is not a saving mechanism for either the device or in the management system. If the device is not reset, the entry remains in the Log Table. ◆ TRAP — Indicates that an SNMP trap is generated, and sent via the Trap mechanism.
Page 196 Viewing Statistics 15-14 www.hp.com Embedded Web System User Guide...
Page 197 Glossary Specifies the method by which user access is granted to the system. Access Mode Allows network managers to define profiles and rules for accessing the device. Access Profile Access to management functions can be limited to user groups, which are defined by the following criteria: •...
Page 198 Glossary Allows 10/100 Mbps or 10/100/1000 Mbps Ethernet ports to establish for the Auto-negotiation following features: • Duplex/ Half Duplex Mode. • Flow Control. • Speed. A mechanism used with Half Duplex mode that enables a port not to receive a Back Pressure message.
Page 199 Glossary Device sets that receive broadcast frames originating from any device within a Broadcast designated set. Routers bind broadcast domains, because routers do not forward Domain broadcast frames. An excessive amount of broadcast messages simultaneously transmitted across a Broadcast Storm network by a single port.
Page 200 Glossary A single logical port with two physical connections, including an RJ-45 connection Combo Port and a SFP connection. Specifies a group of users which retains the same system access rights. Community Central Processing Unit. The part of a computer that processes information. CPUs are composed of a control unit and an ALU.
Page 201 Glossary An end user device on a network. End System Exterior Gateway Protocol. Permits exchanging routing information between two neighboring gateway hosts in an autonomous systems network. Encapsulating Security Payload. Provides a variety of security services for IPv4 and IPv6. Uses a bus or star topology and supports data transfer rates of Mpbs.
Page 202 Glossary Gigabit Ethernet transmits at 1000 Mbps, and is compatible with existing 10/100 Gigabit Ethernet Ethernet standards. Generic Routing Encapsulation. Enables tunneling using encapsulation with various protocol packet types. GRE creates a virtual point-to-point link to remote IP internetwork routers. GARP VLAN Registration Protocol.
Page 203 Glossary Defines the operation of VLAN Bridges that permit the definition, operation, and EEE 802.1q administration of VLANs within Bridged LAN infrastructures. Internet Group Management Protocol. Allows hosts to notify their local switch or IGMP router that they want to receive transmissions assigned to a specific multicast group. Interior Gateway Protocol.
Page 204 Glossary Link Aggregated Group. Aggregates ports or VLANs into a single virtual port or VLAN. Local Area Network. A network contained within a single room, building, campus or other limited geographical area. Data Link Layer or MAC Layer. Contains the physical address of a client or server Layer 2 station.
Page 205 Glossary Media Dependent Interface with Crossover (MDIX). A cable used for hubs and MDIX switches. Multiply-Divide Unit. A high-speed circuit that performs multiplication and division within the CPU. Management Information Base. MIBs contain information describing specific aspects of network components. Maximum Transfer Unit.
Page 206 Glossary Physical ports provide connecting components that allow microprocessors to Port communicate with peripheral equipment. Monitors and mirrors network traffic by forwarding copies of incoming and Port Mirroring outgoing packets from one port to a monitoring port. Indicates port speed. Port speeds include: Port Speed •...
Page 207 Glossary Routing Information Protocol. Stipulates how routing table information is exchanged between routers. Grips up to four wires. RJ- 1 1 connector plugs the handset into the telephone, and RJ-11 Connector the telephone into the wall. Grips up to eight copper wires and resembles a standard RJ- 1 1 telephone RJ-45 Connector connector.
Page 208 Glossary Secure Shell. Logs into a remote computer via a network, executes commands, and transfers files from one computer to another. Permits a device to operate independently from other devices. Stand-alone Mode Retains the exact device configuration when the device is powered down or Startup rebooted.
Page 209 Glossary Wide Area Networks. Networks that cover a large geographical area. Specifies which IP address bits are used, and which bits are ignored. A wild card Wildcard Mask mask of 255.255.255.255 indicates that no bit is important. A wildcard of 0.0.0.0 indicates that all the bits are important.
Page 210 Glossary Glossary-14 www.hp.com Embedded Web System User Guide...
Page 211 Index 802.1x properties page 4–23 binding 13–19 binding device security ACLs 4–40 Boot Version field 2–2 Access Control Lists 4–31 BPDU 6–12 9–11 access profiles 4–1 BPDU Handling field 9–3 ACEs 4–31 Bridge Multicast Address field 10–3 Ack field 4–34 Bridge Priority field 9–12 ACL 2 field 13–12 Broadcast frames 4–44...
Page 212 Index QOS settings 13–2 policies 13–16 quality of service 13–1 port authentication 4–24 RMON port authentication properties 4–23 events 15–9 profile rules 4–4 history 15–6 SNMP 11–1 advanced mode 13–11 notifications 11–11 basic mode 13–9 security 11–2 queues 13–3 SNTP 3–5 RADIUS settings 4–14 spanning tree 9–1 rapid spanning tree 9–8...
Page 213 Index diagnostics 14–1 Generic Attribute Registration Protocol 6–10 6–16 DiffServ Code Point 13–1 Global System LAG 9–8 DNS 7–5 GVRP 6–18 DNS host mapping 7–7 GVRP statistics 6–20 Domain Name System 7–5 downloading system files 12–2 Hardware Version field 2–2 DSCP 4–31 13–1 13–10...
Page 214 Index local time 3–3 interface settings 9–13 local users 4–17 multicast log properties 5–2 bridging groups 10–3 log servers 5–5 forward all settings 10–5 logging off 1–6 forwarding 10–1 logs Multicast frames 4–44 configuring 5–1 multiple hosts 4–27 flash 5–4 multiple spanning tree 9–10 memory 5–3 multiple STP 9–1...
Page 215 Index DHCP 7–2 history 15–6 EAP 4–22 history table 15–8 GARP 6–10 statistics 15–4 GVRP 6–18 Root Guard field 9–5 LACP 6–4 Rst field 4–35 LCP 9–9 RSTP 9–8 MSTP 9–10 Rule button 1–3 NCP 9–9 Rule Priority field 4–2 RSTP 9–8 rules, access profile 4–4 SNMP 11–1...
Page 216 Index statistics 15–1 Urg field 4–34 statistics,GVRP 6–20 user interface 1–2 storm control 4–44 User Security Model 11–1 Storm Control settings 4–45 users, defining local 4–17 STP 9–1 9–9 using management buttons 1–3 on interfaces 9–5 Operating Mode field 9–3 viewing stratum 3–5 CPU utilization 14–5...

This manual is also suitable for:

Bladesystem bc2200 - blade pc Bladesystem bc2500 - blade pc Bladesystem bc2800 - blade pc Embedded web system

HP BladeSystem bc2000 - Blade PC User Manual

Preface

1 Getting Started

2 Defining System Information

3 Configuring System Time

4 Configuring Device Security

5 Configuring System Logs

6 Configuring Interfaces

7 Defining IP Addresses

8 Defining the Forwarding Database

9 Configuring Spanning Tree

10 Configuring Multicast Forwarding

11 Configuring SNMP

12 Managing System Files

13 Configuring Quality of Service

14 Managing Device Diagnostics

15 Viewing Statistics

Quick Links

User Guide

Related Manuals for HP BladeSystem bc2000 - Blade PC

Summary of Contents for HP BladeSystem bc2000 - Blade PC

This manual is also suitable for:

Table of Contents