HP 5500 Ei 5500 Si Switch Series Configuration Guide
Have a look at the manual HP 5500 Ei 5500 Si Switch Series Configuration Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 1114 HP manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
![Page 2096
33
MAC Address TTL Last MAC Relay Action
0010-FC00-6515 63 0010-FC00-6512 Hit
3. Verify the LM function:
After the CC function obtains the status information of the entire network, use the LM function to test
the link status. For example:
# Test the frame loss from MEP 1001 to MEP 4002 in service instance 1 on Device A.
[DeviceA] cfd slm service-instance 1 mep 1001 target-mep 4002
Reply from 0010-FC00-6514
Far-end frame loss: 10 Near-end frame...](http://img.usermanuals.tech/thumb/36/58909/w64_hp-5500-ei-5500-si-switch-series-configuration-guide-2095.png "Page 2096
33
MAC Address TTL Last MAC Relay Action
0010-FC00-6515 63 0010-FC00-6512 Hit
3. Verify the LM function:
After the CC function obtains the status information of the entire network, use the LM function to test
the link status. For example:
# Test the frame loss from MEP 1001 to MEP 4002 in service instance 1 on Device A.
[DeviceA] cfd slm service-instance 1 mep 1001 target-mep 4002
Reply from 0010-FC00-6514
Far-end frame loss: 10 Near-end frame...")
![Page 2097
34
Reply from 0010-FC00-6514: 5ms
Average: 8ms
Send DMMs: 5 Received: 5 Lost: 0
Frame delay variation: 5ms 4ms 6ms 0ms 0ms
Average: 3ms
6. Verify the TST function:
After the CC function obtains the status information of the entire network, use the TST function to
test the bit errors of a link. For example:
# Test the bit errors on the link from MEP 1001 to MEP 4002 in service instance 1 on Device A.
[DeviceA] cfd tst service-instance 1 mep 1001 target-mep 4002
Info: TST...](http://img.usermanuals.tech/thumb/36/58909/w64_hp-5500-ei-5500-si-switch-series-configuration-guide-2096.png "Page 2097
34
Reply from 0010-FC00-6514: 5ms
Average: 8ms
Send DMMs: 5 Received: 5 Lost: 0
Frame delay variation: 5ms 4ms 6ms 0ms 0ms
Average: 3ms
6. Verify the TST function:
After the CC function obtains the status information of the entire network, use the TST function to
test the bit errors of a link. For example:
# Test the bit errors on the link from MEP 1001 to MEP 4002 in service instance 1 on Device A.
[DeviceA] cfd tst service-instance 1 mep 1001 target-mep 4002
Info: TST...")
38 Table 12 DLDP mode and neighbor entry aging DLDP mode Detecting a neighbor after the corresponding nei ghbor entry ages out Removing the neighbor entry immediately after the Entr y timer expires Triggering the Enhanced timer after an Entry timer ex pires Normal DLDP mode No Yes No Enhanced DLDP mode Yes No Yes Tabl e 13 shows the relationship between DLDP modes and unidirectional link types. Table 13 DLDP mode and unidirectional link types Unidirectional link type Whether it occurs on fibers Whether it occurs on copper twisted pairs In which DLDP mode unidirectional links can be detected Cross-connected link Yes No Both normal and enhanced modes Connectionless or broken link Yes Yes Only enhanced mode. The port that can receive signals is in Disable state, and the port that does not receive signals is in Inactive state. Enhanced DLDP mode is designed for addressing blac k holes. It prevents situations where one end of a link is up and the other is down. If you configure forced speed and full duplex mode on a port, the situation shown in Figure 10 ma y occur (take the fiber link for example). Without DLDP enabled, the port on Device B is actually down but its state cannot be detected by common data link protocols, so the port on Device A is still up. However, in enhanced DLDP mode, the following occurs: The port on Device B is in Inactive DL DP state because it is physically down. The port on Device A tests the peer port on Device B after the Entry timer for the port on Device B expires. The port on Device A transits to the Disable state if it does not receive an Echo packet from the port on Device B when the Echo timer expires. Figure 10 A scenario for the enhanced DLDP mode DLDP authentication mode You can use DLDP authentication to prevent network attacks and illegal detection. There are three DLDP authentication modes.
39
• Non-authentication:
{ The sending side sets the Authentication field an d the Authentication type field of DLDP packets
to 0.
{ The receiving side checks the values of the two fields of received DLDP packets and drops the
packets where the two fields conflict with the corresponding local configuration.
• Simple authentication:
{ Before sending a DLDP packet, the sending side sets the Authentication field to the
user-configured password and sets the Authentication type field to 1.
{ The receiving side checks the values of the two fields in received DLDP packets and drops any
packets where the two fields conflict with the corresponding local configuration.
• MD5 authentication:
{ Before sending a packet, the sending side encrypts the user configured password using MD5
algorithm, assigns the digest to the Authentication field, and sets the Authentication type field
to 2.
{ The receiving side checks the values of the two fields in received DLDP packets and drops any
packets where the two fields conflicting with the corresponding local configuration.
DLDP processes
1. On a DLDP-enabled link that is in up state, DLDP sends DLDP packets to the peer device and
processes the DLDP packets received from the p eer device. DLDP packets sent vary with DLDP
states.
Table 14 DLDP packet types and DLDP states
DLDP state T
ype of DLDP packets sent
Active Advertisement packet with RSY tag
Advertisement Normal Advertisement packet
Probe Probe packet
Disable Disable packet and then RecoverProbe packet
NOTE:
A device sends Flush packets when it transits to the Initial state from the Active, Advertisement, Probe, or
DelayDown state but does not send them when it transits to the Initial state from Inactive or Disable state.
2. A received DLDP packet is proces sed with the following methods:
{ In any of the three authentication modes, the packet is dropped if it fails to pass the
authentication.
{ The packet is dropped if the setting of the inte rval to send Advertisement packets it carries
conflicts with the corresponding local setting.
{ Other processes are as shown in Tabl e 15.
40 Table 15 Procedures for processing different types of DLDP packets received Packet t ype Processing procedure Advertisement packet with RSY tag Retrieves the neighbor information If the corresponding neighbor en try does not exist, creates the neighbor entry, triggers the Entry timer, and transits to Probe state. If the corresponding neighbor entry already exists, resets the Entry timer and transits to Probe state. Normal Advertisement packet Retrieves the neighbor information If the corresponding neighbor en try does not exist, creates the neighbor entry, triggers the Entry timer, and transits to Probe state. If the corresponding neighbor entry already exists, resets the Entry timer. Flush packet Determines whether or not the local port is in Disable state If yes, performs no processing. If no, removes the corresponding neighbor entry (if any). Probe packet Retrieves the neighbor information If the corresponding neighbor en try does not exist, creates the neighbor entry, transits to Prob e state, and returns Echo packets. If the corresponding neighbor entry already exists, resets the Entry timer and returns Echo packets. Echo packet Retrieves the neighbor information If the corresponding neighbor en try does not exist, creates the neighbor entry, triggers the Entry timer, and transits to Probe state. The correspondin g neighbor entry already exists If the neighbor information it carries conflicts with the corresponding locally maintained neighbor entry, drops the packet. Otherwise, sets the flag of the neighbor as two-way connected. In addition, if the flags of all the neighbors are two-way connected, the device transits from Probe state to Advertisement state and disables the Echo timer. Disable packet Checks whether the local port is in Disable state If yes, performs no processing. If not, sets the state of the corresponding neighbor to unidirectional, and then checks th e state of other neighbors. If all the neighbors are unidirectional , transitions the local port to the Disable state. If the state of some neighbors is unknown, waits until the state of these neighbors is determined. If bidirectional neighbors are present, removes all unidirectional neighbors. RecoverProbe packet Checks whether the local port is in Disable or Advertisement state If not, performs no processing. If yes, returns RecoverEcho packets. RecoverEcho packet Checks whether the local port is in Disable state If not, performs no processing. If yes, the local port transits to Active state if the neighbor information the packet carries is consistent with the local port information.
41 Packet type Processing procedure LinkDown packet Checks whether the local port operates in Enhanced mode If not, performs no processing. If yes and the local port is not in Disable state, sets the state of the corresponding neighbor to un idirectional, and then checks the state of other neighbors. If all the neighbors are unidirectional, transitions the loca l port to the Disable state. If the state of some neighbors is unknown, waits until the state of these neighbors is determined. If bidirectional neighbors are present, removes all unid irectional neighbors. 3. If no echo packet is received from the neighbor, DLDP perf orms the following processing. Table 16 DLDP process when no echo packet is received from the neighbor No echo packet received from the nei ghbor Processing procedure In normal mode, no echo packet is received when the Echo timer expires. DLDP sets the state of the corresponding neighbor to unidirectional, and then checks the state of other neighbors: • If all the neighbors are unidirectional, removes all the neighbors, transitions to the Disable state, outputs log and tracking information, and sends Disable packets. In addition, depending on the user-defined DLDP down mode, shuts down the local port or prompts users to shut down the port. • If the state of some neighbors is unknown, waits until the state of these neighbors is determined. • If bidirectional neighbors are present, removes all unidirectional neighbors. In enhanced mode, no echo packet is received when the Echo timer expires. Link auto-recovery mechanism If the port shutdown mode upon detectio n of a unidirectional link is set to auto, DLDP automatically sets the state of the port, where a unidirectional link is detected, to DLDP down. A DLDP down port cannot forward data traffic or send/receive any PDUs except DLDPDUs. On a DLDP down port, DLDP monitors the unidirection al link. Once DLDP finds out that the state of the link has restored to bidirectional, it brings up the port. The specific process is: The DLDP down port sends out a RecoverProbe packet, which carries only information about the local port, every two seconds. Upon receiving the RecoverProbe packet, the remote end returns a RecoverEcho packet. Upon receiving the RecoverEcho packet, the local port checks whether neighbor information in the RecoverEcho packet is the same as the local port information. If they are the same, the link between the local port and the neighbor is considered to have been restored to a bidirectional link, and the port will transit from Disable state to Active state and re-establish relationship with the neighbor. Only DLDP down ports can send and process Recover packets, including RecoverProbe packets and RecoverEcho packets. If related ports are manually shut down with the shutdown command, the auto-recovery mechanism will not take effect. DLDP neighbor state A DLDP neighbor can be in one of the three states described in Tabl e 17.
42 Table 17 Description on DLDP neighbor states DLDP nei ghbor state Description Unknown A neighbor is in this state when it is just detected and is being probed. A neighbor is in this state only when it is being probed. It transits to Two way state or Unidirectional state after the probe operation finishes. Two way A neighbor is in this state after it receives response from its peer. This state indicates the link is a two-way link. Unidirectional A neighbor is in this state when the link connecting it is detected to be a unidirectional link. After a device transits to this st ate, the corresponding neighbor entries maintained on other devices are removed. DLDP configuration task list For DLDP to work properly, enable DLDP on both sides and make sure these settings are consistent: the interval to send Advertisement packets, DLDP authentication mode, and password. DLDP does not process any link aggregation control protocol (LACP) events. The links in an aggregation are treated as individual links in DLDP. Make sure the DLDP version running on devices on the two ends are the same. Complete the following tasks to configure DLDP: Task Remarks Configuring the duplex mode and speed of an Ethernet interface Required Enabling DLDP Required Setting DLDP mode Optional Setting the interval to send advertisement packets Optional Setting the delaydown timer Optional Setting the port shutdown mode Optional Configuring DLDP authentication Optional Resetting DLDP state Optional Configuring the duplex mode and speed of an Ethernet interface To make sure that DLDP works properly on a link, you must configure the full duplex mode for the ports at two ends of the link, and configure a speed for the two ports, rather than letting them negotiate a speed. For more information about the duplex and speed commands, see Layer 2—LAN Switching Command Reference .
43
Enabling DLDP
To properly configure DLDP on the device, first enable DLDP globally, and then enable it on each port.
To enable DLDP:
Step Command Remarks
1. Enter system view.
system-view N/A
2. Enable DLDP globally.
dldp enable Globally disabled by default.
3. Enter Layer 2 Ethernet
interface view or port group
view. Enter Layer 2 Ethernet
interface view:
interface
interface-type
interface-number
Enter port group view:
port-group manual
port-group-name Use either approach.
Configurations made in Layer 2 Ethernet
interface view apply to the current port only.
Configurations made in port group view
apply to all ports in the port group.
4.
Enable DLDP.
dldp enable Disabled on a port by default.
NOTE:
• DLDP takes effect only on Ethernet interfaces (fiber or copper).
• DLDP can detect unidirectional links only after all physical links are connected. Therefore, before
enabling DLDP, make sure that optical fibers or copper twisted pairs are connected.
Setting DLDP mode
DLDP operates in normal or enhanced mode.
In normal mode, DLDP does not actively detect neighbors when the corresponding neighbor entries age
out.
In enhanced mode, DLDP actively detects neighbors when the corresponding neighbor entries age out.
To set DLDP mode:
Step Command Remarks
1. Enter system view. system-view N/A
2. Set DLDP mode.
dldp work-mode { enhance | normal } Optional.
Normal by default.
Setting the interval to send advertisement packets
DLDP detects unidirectional links by sending Advertisement packets. To make sure that DLDP can detect
unidirectional links promptly without affecting ne twork performance, set the advertisement interval
appropriately depending on your network environment. The interval should be set shorter than one third
of the STP convergence time. If the interval is too long, STP loops may occur before unidirectional links
are detected and shut down. If the interval is too sh ort, the number of advertisement packets will increase.
HP recommends that you use the default interval in most cases.
44 To set the interval to send Advertisement packets: Step Command Remarks 1. Enter system view. system-view N/A 2. Set the interval to send Advertisement packets. dldp interval time Optional. 5 seconds by default. NOTE: • The interval for sending Advertisement packets applies to all DLDP-enabled ports. • To enable DLDP to operate properly, make sure the intervals for sending Advertisement packets on both sides of a link are the same. Setting the delaydown timer On some ports, when the Tx line fails, the port goes down and then comes up again, causing optical signal jitters on the Rx line. When a port goes down due to a Tx failure, the device transits to the DelayDown state instead of the Inactive state to pr event the corresponding neighbor entries from being removed. At the same time, the device triggers the DelayDown timer. If the port goes up before the timer expires, the device restores the original state; if the port remains down when the timer expires, the device transits to the Inactive state. To set the DelayDown timer: Step Command Remarks 1. Enter system view. system-view N/A 2. Set the DelayDown timer. dldp delaydown-timer time Optional. 1 second by default. NOTE: DelayDown timer setting applies to all DLDP-enabled ports. Setting the port shutdown mode On detecting a unidirectional link, the ports can be shut down in one of the following two modes: • Manual mode —This mode applies to low performance networks, where normal links may be treated as unidirectional links. It protects data traf fic transmission against false unidirectional links. In this mode, DLDP only detects unidirectional links but does not automatically shut down unidirectional link ports. Instead, the DLDP state machine generates log and traps to prompt you to manually shut down unidirectional link ports with the shutdown command. HP recommends that you do as prompted. Then the DLDP state machine transits to the Disable state. • Auto mode —In this mode, when a unidirectional link is detected, DLDP transits to Disable state, generates log and traps, and sets the port state to DLDP Down. On a port with both remote OAM loopback and DLDP enabled, if the port shutdown mode is auto mode, the port will be shut down by DLDP when it receives a packet sent by itself, causing remote OAM loopback to operate improperly. To prevent this, set the port shutdown mode to manual mode.
45
If the device is busy, or the CPU usage is high, normal links may be treated as unidirectional links. In this
case, you can set the port shutdown mode to manual mode to alleviate the impact caused by false
unidirectional link report.
To set port shutdown mode:
Step Command Remarks
1. Enter system view. system-view N/A
2. Set port shutdown
mode. dldp unidirectional-shutdown
{ auto |
manual } Optional.
auto
by default.
Configuring DLDP authentication
You can guard your network against attacks and malicious probes by configuring an appropriate DLDP
authentication mode, which can be simple authentication or MD5 authentication. If your network is safe,
you can choose not to authenticate.
To enable DLDP to operate properly, make sure that DLDP authentication modes and passwords on both
sides of a link are the same.
To configure DLDP authentication:
Step Command Remarks
1. Enter system view.
system-view N/A
2. Configure DLDP
authentication. dldp authentication-mode
{ none |
{ md5 | simple } password } none
by default.
Resetting DLDP state
After DLDP detects a unidirectional link on a port, the port enters Disable state. In this case, DLDP prompts
you to shut down the port manually or it shuts down the port automatically depending on the user-defined
port shutdown mode. To enable the port to perform DLDP detect again, you can reset the DLDP state of
the port by using one of the following methods:
• If the port is shut down with the shutdown command manually, run the undo shutdown command
on the port.
• If DLDP automatically shuts down the port, run the dldp reset command on the port to enable the
port to perform DLDP detection again. Alternativel y, you can wait for DLDP to automatically enable
the port when it detects that the link has been re stored to bidirectional. For how to reset the DLDP
state by using the dldp reset command, see Resetting DLDP state in system view and
Resetting
D
LDP state in interface view/port group view .
The DLDP state that the port transits to upon the DLDP state reset operation depends on its physical state.
If the port is physically down, it transits to Inactive st ate; if the port is physically up, it transits to Active
state.
Resetting DLDP state in system view
Resetting DLDP state in system view applies to all ports of the device.
To reset DLDP in system view:
46
Step Command
1. Enter system view. system-view
2. Reset DLDP state.
dldp reset
Resetting DLDP state in interface view/port group view
Resetting DLDP state in interface view or port group view applies to the current port or all ports in the port
group.
To reset DLDP state in interface view/port group view:
Step Command Remarks
1. Enter system view.
system-view N/A
2. Enter Layer 2 Ethernet
interface view or port group
view. Enter Layer 2 Ethernet interface
view:
interface
interface-type
interface-number
Enter port group view:
port-group manual
port-group-name Use either approach.
Configurations made in Layer 2
Ethernet interface view apply to the
current port only. Configurations
made in port group view apply to all
the ports in the port group.
3.
Reset DLDP state.
dldp reset N/A
Displaying and maintaining DLDP
Task Command Remarks
Display the DLDP configuration of
a port. display dldp
[ interface-type
interface-number ] [ | { begin | exclude |
include } regular-expression ] Available in any view
Display the statistics on DLDP
packets passing through a port. display dldp statistics
[ interface-type
interface-number ] [ | { begin | exclude |
include } regular-expression ] Available in any view
Clear the statistics on DLDP packets
passing through a port. reset dldp statistics
[ interface-type
interface-number ] Available in user view
DLDP configuration examples
Automatically shutting down unidirectional links
Network requirements
•
As shown in Figure 11, D evice A and Device B are connected with two fiber pairs.
• Configure DLDP to automatically shut down the faul ty port upon detecting a unidirectional link, and
automatically bring up the port after you clear the fault.
47 Figure 11 Network diagram Configuration procedure 1. Configure Device A: # Enable DLDP globally. system-view [DeviceA] dldp enable # Configure GigabitEthernet 1/0/49 to operate in full duplex mode and at 1000 Mbps, and enable DLDP on the port. [DeviceA] interface gigabitethernet 1/0/49 [DeviceA-GigabitEthernet1/0/49] duplex full [DeviceA-GigabitEthernet1/0/49] speed 1000 [DeviceA-GigabitEthernet1/0/49] dldp enable [DeviceA-GigabitEthernet1/0/49] quit # Configure GigabitEthernet 1/0/50 to operate in full duplex mode and at 1000 Mbps, and enable DLDP on the port. [DeviceA] interface gigabitethernet 1/0/50 [DeviceA-GigabitEthernet1/0/50] duplex full [DeviceA-GigabitEthernet1/0/50] speed 1000 [DeviceA-GigabitEthernet1/0/50] dldp enable [DeviceA-GigabitEthernet1/0/50] quit # Set the DLDP mode to enhanced. [DeviceA] dldp work-mode enhance # Set the port shutdown mode to auto. [DeviceA] dldp unidirectional-shutdown auto 2. Configure Device B: