Home > HP > Printer > HP 5500 Ei 5500 Si Switch Series Configuration Guide

HP 5500 Ei 5500 Si Switch Series Configuration Guide

Add to Favourites
    Download as PDF Print this page Share this page

    Have a look at the manual HP 5500 Ei 5500 Si Switch Series Configuration Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 1114 HP manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    View all the pages
    Page
    of 2513
    Add page 2181 to Favourites
    image text
    Enable zoom 
    							 118 
# Configure GigabitEthernet 1/0/2 as a trunk port and assign it to VLANs 1 through 200. Disable 
the spanning tree feature and enable flush message  receiving on it, and configure VLAN 10 and 
VLAN 110 as the receive control VLANs.  
[DeviceD] interface gigabitethernet 1/0/2 
[DeviceD-GigabitEthernet1/0/2] port link-type trunk 
[DeviceD-GigabitEthernet1/0/2] port trunk permit vlan 1 to 200 
[DeviceD-GigabitEthernet1/0/2] undo stp enable 
[DeviceD-GigabitEthernet1/0/2] smart-link flush enable control-vlan 10 1\
10 
[DeviceD-GigabitEthernet1/0/2] quit 
5.  Verify the configuration: 
Suppose the optical fiber between Device A and Device B fails. You can use the  display smart-link 
group  command to display the smart link group configuration on a device.  
# Display the smart link group configuration on Device C.  
[DeviceC] display smart-link group all 
 Smart link group 1 information: 
 Device ID: 000f-e23d-5af0 
 Preemption mode: ROLE 
 Preemption delay: 1(s) 
 Control VLAN: 10 
 Protected VLAN: Reference Instance 1 
 Member                     Role    State    Flush-count Last-flush-time\
 
 -----------------------------------------------------------------------\
------ 
 GigabitEthernet1/0/1       MASTER  DOWN     5           16:37:20 2010/0\
2/21 
 
 GigabitEthernet1/0/2       SLAVE   ACTVIE   3           17:45:20 2010/0\
2/21 
 
 
 Smart link group 2 information: 
 Device ID: 000f-e23d-5af0 
 Preemption mode: ROLE 
 Preemption delay: 1(s) 
 Control VLAN: 110 
 Protected VLAN: Reference Instance 2 
 Member                     Role    State    Flush-count Last-flush-time\
 
 -----------------------------------------------------------------------\
------ 
 GigabitEthernet1/0/2       MASTER  ACTVIE   5           16:37:20 2010/0\
2/21 
 
 GigabitEthernet1/0/1       SLAVE   STANDBY  1           17:45:20 2010/0\
2/21 
The output shows that master port GigabitEtherne t 1/0/1 of smart link group 1 fails, and slave 
port GigabitEthernet 1/0/2 is  in forwarding state.
    Add page 2182 to Favourites
    image text
    Enable zoom 
    							 119 
Configuring Monitor Link 
Monitor Link overview 
Monitor Link is a port collaboration function. Monitor Link usually works together with Layer 2 topology 
protocols. The idea is to monitor the states of upli nk ports and adapt the up/down state of downlink ports 
to the up/down state of uplink ports, triggering link switchover on the downstream device in time, as 
shown in  Figure 28. 
Figure 28  Monitor Link application sc

enario 
 
 
Terminology 
Monitor link group 
A monitor link group is a set of uplink and downlink  ports. A port can belong to only one monitor link 
group. As shown in Figure 28 , por
ts Port1 and Port2 of Device B and those of Device D each form a 
monitor link group. Port1 on both devices are uplink po rts, and Port2 on both devices are downlink ports.   
Uplink/Downlink ports 
Uplink port and downlink port are two port roles in monitor link groups: 
•  Uplink ports are the monitored port s. The state of a monitor link group adapts to that of its member 
uplink ports. When a monitor link group contains  no uplink port or when all the uplink ports are 
down, the monitor link group becomes down. As long  as one member uplink port is up, the monitor 
link group stays up.
    Add page 2183 to Favourites
    image text
    Enable zoom 
    							 120 
•  Downlink ports are the monitoring  ports. The state of the downlink ports in a monitor link group 
adapts to that of the monitor link group. When th e state of a monitor link group changes, the state 
of its member downlink ports change accordingly. The state of the downlink  ports in a monitor link 
group is always consistent with that of the monitor link group. 
Uplink/Downlink 
The uplink is the link that connects the uplink ports in  a monitor link group, and the downlink is the link 
that connects the downlink ports.  
How Monitor Link works 
A monitor link group works independently of other  monitor link groups. When a monitor link group 
contains no uplink port or when all its uplink po rts are down, the monitor link group goes down and 
forces all downlink ports down at the same time. When any uplink port goes up, the monitor link group 
goes up and brings up all the downlink ports.  
HP does not recommend manually shutting down or bringing up the downlink ports in a monitor link 
group.  
Configuring Monitor Link 
Configuration prerequisites 
Make sure that the port is not the member port of  any aggregation group or service loopback group.  
Creating a monitor link group  
Step Command 
1.  Enter system view. 
system-view 
2.  Create a monitor link group, and enter monitor link 
group view.   monitor-link group
 group-id  
 
Configuring monitor link group member ports 
You can configure member ports for a monitor link grou p either in monitor link group view or interface 
view. The configurations made in these two views lead to the same result. 
You can assign a Layer 2 Ethernet port or Layer 2  aggregate interface to a monitor link group as a 
member port.  
A port can be assigned to only one monitor link group.  
Configure uplink ports prior to downlink ports to avoid undesired down/up state changes on the 
downlink ports.  
In monitor link group view 
To configure member ports for a monitor  link group in monitor link group view:
    Add page 2184 to Favourites
    image text
    Enable zoom 
    							 121 
Step Command 
1.  Enter system view.  system-view 
2.  Enter monitor link group view. 
monitor-link group group-id  
3.  Configure member ports for the monitor link group.  port 
interface-type interface-number  { uplink | 
downlink }  
 
In interface view 
To configure member ports for a moni tor link group in interface view:  
Step Command 
1.  Enter system view. 
system-view 
2.  Enter Layer 2 Ethernet interface view or Layer 2 
aggregate interface view.  interface
 interface-type interface-number 
3.   Configure the current interface as a member of a 
monitor link group.   port monitor-link group 
group-id { uplink  | 
downlink  } 
 
Displaying and maintaining Monitor Link 
 
Task Command Remarks 
Display monitor link group 
information.
  display monitor-link group
 { group-id | all  } [ | 
{  begin |  exclude | include  } regular-expression  ]  Available in any view 
 
Monitor Link configuration example 
Network requirements 
As shown in Figure 29
, Device C is a smart link device, and Device A, Device B, and Device D are 
associated devices. Traffic of VLANs 1 through 30 on  Device C is dual-uplinked to Device A through a 
smart link group.  
Implement dual uplink backup on Device C, and make  sure that when the link between Device A and 
D evice  B  ( or  Device  D)  fai ls, D evice  C c an sense  the l i nk  fau l t and per form upl i nk  switchover i n the  s mar t 
link group.  
For more information about Smart Link, see  Configuring Smart Link.
    Add page 2185 to Favourites
    image text
    Enable zoom 
    							 122 
Figure 29 Network diagram 
 
 
Configuration procedure 
1. Configure Device C: 
# Create VLANs 1 through 30, map these VLAN s to MSTI 1, and activate MST region 
configuration. 
 system-view 
[DeviceC] vlan 1 to 30 
[DeviceC] stp region-configuration 
[DeviceC-mst-region] instance 1 vlan 1 to 30 
[DeviceC-mst-region] active region-configuration 
[DeviceC-mst-region] quit 
# Disable the spanning tree feature on Gig abitEthernet 1/0/1 and GigabitEthernet 1/0/2 
separately, configure them as trunk ports,  and assign them to VLANs 1 through 30. 
[DeviceC] interface gigabitethernet 1/0/1 
[DeviceC-GigabitEthernet1/0/1] undo stp enable 
[DeviceC-GigabitEthernet1/0/1] port link-type trunk 
[DeviceC-GigabitEthernet1/0/1] port trunk permit vlan 1 to 30 
[DeviceC-GigabitEthernet1/0/1] quit 
[DeviceC] interface gigabitethernet 1/0/2 
[DeviceC-GigabitEthernet1/0/2] undo stp enable 
[DeviceC-GigabitEthernet1/0/2] port link-type trunk 
[DeviceC-GigabitEthernet1/0/2] port trunk permit vlan 1 to 30 
[DeviceC-GigabitEthernet1/0/2] quit 
# Create smart link group 1, and configure all the VLANs mapped to MSTI 1 as the protected 
VLANs for smart link group 1.  
[DeviceC] smart-link group 1 
[DeviceC-smlk-group1] protected-vlan reference-instance 1 
# Configure GigabitEthernet 1/0/1 as the master  port and GigabitEthernet 1/0/2 as the slave 
port for smart link group 1.  
[DeviceC-smlk-group1] port gigabitethernet 1/0/1 master 
[DeviceC-smlk-group1] port gigabitethernet 1/0/2 slave 
# Enable the smart link group to transmit flush messages.  
[DeviceC-smlk-group1] flush enable 
[DeviceC-smlk-group1] quit
    Add page 2186 to Favourites
    image text
    Enable zoom 
    							 123 
2.
 
Configure Device A: 
# Create VLANs 1 through 30. 
 system-view 
[DeviceA] vlan 1 to 30 
# Configure GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2 as trunk po rts, assign them to 
VLANs 1 through 30, and enable flus h message receiving on them.  
[DeviceA] interface gigabitethernet 1/0/1 
[DeviceA-GigabitEthernet1/0/1] port link-type trunk 
[DeviceA-GigabitEthernet1/0/1] port trunk permit vlan 1 to 30 
[DeviceA-GigabitEthernet1/0/1] smart-link flush enable 
[DeviceA-GigabitEthernet1/0/1] quit 
[DeviceA] interface gigabitethernet 1/0/2 
[DeviceA-GigabitEthernet1/0/2] port link-type trunk 
[DeviceA-GigabitEthernet1/0/2] port trunk permit vlan 1 to 30 
[DeviceA-GigabitEthernet1/0/2] smart-link flush enable 
[DeviceA-GigabitEthernet1/0/2] quit 
3. Configure Device B: 
# Create VLANs 1 through 30. 
 system-view 
[DeviceB] vlan 1 to 30 
# Configure GigabitEthernet 1/0/1 as a trunk port, assign it to VLANs 1 through 30, and enable 
flush message receiving on it. 
[DeviceB] interface gigabitethernet 1/0/1 
[DeviceB-GigabitEthernet1/0/1] port link-type trunk 
[DeviceB-GigabitEthernet1/0/1] port trunk permit vlan 1 to 30 
[DeviceB-GigabitEthernet1/0/1] smart-link flush enable 
[DeviceB-GigabitEthernet1/0/1] quit 
# Configure GigabitEthernet 1/0/2 as a trunk port , assign it to VLANs 1 through 30, disable the 
spanning tree feature, and enable flush message receiving on it. 
[DeviceB] interface gigabitethernet 1/0/2 
[DeviceB-GigabitEthernet1/0/2] port link-type trunk 
[DeviceB-GigabitEthernet1/0/2] port trunk permit vlan 1 to 30 
[DeviceB-GigabitEthernet1/0/2] undo stp enable 
[DeviceB-GigabitEthernet1/0/2] smart-link flush enable 
[DeviceB-GigabitEthernet1/0/2] quit 
# Create monitor link group 1,  and then configure GigabitEthernet 1/0/1 as an uplink port and 
GigabitEthernet 1/0/2 as a downlink  port for monitor link group 1.  
[DeviceB] monitor-link group 1 
[DeviceB-mtlk-group1] port gigabitethernet 1/0/1 uplink 
[DeviceB-mtlk-group1] port gigabitethernet 1/0/2 downlink 
[DeviceB-mtlk-group1] quit 
4. Configure Device D: 
# Create VLANs 1 through 30. 
 system-view 
[DeviceD] vlan 1 to 30
    Add page 2187 to Favourites
    image text
    Enable zoom 
    							 124 
# Configure GigabitEthernet 1/0/1 as a trunk port, assign it to VLANs 1 through 30, and enable 
flush message receiving on it. 
[DeviceD] interface gigabitethernet 1/0/1 
[DeviceD-GigabitEthernet1/0/1] port link-type trunk 
[DeviceD-GigabitEthernet1/0/1] port trunk permit vlan 1 to 30 
[DeviceD-GigabitEthernet1/0/1] smart-link flush enable 
[DeviceD-GigabitEthernet1/0/1] quit 
# Configure GigabitEthernet 1/0/2 as a trunk port, assign it to VLANs 1 through 30, disable the 
spanning tree feature, and enable flush message receiving on it. 
[DeviceD] interface gigabitethernet 1/0/2 
[DeviceD-GigabitEthernet1/0/2] port link-type trunk 
[DeviceD-GigabitEthernet1/0/2] port trunk permit vlan 1 to 30 
[DeviceD-GigabitEthernet1/0/2] undo stp enable 
[DeviceD-GigabitEthernet1/0/2] smart-link flush enable 
[DeviceD-GigabitEthernet1/0/2] quit 
# Create monitor link group 1,  and then configure GigabitEthernet 1/0/1 as an uplink port and 
GigabitEthernet 1/0/2 as a downlink  port for monitor link group 1.  
[DeviceD] monitor-link group 1 
[DeviceD-mtlk-group1] port gigabitethernet 1/0/1 uplink 
[DeviceD-mtlk-group1] port gigabitethernet 1/0/2 downlink 
[DeviceD-mtlk-group1] quit 
5. Verify the configuration: 
Use the  display monitor-link group  command to display the monito r link group information on 
devices. For example, when GigabitEthernet 1/0/2 on Device A goes down due to a link fault: 
# Display information about monitor link group 1 on Device B. 
[DeviceB] display monitor-link group 1 
 Monitor link group 1 information: 
 Group status: UP 
 Last-up-time: 16:37:20 2009/4/21 
 Last-down-time: 16:35:26 2009/4/21 
 Member                    Role     Status 
 ------------------------------------------ 
 GigabitEthernet1/0/1      UPLINK   UP 
 GigabitEthernet1/0/2      DOWNLINK UP 
# Display information about monitor link group 1 on Device D. 
[DeviceD] display monitor-link group 1 
 Monitor link group 1 information: 
 Group status: DOWN 
 Last-up-time: 16:35:27 2009/4/21 
 Last-down-time: 16:37:19 2009/4/21 
 Member                    Role     Status 
 ------------------------------------------ 
 GigabitEthernet1/0/1      UPLINK   DOWN 
 GigabitEthernet1/0/2      DOWNLINK DOWN
    Add page 2188 to Favourites
    image text
    Enable zoom 
    							 125 
Configuring VRRP (available only on the HP 
5500 EI) 
•  The term  router in this document refers to both routers and Layer 3 switches. 
•   You can perform interface-specific VRRP configuration only on Layer 3 Ethernet interfaces, VLAN 
interfaces, and Layer 3 aggregate interfaces, unless  otherwise specified. You can set an Ethernet 
port as a Layer 3 interface by using the  port link-mode route command (see Layer 2—LAN 
Switching Configuration Guide ). 
•   VRRP cannot be configured on interfaces in aggregation groups. 
VRRP overview 
Typ i c a l l y,  a s  s h own  i n   Figure 30, y ou can configure a default route with the gateway as the next hop for 
every host on a network segment. All packets destin ed to other network segments are sent over the 
default route to the gateway, which then forwards the packets. However, when the gateway fails, all the 
hosts that use the gateway as the default next-hop router fail to communicate with external networks. 
Figure 30  LAN networking 
 
 
Configuring a default route for network hosts facilitates your configuration, but also requires high 
performance stability of the device that acts as the gateway. Using more egress gateways is a common 
way to improve system reliability, but introduc es the problem of routing among the egresses. 
Virtual Router Redundancy Protocol (VRRP) is design ed to address this problem. VRRP adds a group of 
routers that can act as network gateways to a VRRP group, which forms a virtual router. Routers in the 
VRRP group elect a master through  the VRRP election mechanism to act as a gateway, and hosts on a 
LAN only need to configure the virtual router as their default network gateway.  
VRRP is an error-tolerant protocol, which improves the network reliability and simplifies configurations on 
hosts. On a multicast and broadcast LAN such as Ethernet, VRRP provides highly reliable default links 
without configuration changes (such as dynamic rout ing protocols, route discovery protocols) when a 
router fails, and prevent network interrupt ion because of a single link failure. 
Gateway
Network
Host A
Host B
Host C
    Add page 2189 to Favourites
    image text
    Enable zoom 
    							 126 
VRRP operates in either of the following modes: 
•  Standard protocol mode —Includes two versions VRRPv2 and  VRRPv3 based on RFCs. VRRPv2 is 
based on IPv4, and VRRPv3 is based on IPv6. Th e two versions implement the same functions but 
are applied in different network environments. For more information, see  VRRP standard protocol 
mode . 
•   Load balanc

ing mode —Extends the standard protocol mode  and realizes load balancing. For more 
information, see  VRRP load balancing mode . 
VRRP standard protocol mode 
Introduction to VRRP group 
VRRP combines a group of routers (including a mast er and multiple backups) on a LAN into a virtual 
router called VRRP group. 
A VRRP group has the following features: 
•   A virtual router has a virtual IP address. A host on the LAN only needs to know the IP address of the 
virtual router and uses the IP address as the next hop of the default route. 
•   Every host on the LAN communicates with external networks through the virtual router. 
•   Routers in the VRRP group elect a master that acts as the gateway according to their priorities. The 
other routers function as the backups. When the master fails, to make sure that the hosts in the 
network segment can uninterruptedly communicate with the external networks, the backups in the 
VRRP group elect a new gateway to undertake the responsibility of the failed master. 
Figure 31  Network diagram 
 
 
As shown in Figure 31, Router A, Router B, and Router C form a virtual router, which has its own IP address. 
Hosts on the Ethernet use the virtual router as the default gateway. 
The router with the highest priority among the three routers is elected as the master to act as the gateway, 
and the other two are backups. 
The IP address of the virtual router can be either an unused IP address on the segment where the VRRP 
group resides or the IP address of an interface on a router in the VRRP group. In the latter case, the router 
is called the IP address owner. 
Only one IP address owner can be configured for a VRRP group.
    Add page 2190 to Favourites
    image text
    Enable zoom 
    							 127 
A router in a VRRP group can be in master, backup, or initialize status. 
VRRP priority 
VRRP determines the role (master or backup) of each router in a VRRP group by priority. A router with a 
higher priority is more likely to become the master. 
VRRP priority is in the range of 0 to 255. The greater the number, the higher the priority. Priorities 1 to 
254 are configurable. Priority 0 is reserved for special uses and priority 255 for the IP address owner. 
When a router acts as the IP address owner, its running priority is always 255. That is, the IP address 
owner in a VRRP group acts as the master as long as it works properly.  
Operation mode 
A router in a VRRP group operates  in either of the following modes: 
•   Non-preemptive mode —When a router in the VRRP group be comes the master, it stays as the 
master as long as it operates normally, even if  a backup is assigned a higher priority later. 
•   Preemptive mode —When a backup finds its priority higher than that of the master, the backup 
sends VRRP advertisements to start a new master  election in the VRRP group and becomes the 
master. Accordingly, the original master becomes a backup. 
Authentication mode 
To avoid attacks from unauthorized users, VRRP adds  authentication keys into packets for authentication. 
VRRP provides the following authentication modes: 
•   simple —Simple text authentication 
A router sending a packet fills an authentication  key into the packet, and the router receiving the 
packet compares its local authentication key wi th that of the received packet. If the two 
authentication keys are the same, the received VR RP packet is considered legitimate. Otherwise, 
the received packet is considered invalid. 
•   md5 —MD5 authentication 
A router computes the digest of a packet to be  sent by using the authentication key and MD5 
algorithm and saves the result in the authenticati on header. The router that receives the packet 
performs the same operation by using the authen tication key and MD5 algorithm, and compares 
the result with the content in the authentication he ader. If the results are the same, the router that 
receives the packet considers the packet an au thentic and valid VRRP packet. Otherwise, the 
router considers the packet invalid. 
On a secure network, you can choose  not to set the authentication mode. 
VRRP timers 
VRRP timers include VRRP advertisement inte rval timer and VRRP preemption delay timer. 
VRRP advertisement interval timer 
The master in a VRRP group periodically sends VRRP  advertisements to inform the other routers in the 
VRRP group that it operates properly. 
You can adjust the interval for sending VRRP advertis ements by setting the VRRP advertisement interval 
timer. If a backup receives no advertisements in a pe riod three times the interval, the backup regards itself 
as the master and sends VRRP advertisem ents to start a new master election.
    All HP manuals Comments (0)

    Related Manuals for HP 5500 Ei 5500 Si Switch Series Configuration Guide