HP 5500 Ei 5500 Si Switch Series Configuration Guide
Have a look at the manual HP 5500 Ei 5500 Si Switch Series Configuration Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 1114 HP manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
![Page 2482
181
Step Command Remarks
4. Configure the SNMPv3 group
shared by a cluster. cluster-snmp-agent
group v3
group-name [ authentication |
privacy ] [ read-view read-view ]
[ write-view write-view ]
[ notify-view notify-view ] N/A
5.
Create or update information
of the MIB view shared by a
cluster. cluster-snmp-agent mib-view
included view -name oid -tree By default, the name of the MIB
view shared by a cluster is
ViewDefault and a cluster can
access the ISO subtree.
6....](http://img.usermanuals.tech/thumb/36/58909/w64_hp-5500-ei-5500-si-switch-series-configuration-guide-2481.png "Page 2482
181
Step Command Remarks
4. Configure the SNMPv3 group
shared by a cluster. cluster-snmp-agent
group v3
group-name [ authentication |
privacy ] [ read-view read-view ]
[ write-view write-view ]
[ notify-view notify-view ] N/A
5.
Create or update information
of the MIB view shared by a
cluster. cluster-snmp-agent mib-view
included view -name oid -tree By default, the name of the MIB
view shared by a cluster is
ViewDefault and a cluster can
access the ISO subtree.
6....")
![Page 2483
182
Task Command Remarks
Display NTDP configuration
information. display ntdp [ |
{ begin | exclude | include }
regular-expression ] Available in any view
Display the switch information
collected through NTDP. display ntdp device-list [ verbose
] [ | { begin |
exclude | include } regular-expression ] Available in any view
Display the detailed NTDP
information of a specified
switch. display ntdp single-device mac-address
mac-address
[ | { begin | exclude | include }...](http://img.usermanuals.tech/thumb/36/58909/w64_hp-5500-ei-5500-si-switch-series-configuration-guide-2482.png "Page 2483
182
Task Command Remarks
Display NTDP configuration
information. display ntdp [ |
{ begin | exclude | include }
regular-expression ] Available in any view
Display the switch information
collected through NTDP. display ntdp device-list [ verbose
] [ | { begin |
exclude | include } regular-expression ] Available in any view
Display the detailed NTDP
information of a specified
switch. display ntdp single-device mac-address
mac-address
[ | { begin | exclude | include }...")
![Page 2484
183
Figure 60 Network diagram
Configuration procedure
1. Configure the member switch Switch A:
# Enable NDP globally and for port GigabitEthernet 1/0/1.
system-view
[SwitchA] ndp enable
[SwitchA] interface gigabitethernet 1/0/1
[SwitchA-GigabitEthernet1/0/1] ndp enable
[SwitchA-GigabitEthernet1/0/1] quit
# Enable NTDP globally and for port GigabitEthernet 1/0/1.
[SwitchA] ntdp enable
[SwitchA] interface gigabitethernet 1/0/1
[SwitchA-GigabitEthernet1/0/1] ntdp enable...](http://img.usermanuals.tech/thumb/36/58909/w64_hp-5500-ei-5500-si-switch-series-configuration-guide-2483.png "Page 2484
183
Figure 60 Network diagram
Configuration procedure
1. Configure the member switch Switch A:
# Enable NDP globally and for port GigabitEthernet 1/0/1.
system-view
[SwitchA] ndp enable
[SwitchA] interface gigabitethernet 1/0/1
[SwitchA-GigabitEthernet1/0/1] ndp enable
[SwitchA-GigabitEthernet1/0/1] quit
# Enable NTDP globally and for port GigabitEthernet 1/0/1.
[SwitchA] ntdp enable
[SwitchA] interface gigabitethernet 1/0/1
[SwitchA-GigabitEthernet1/0/1] ntdp enable...")
![Page 2485
184
[SwitchB-GigabitEthernet1/0/3] quit
# Configure the period for the receiving switch to keep NDP packets as 200 seconds.
[SwitchB] ndp timer aging 200
# Configure the interval to send NDP packets as 70 seconds.
[SwitchB] ndp timer hello 70
# Enable NTDP globally and for ports Gigabi tEthernet 1/0/2 and GigabitEthernet 1/0/3.
[SwitchB] ntdp enable
[SwitchB] interface gigabitethernet 1/0/2
[SwitchB-GigabitEthernet1/0/2] ntdp enable
[SwitchB-GigabitEthernet1/0/2] quit
[SwitchB] interface...](http://img.usermanuals.tech/thumb/36/58909/w64_hp-5500-ei-5500-si-switch-series-configuration-guide-2484.png "Page 2485
184
[SwitchB-GigabitEthernet1/0/3] quit
# Configure the period for the receiving switch to keep NDP packets as 200 seconds.
[SwitchB] ndp timer aging 200
# Configure the interval to send NDP packets as 70 seconds.
[SwitchB] ndp timer hello 70
# Enable NTDP globally and for ports Gigabi tEthernet 1/0/2 and GigabitEthernet 1/0/3.
[SwitchB] ntdp enable
[SwitchB] interface gigabitethernet 1/0/2
[SwitchB-GigabitEthernet1/0/2] ntdp enable
[SwitchB-GigabitEthernet1/0/2] quit
[SwitchB] interface...")
![Page 2486
185
# Enable management VLAN auto-negotiation.
[abc_0.SwitchB-cluster] management-vlan synchronization enable
# Configure the holdtime of the member switch information as 100 seconds.
[abc_0.SwitchB-cluster] holdtime 100
# Configure the interval to send handshake packets as 10 seconds.
[abc_0.SwitchB-cluster] timer 10
# Configure the FTP Server, TFTP Server, Log host and SNMP host for the cluster.
[abc_0.SwitchB-cluster] ftp-server 63.172.55.1
[abc_0.SwitchB-cluster] tftp-server 63.172.55.1...](http://img.usermanuals.tech/thumb/36/58909/w64_hp-5500-ei-5500-si-switch-series-configuration-guide-2485.png "Page 2486
185
# Enable management VLAN auto-negotiation.
[abc_0.SwitchB-cluster] management-vlan synchronization enable
# Configure the holdtime of the member switch information as 100 seconds.
[abc_0.SwitchB-cluster] holdtime 100
# Configure the interval to send handshake packets as 10 seconds.
[abc_0.SwitchB-cluster] timer 10
# Configure the FTP Server, TFTP Server, Log host and SNMP host for the cluster.
[abc_0.SwitchB-cluster] ftp-server 63.172.55.1
[abc_0.SwitchB-cluster] tftp-server 63.172.55.1...")
180
• After you configure an NM host for a cluster, the member switches in the cluster send their Trap
messages to the shared SNMP NM host through the management switch.
I f t h e p o r t of a n a c c e ss NM swi tch ( i ncl u di n g F T P / TFTP server, NM host and log host) does not allow the
packets from the management VLAN to pass, the NM switch cannot manage the switches in a cluster
through the management switch. In this case, on the management switch, you need to configure the
VLAN interface of the access NM switch (including FTP/TFTP server, NM host and log host) as the NM
interface.
To isolate management protocol packets of a cluste r from packets outside the cluster, HP recommends
you configure the ports connected to the external networks as not allowing the management VLAN to
pass through and configure the NM interface for the management switch.
To configure the interaction for a cluster:
Step Command Remarks
1. Enter system view.
system-view N/A
2. Enter cluster view.
cluster N/A
3. Configure the FTP server
shared by the cluster. ftp-server
ip-address [ user-name
username password { simple |
cipher } password ] By default, no FTP server is
configured for a cluster.
4.
Configure the TFTP server
shared by the cluster. tftp-server
ip-address By default, no TFTP server is
configured for a cluster.
5.
Configure the log host shared
by the member switches in the
cluster. logging-host
ip-address By default, no log host is
configured for a cluster.
6.
Configure the SNMP NM host
shared by the cluster. snmp-host
ip-address
[ community-string read string1
write string2 ] By default, no SNMP host is
configured.
7.
Configure the NM interface of
the management switch. nm-interface vlan-interface
interface
-name Optional.
SNMP configuration synchronization function
Using the SNMP configuration synchronization function facilitates management of a cluster, with which
you can perform SNMP-related configurations on th
e management switch and synchronize them to the
member switches on the whitelist. This operation is equal to configuring multiple member switches at one
time. It simplifies the configuration process.
To configure the SNMP configuration synchronization function:
Step Command Remarks
1. Enter system view.
system-view N/A
2. Enter cluster view.
cluster N/A
3. Configure the SNMP
community name shared by a
cluster. cluster-snmp-agent
community
{ read | write } community-name
[ mib-view view-name ] N/A
181
Step Command Remarks
4. Configure the SNMPv3 group
shared by a cluster. cluster-snmp-agent
group v3
group-name [ authentication |
privacy ] [ read-view read-view ]
[ write-view write-view ]
[ notify-view notify-view ] N/A
5.
Create or update information
of the MIB view shared by a
cluster. cluster-snmp-agent mib-view
included view -name oid -tree By default, the name of the MIB
view shared by a cluster is
ViewDefault and a cluster can
access the ISO subtree.
6.
Add a user for the SNMPv3
group shared by a cluster. cluster-snmp-agent usm-user v3
user-name group-name
[ authentication-mode { md5 |
sha } auth-password ]
[ privacy-mode des56
priv-password ] N/A
The SNMP-related configurations are retained when
a cluster is dismissed or the member switches are
removed from the whitelist. For mo re information about SNMP, see Configuring SNMP.
Configuring web user accounts in batches
Configuring web user accounts in batch es enables you to do the following:
• Through the web interface, configure, on the management switch, the username and password
used to log in to the cluster switches (including the management switch and member switches).
• Synchronize the configurations to the member switches in the whitelist.
This operation is equal to performing the configurations on the member switches. You need to enter your
username and password when you log in to the clus ter switches (including the management switch and
member switches) through the web interface.
To configure web user accounts in batches:
Step Command
1. Enter system view.
system-view
2. Enter cluster view.
cluster
3. Configure web user accounts in
batches. cluster-local-user
user-name password { cipher | simple }
password
If a cluster is dismissed or the member switches are removed from the whitelist, the configurations of web
user accounts are still retained.
Displaying and maintaining cluster management
Task Command Remarks
Display NDP configuration
information. display ndp
[ interface interface-list ] [ | { begin |
exclude | include } regular-expression ] Available in any view
182
Task Command Remarks
Display NTDP configuration
information. display ntdp [ |
{ begin | exclude | include }
regular-expression ] Available in any view
Display the switch information
collected through NTDP. display ntdp device-list [ verbose
] [ | { begin |
exclude | include } regular-expression ] Available in any view
Display the detailed NTDP
information of a specified
switch. display ntdp single-device mac-address
mac-address
[ | { begin | exclude | include } regular-expression ] Available in any view
Display information of the
cluster to which the current
switch belongs. display cluster
[ | { begin | exclude | include }
regular-expression ] Available in any view
Display the standard
topology information. display cluster base-topology
[ mac-address
mac-address | member-id member-number ] [ |
{ begin | exclude | include } regular-expression ] Available in any view
Display the current blacklist of
the cluster. display cluster black-list
[ | { begin | exclude |
include } regular-expression ] Available in any view
Display the information of
candidate switches. display cluster candidates
[ mac-address
mac-address | verbose ] [ | { begin | exclude |
include } regular-expression ] Available in any view
Display the current topology
information. display cluster current-topology
[ mac-address
mac-address [ to -mac-address mac-address ] |
member-id member-number [ to-member-id
member-number ] ] [ | { begin | exclude | include }
regular-expression ] Available in any view
Display information about
cluster members.
display cluster members
[ member-number |
verbose ] [ | { begin | exclude | include }
regular-expression ] Available in any view
Clear NDP statistics.
reset ndp statistics [ interface interface-list ] Available in user view
Cluster management configuration example
Network requirements
• Three switches form cluster abc, whose management VLAN is VLAN 10. In the cluster, Switch B
serves as the management switch (Administrator), whose network management interface is
VLAN-interface 2; Switch A and Switch C are the member switches (Member).
• All the switches in the cluster use the same FTP server and TFTP server on host 63.172.55.1/24, and
use the same SNMP NMS and log services on host IP address: 69.172.55.4/24.
• Add the switch whose MAC address is 000f-e201-0013 to the blacklist.
183 Figure 60 Network diagram Configuration procedure 1. Configure the member switch Switch A: # Enable NDP globally and for port GigabitEthernet 1/0/1. system-view [SwitchA] ndp enable [SwitchA] interface gigabitethernet 1/0/1 [SwitchA-GigabitEthernet1/0/1] ndp enable [SwitchA-GigabitEthernet1/0/1] quit # Enable NTDP globally and for port GigabitEthernet 1/0/1. [SwitchA] ntdp enable [SwitchA] interface gigabitethernet 1/0/1 [SwitchA-GigabitEthernet1/0/1] ntdp enable [SwitchA-GigabitEthernet1/0/1] quit # Enable the cluster function. [SwitchA] cluster enable 2. Configure the member switch Switch C: As the configurations for the member switches are the same, the configuration procedure for Switch C is not shown here. 3. Configure the management switch Switch B: # Enable NDP globally and for ports GigabitE thernet 1/0/2 and GigabitEthernet 1/0/3. system-view [SwitchB] ndp enable [SwitchB] interface gigabitethernet 1/0/2 [SwitchB-GigabitEthernet1/0/2] ndp enable [SwitchB-GigabitEthernet1/0/2] quit [SwitchB] interface gigabitethernet 1/0/3 [SwitchB-GigabitEthernet1/0/3] ndp enable
184 [SwitchB-GigabitEthernet1/0/3] quit # Configure the period for the receiving switch to keep NDP packets as 200 seconds. [SwitchB] ndp timer aging 200 # Configure the interval to send NDP packets as 70 seconds. [SwitchB] ndp timer hello 70 # Enable NTDP globally and for ports Gigabi tEthernet 1/0/2 and GigabitEthernet 1/0/3. [SwitchB] ntdp enable [SwitchB] interface gigabitethernet 1/0/2 [SwitchB-GigabitEthernet1/0/2] ntdp enable [SwitchB-GigabitEthernet1/0/2] quit [SwitchB] interface gigabitethernet 1/0/3 [SwitchB-GigabitEthernet1/0/3] ntdp enable [SwitchB-GigabitEthernet1/0/3] quit # Configure the hop count to collect topology as 2. [SwitchB] ntdp hop 2 # Configure the delay to forward topology-collect ion request packets on the first port as 150 ms. [SwitchB] ntdp timer hop-delay 150 # Configure the delay to forward topology-collection request packets on the first port as 15 ms. [SwitchB] ntdp timer port-delay 15 # Configure the interval to collect topology information as 3 minutes. [SwitchB] ntdp timer 3 # Configure the management VLAN of the cluster as VLAN 10. [SwitchB] vlan 10 [SwitchB-vlan10] quit [SwitchB] management-vlan 10 # Configure ports GigabitEthernet 1/0/2 and GigabitEthernet 1/0/3 as Trunk ports and allow packets from the management VLAN to pass. [SwitchB] interface gigabitethernet 1/0/2 [SwitchB-GigabitEthernet1/0/2] port link-type trunk [SwitchB-GigabitEthernet1/0/2] port trunk permit vlan 10 [SwitchB-GigabitEthernet1/0/2] quit [SwitchB] interface gigabitethernet 1/0/3 [SwitchB-GigabitEthernet1/0/3] port link-type trunk [SwitchB-GigabitEthernet1/0/3] port trunk permit vlan 10 [SwitchB-GigabitEthernet1/0/3] quit # Enable the cluster function. [SwitchB] cluster enable # Configure a private IP address range for the member switches, which is from 172.16.0.1 to 172.16.0.7. [SwitchB] cluster [SwitchB-cluster] ip-pool 172.16.0.1 255.255.255.248 # Configure the current switch as the manage ment switch, and establish a cluster named abc. [SwitchB-cluster] build abc Restore topology from local flash file,for there is no base topology. (Please confirm in 30 seconds, default No). (Y/N) N
185 # Enable management VLAN auto-negotiation. [abc_0.SwitchB-cluster] management-vlan synchronization enable # Configure the holdtime of the member switch information as 100 seconds. [abc_0.SwitchB-cluster] holdtime 100 # Configure the interval to send handshake packets as 10 seconds. [abc_0.SwitchB-cluster] timer 10 # Configure the FTP Server, TFTP Server, Log host and SNMP host for the cluster. [abc_0.SwitchB-cluster] ftp-server 63.172.55.1 [abc_0.SwitchB-cluster] tftp-server 63.172.55.1 [abc_0.SwitchB-cluster] logging-host 69.172.55.4 [abc_0.SwitchB-cluster] snmp-host 69.172.55.4 # Add the switch whose MAC address is 000f-e201-0013 to the blacklist. [abc_0.SwitchB-cluster] black-list add-mac 000f-e201-0013 [abc_0.SwitchB-cluster] quit # Add port GigabitEthernet 1/0/1 to VLAN 2, and configure the IP address of VLAN-interface 2. [abc_0.SwitchB] vlan 2 [abc_0.SwitchB-vlan2] port gigabitethernet 1/0/1 [abc_0.SwitchB] quit [abc_0.SwitchB] interface vlan-interface 2 [abc_0.SwitchB-Vlan-interface2] ip address 163.172.55.1 24 [abc_0.SwitchB-Vlan-interface2] quit # Configure VLAN-interface 2 as the network management interface. [abc_0.SwitchB] cluster [abc_0.SwitchB-cluster] nm-interface vlan-interface 2
186 Configuring CWMP Hardware compatibility The CWMP feature is available only on the HP 5500 EI switches. CWMP overview CPE WAN Management Protocol (CWMP), also called TR-069, is a DSL Forum technical specification for remote management of home network devices. It defines the general framework, message format, management method, and data mo del for managing and configuring home network devices. CWMP is mainly applied to DSL access networks, wh ich are hard to manage because end-user devices are dispersed and large in number. CWMP makes the management easier by using an auto-configuration server (ACS) to perform remote centralized management of customer premises equipment (CPE). CWMP network framework Figure 61 shows a basic CWMP network framework. The DHCP server, ACS, and DNS server can also be located on the same server. Figure 61 CWMP network framework The basic CWMP network elements include: • CPE—Customer premises equipment, the managed device in the network. • ACS —Auto-configuration server, the management device in the network. In this document, ACS refers to the server installed with the HP iMC BIMS system. • DNS server —Domain name system server. An ACS and a CPE use URLs to identify and access each other. DNS is used to resolve the URLs.
187 • DHCP server —Dynamic Host Configuration Protocol (DHCP) server, which assigns IP addresses to CPEs, and uses the options filed in the DHCP packet to provide configuration parameters (such as URL) to the CPEs. Basic CWMP functions Automatic configuration file deployment The network administrator can create different conf iguration files on the ACS for access switches according to their service functions to realize fast configuration. After a connection is established between the ACS and a CPE, the ACS determines the type of the CPE and delivers the corresponding configuration file to the CPE. In this way, CPEs of the same type obtain the same service configurations. The ACS divides CPEs by their switch models or serial IDs. A configuration file delivered by the ACS can be either the startup configuration or the running configuration on the CPE. • Startup configuration —The configuration file delivered by the ACS overwrites the default configuration file on the CPE. After the CPE reboots, it runs the new configuration file. • Running configuration —The configuration file delivered by the ACS is written to the running configuration file on the CPE, and the new configurations take effect immediately. You need to save the new configurations to make them survive a switch reboot. CPE system software image file and configuration file management The network administrator can save im portant files such as the application file and configuration file of a CPE to an ACS. If the ACS finds that a file is updated , it notifies the CPE to download the file by sending a request. After the CPE receives the request, it automatically downloads the file from the specified file server according to the filename and downloading address provided in the ACS request. After the CPE downloads the file, it checks the file validity and then report the download result (success or failure) to the ACS. CPEs can download the following types of files from the ACS: application file and configuration file. To backup important data, a CPE can upload the current configuration file and log files to the specified server according to the requirement of an ACS. CPE status and performance monitoring An ACS can monitor the parameters of a CPE connected to it. Different CPEs have different performances and functionalities. Therefore the ACS must be able to identify each type of CPE and monitor the current configuration and configuration changes of each CPE. CWMP also allows the administrator to define monitor parameters and get the parameter values thro ugh an ACS, so as to get the CPE status and statistics. The status and performance that can be monitored by an ACS include: • Manufacture name (Manufacturer) • ManufacturerOUI • SerialNumber • HardwareVersion • SoftwareVersion • DeviceStatus • UpTime • Configuration file (ConfigFile)
188 • ACS address (URL) • ACS username (Username) • ACS password (Password) • Pe rio d ic I n fo rm E n a b l e • PeriodicInformInterval • Pe rio d ic I n fo rm T i m e • CPE address (ConnectionRequestURL) • CPE username (ConnectionRequestUsername) • CPE password (ConnectionRequestPassword) CWMP mechanism Auto-connection between the ACS and a CPE When a CPE starts up for the first time, it automatically obtains an IP address from the DHCP server, which informs the CPE of the following information: • The URL address of the ACS (assigned by the DHCP server through Option 43) • Username and password for connecting the ACS (assigned by the DHCP server through Option 43) • DNS server address (directly assigned) After the CPE receives the above information, it has the IP address of the ACS resolved by the DNS server, and sends a connection request to the ACS. If the CPE passes the authentication with the acquired username and password, the connection between the ACS and the CPE is established. If the current session is not finished but the connection between ACS and CPE is interrupted, the CPE automatically establishes a new connection with the ACS until the number of CPE auto-connection retries reaches the limit. The CPE can send connection requests either periodically or at the specified time to the ACS. The ACS can initiate a connection request to the CPE at any time, and can establish a connection with the CPE after passing CPE authentication. Configuration parameter deployment When a CPE logs in to an ACS, the ACS can automatically apply some configurations to the CPE for it to perform auto configuration. Tabl e 9 list s the auto-configuration par ameters supported by the switch. Table 9 Auto-configuration parameters and their functions Auto-confi guration parameters Function Configuration file (ConfigFile) Updates the local configuration file on the CPE. The ACS delivers a configuration file to the CPE in one of the following formats: file or current configuration. ACS address (URL) Updates the ACS address kept on the CPE. The parameter is used when there is an active and standby ACS switchover. ACS username (Username) Automatically synchronizes the username and password on the CPE when those on the ACS change. The pa rameters are also used to inform the CPE of the authentication info rmation of the standby ACS server when there is an active and standby ACS switchover. ACS password (Password) PeriodicInformEnable Enables the sending of Inform messages.
189 Auto-configuration parameters Function PeriodicInformInterval Configures the CPE to send an Inform message periodically. The parameter is used for querying updates and information backup regularly. PeriodicInformTime Configures the CPE to send an Info rm message at a specified time. The parameter is used for querying u pdates and information backup at a specified time. CPE username (ConnectionRequestUsername) Configures the CPE username and password for connection to the ACS. CPE password (ConnectionRequestPassword) RPC methods CWMP provides the following major remote proced ure call (RPC) methods for an ACS to manage or monitor a CPE: • Get—The ACS gets the value of one or more parameters from the CPE. • Set—The ACS sets the value of one or more parameters on the CPE. • Inform —The CPE sends an Inform message to an ACS whenever the CPE initiates a connection to the ACS, or the CPE’s underlying configuration ch anges, or the CPE periodically sends its local information to the ACS. • Download —The ACS requires a CPE to download a specific file from the specified URL, ensuring upgrading of CPE software and auto download of the vendor configuration file. • Upload—The ACS requires a CPE to upload a specific file to the specified location. • Reboot —The ACS remotely reboots the CPE when the CPE encounters a failure or completes a software upgrade. How CWMP works The following example illustrates how CWMP works. This example has two ACSs, main and backup in an area. The main ACS must restart for system upgrade. To ensure continuous CPE monitoring, the main ACS switch all CPEs in the area to the backup ACS.