Home > HP > Printer > HP 5500 Ei 5500 Si Switch Series Configuration Guide

HP 5500 Ei 5500 Si Switch Series Configuration Guide

Add to Favourites
    Download as PDF Print this page Share this page

    Have a look at the manual HP 5500 Ei 5500 Si Switch Series Configuration Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 1114 HP manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    View all the pages
    Page
    of 2513
    Add page 481 to Favourites
    image text
    Enable zoom 
    							vii 
Configuring the DHCPv6 relay agent ··················\
··················\
··················\
··················\
··················\
·· ··················\
·········· 156 
Configuration guidelines ··················\
··················\
··················\
··················\
··················\
············ ··················\
············ 156 
Configuration procedure ··················\
··················\
··················\
··················\
··················\
············· ··················\
··········· 156 
Setting the DSCP value  for DHCPv6 packets ··················\
··················\
··················\
··················\
············· ··················\
····· 157 
Displaying and maintaining  the DHCPv6 relay agent ··················\
··················\
··················\
··················\
····· ················ 157 
DHCPv6 relay agent co nfiguration example ··················\
··················\
··················\
··················\
·············· ··················\
···· 157 
Network requirements  ··················\
··················\
··················\
··················\
··················\
··················\
··················\
···········  157 
Configuration procedure ··················\
··················\
··················\
··················\
··················\
············· ··················\
··········· 158 
Verifying the configuration ··················\
··················\
··················\
··················\
··················\
········· ··················\
············ 158 
Configuring DHCP v6 client ··················\
··················\
··················\
··················\
··················\
··········· ··················\
············· 160 
Overview ··················\
··················\
··················\
··················\
··················\
··················\
··················\
···················\
··················\
····  160 
Configuring the DHCPv6 client··················\
··················\
··················\
··················\
··················\
··························\
··············· 160 
Configuration prerequisites ··················\
··················\
··················\
··················\
··················\
········· ··················\
··········· 160 
Configuration guidelines ··················\
··················\
··················\
··················\
··················\
············ ··················\
············ 160 
Configuration procedure ··················\
··················\
··················\
··················\
··················\
············· ··················\
··········· 160 
Setting the DSCP value  for DHCPv6 packets ··················\
··················\
··················\
··················\
············· ··················\
····· 160 
Displaying and maintainin g the DHCPv6 client ··················\
··················\
··················\
··················\
·········· ··················\
··· 161 
Stateless DHCPv6 configuration example ··················\
··················\
··················\
··················\
················ ··················\
······· 161 
Network requirements  ··················\
··················\
··················\
··················\
··················\
··················\
··················\
···········  161 
Configuration procedure ··················\
··················\
··················\
··················\
··················\
············· ··················\
··········· 161 
Verifying the configuration ··················\
··················\
··················\
··················\
··················\
········· ··················\
············ 162 
Configuring DHCP v6 snooping ··················\
··················\
··················\
··················\
··················\
········· ··················\
········ 164 
Overview ··················\
··················\
··················\
··················\
··················\
··················\
··················\
···················\
··················\
····  164 
Ensuring that DHCPv6 clients obtain IPv6 addresses from authorized DHCPv6 servers ··················\
···········  164 
Recording IP-to-MAC mappings of DHCPv6 clients ··················\
··················\
··················\
··················\
·················  165 
Enabling DHCPv6 snooping ··················\
··················\
··················\
··················\
··················\
············ ··················\
··············· 165 
Configuring a DHCPv6 sn ooping trusted port ··················\
··················\
··················\
··················\
············ ··················\
···· 165 
Configuring the maximum number of DHCPv6  snooping entries an interface can learn ··················\
··················\
  166 
Displaying and maintaining DHCPv6 snooping ··················\
··················\
··················\
··················\
············ ··················\
· 166 
DHCPv6 snooping conf iguration example ··················\
··················\
··················\
··················\
················· ··················\
····· 166 
Network requirements  ··················\
··················\
··················\
··················\
··················\
··················\
··················\
···········  166 
Configuration procedure ··················\
··················\
··················\
··················\
··················\
············· ··················\
··········· 167 
Verifying the configuration ··················\
··················\
··················\
··················\
··················\
········· ··················\
············ 167 
Configuring IPv6 DNS ·················\
··················\
··················\
··················\
··················\
················· ··················\
················ 168 
Overview ··················\
··················\
··················\
··················\
··················\
··················\
··················\
···················\
··················\
····  168 
Configuring the IPv6 DNS client ··················\
··················\
··················\
··················\
··················\
·······················\
··············· 168 
Configuring static doma in name resolution ··················\
··················\
··················\
··················\
··················\
············  168 
Configuring dynamic domain name resolution ··················\
··················\
··················\
··················\
············ ············ 168 
Setting the DSCP value  for IPv6 DNS packets ··················\
··················\
··················\
··················\
··········· ··················\
····· 169 
Displaying and main taining IPv6 DNS ··················\
··················\
··················\
··················\
··················\
· ··················\
········· 169 
Static domain name resolution configuration example  ··················\
··················\
··················\
··················\
··················\
··  170 
Network requirements ··················\
··················\
··················\
··················\
··················\
··················\
··················\
···········  170 
Configuration procedure ··················\
··················\
··················\
··················\
··················\
············· ··················\
··········· 170 
Dynamic domain name resolution configuration example ··················\
··················\
··················\
··················\
·· ············ 171 
Network requirements  ··················\
··················\
··················\
··················\
··················\
··················\
··················\
···········  171 
Configuration procedure ··················\
··················\
··················\
··················\
··················\
············· ··················\
··········· 171 
Verifying the configuration ··················\
··················\
··················\
··················\
··················\
········· ··················\
············ 174 
Configuring tunneling(only available on th e HP 5500 EI) ·················\
··················\
··················\
··················\
 ············ 176 
Overview  ··················\
··················\
··················\
··················\
··················\
··················\
··················\
···················\
··················\
····  176 
IPv6 over IPv4 tunneling ··················\
··················\
··················\
··················\
··················\
············ ··················\
············· 176 
Protocols and standards ··················\
··················\
··················\
··················\
··················\
············· ··················\
············ 178 
Tunneling configurati on task list ··················\
··················\
··················\
··················\
··················\
··· ··················\
··················\
 178 
    Add page 482 to Favourites
    image text
    Enable zoom 
    							viii 
Configuring a tunnel interface ··················\
··················\
··················\
··················\
··················\
······ ··················\
··················\
 179 
Configuration guidelines ··················\
··················\
··················\
··················\
··················\
············ ··················\
············ 179 
Configuration procedure ··················\
··················\
··················\
··················\
··················\
············· ··················\
··········· 179 
Configuring an IPv6 manual tunnel  ··················\
··················\
··················\
··················\
··················\
··················\
················  180 
Configuration prerequisites ··················\
··················\
··················\
··················\
··················\
········· ··················\
··········· 180 
Configuration guidelines ··················\
··················\
··················\
··················\
··················\
············ ··················\
············ 180 
Configuration procedure ··················\
··················\
··················\
··················\
··················\
············· ··················\
··········· 180 
Configuration example ··················\
··················\
··················\
··················\
··················\
··············· ··················\
············ 181 
Configuring a 6to4 tunnel  ··················\
··················\
··················\
··················\
··················\
··················\
··················\
·············  185 
Configuration prerequisites ··················\
··················\
··················\
··················\
··················\
········· ··················\
··········· 185 
Configuration guidelines ··················\
··················\
··················\
··················\
··················\
············ ··················\
············ 185 
Configuration procedure ··················\
··················\
··················\
··················\
··················\
············· ··················\
··········· 185 
Configuration example ··················\
··················\
··················\
··················\
··················\
··············· ··················\
············ 186 
Configuring an ISATAP tunnel ··················\
··················\
··················\
··················\
··················\
········ ··················\
················ 188 
Configuration prerequisites ··················\
··················\
··················\
··················\
··················\
········· ··················\
··········· 188 
Configuration guidelines ··················\
··················\
··················\
··················\
··················\
············ ··················\
············ 189 
Configuration procedure ··················\
··················\
··················\
··················\
··················\
············· ··················\
··········· 189 
Configuration example ··················\
··················\
··················\
··················\
··················\
··············· ··················\
············ 190 
Displaying and maintaining  tunneling configuration ··················\
··················\
··················\
··················\
···· ··················\
· 192 
Troubleshooting tunneli ng configuration ··················\
··················\
··················\
··················\
··············· ··················\
·········· 193 
Symptom ··················\
··················\
··················\
··················\
··················\
··················\
··················\
···················\
··············  193 
Solution ··················\
··················\
··················\
··················\
··················\
··················\
··················\
···················\
················  193 
Index ··················\
··················\
··················\
··················\
··················\
··················\
·······························\
··················\
··········· 194 
    Add page 483 to Favourites
    image text
    Enable zoom 
    							 1 
Configuring ARP 
Only HP 5500 EI switches support Layer 3 Ethernet port configuration. 
You can use the port link-mode  command to set an Ethernet port to operate in bridge (Layer 2) or route 
mode (Layer 3) (see  Layer 2—LAN Switching Configuration Guide ). 
Overview 
The Address Resolution Protocol (ARP) is used to re solve an IP address into a physical address (Ethernet 
MAC address, for example). 
In an Ethernet LAN, a device uses ARP to resolve the IP address of the next hop to the corresponding 
MAC address. 
ARP message format 
ARP messages include ARP requests and ARP replies.  Figure 1 shows the format of the ARP request/reply. 
Numbers in the figure refer to field lengths. 
Figure 1  ARP message format 
 
 
ARP message fields: 
•  Hardware type —The hardware address type. Value 1 represents Ethernet. 
•   Protocol type —The type of the protocol address to be mapped. The hexadecimal value 0x0800 
represents IP. 
•   Hardware  address  length  and  protocol  address  length —Length, in bytes, of a hardware address 
and a protocol address. For an Ethernet address, the value of the hardware address length field is 
6. For an IPv4 address, the value of the protocol address length field is 4. 
•   OP—Operation code, which describes type of the ARP message. Value 1 represents an ARP request, 
and value 2 represents an ARP reply. 
•   Sender  hardware  address —Hardware address of the device sending the message. 
•   Sender  protocol  address —Protocol address of the device sending the message. 
•   Targ et  hardware  address —Hardware address of the device to which the message is being sent. 
•   Targ et  protocol  address —Protocol address of the device to which the message is being sent.
    Add page 484 to Favourites
    image text
    Enable zoom 
    							 2 
ARP operation 
If Host A and Host B are on the same subnet and Host A sends a packet to Host B, as shown in  Figure 
2 , the r
esolution process is: 
1.  Host A looks in its ARP table to see whether there is an ARP entry for Host B. If yes, Host A uses the 
MAC address in the entry to encapsulate the IP pa cket into a data link layer frame and sends the 
frame to Host B. 
2.  If Host A finds no entry for Host B, Host A buff ers the packet and broadcasts an ARP request using 
the following information: 
{  Source IP address and source MAC address —Host A’s own IP address and the MAC address 
{ Target IP address —Host B’s IP address 
{ Target MAC address —An all-zero MAC address 
All hosts on this subnet can receive the broadcas t request, but only the requested host (Host B) 
processes the request. 
3.  Host B compares its own IP address with the target  IP address in the ARP request. If they are the 
same, Host B: 
a.  Adds the sender IP address and sender  MAC address into its ARP table.  
b. Encapsulates its MAC address into an ARP reply. 
c. Unicasts the ARP reply to Host A. 
4.  After receiving the ARP reply, Host A: 
a. Adds the MAC address of Host B to its ARP table.  
b. Encapsulates the MAC address into the packet and sends it to Host B. 
Figure 2  ARP address resolution process 
 
 
If Host A and Host B are on different subnets, the resolution process is as follows: 
1. Host A sends an ARP request to the gateway. The  target IP address in the ARP request is the IP 
address of the gateway. 
2.  After obtaining the MAC address of  the gateway from an ARP reply, Host A sends the packet to the 
gateway. 
3.  If the gateway maintains the ARP entr y of Host B, it forwards the packet to Host B directly; if not, 
it broadcasts an ARP request, in which the ta rget IP address is the IP address of Host B. 
4. After obtaining the MA C address of Host B, the gateway sends the packet to Host B.
    Add page 485 to Favourites
    image text
    Enable zoom 
    							 3 
ARP table 
An ARP table stores dynamic and static ARP entries. 
Dynamic ARP entry 
ARP automatically creates and updates dynamic entries. A dynamic ARP entry is removed when its aging 
timer expires or the output interface goes down, an d it can be overwritten by a static ARP entry. 
Static ARP entry 
A static ARP entry is manually configured and maintain ed. It does not age out, and cannot be overwritten 
by a dynamic ARP entry.  
Static ARP entries protect communication between de vices, because attack packets cannot modify the 
IP-to-MAC mapping in a static ARP entry.  
Static ARP entries can be classified  into long and short ARP entries. 
•   To configure a long static ARP entry, specify the IP address, MAC address, VLAN, and output 
interface. A long static ARP entry is directly  used for forwarding matching packets. To allow 
communication with a host using a fixed IP-to-MAC mapping through a specific interface in a 
specific VLAN, configure a long static ARP entry for it. 
•   To configure a short static ARP entry, you only need to specify the IP address and MAC address. 
{ If the output interface is a Layer 3 Ethernet port, the short ARP entry can be directly used for 
forwarding matching packets.  
{ If the output interface is a VLAN interface, the device first sends an ARP request whose target 
IP address is the IP address of the short entry. If the sender IP and MAC addresses in the 
received ARP reply match the IP and MAC addresses of the short static ARP entry, the device 
adds the interface receiving the ARP reply to the short static ARP entry, and then uses the 
resolved entry to forward the matching IP packets. 
To communicate with a host by using a fixed  IP-to-MAC mapping, configure a short static ARP 
entry for it. 
Configuring a static ARP entry 
A static ARP entry is effective when the device it corresponds to works normally. However, when a VLAN 
or VLAN interface is deleted, any st atic ARP entry corresponding to it wi ll also be deleted (if it is a long 
static ARP entry) or will become unresolved (if  it is a short and resolved static ARP entry). 
Follow these guidelines when you configure a long static ARP entry: 
•   The vlan-id  argument must be the ID of an existing VLAN where the ARP entry resides. The specified 
Ethernet interface must belong to that VLAN. Th e VLAN interface of the VLAN must be created. 
•   The IP address of the VLAN interface of the VLAN specified by the  vlan-id argument must belong to 
the same subnet as the IP address specified by the  ip-address argument. 
To configure a static ARP entry: 
 
Step Command  Remarks 
1.  Enter system view. 
system-view  N/A
    Add page 486 to Favourites
    image text
    Enable zoom 
    							 4 
Step Command  Remarks 
2.  Configure a static ARP 
entry. 
• Configure a long static ARP entry:  
arp static  ip-address mac-address vlan-id 
interface-type interface-number  [ vpn-instance 
vpn-instance-name  ] 
• Configure a short static ARP entry:  
arp static  ip-address mac-address  [ vpn-instance 
vpn-instance-name  ]  Use either command. 
 
Only HP 5500 EI 
Switch Series supports 
the 
vpn-instance  
vpn-instance-name  
option 
 
Configuring the maximum number of dynamic ARP 
entries for an interface 
An interface can dynamically learn ARP entries, so it may hold too many ARP entries. To solve this 
problem, you can set the maximum number of dynamic  ARP entries that an interface can learn. When the 
maximum number is reached, the interface stops learning ARP entries. 
A Layer 2 interface can learn an ARP entry only when both its maximum number and the VLAN 
interfaces maximum number are not reached. 
To set the maximum number of dynamic ARP entries that an interface can learn: 
 
Step Command Remarks 
1.   Enter system view. 
system-view N/A 
2.  Enter Ethernet interface view.  interface 
interface-type 
interface-number  N/A 
3.
  Set the maximum number of 
dynamic ARP entries that the 
interface can learn.  arp max-learning-num 
number
  Optional. 
By default, a Layer 2 interface does not 
limit the number of dynamic ARP entries. 
A Layer 3 interface can learn up to 
2048 ARP entries for HP 5500 SI Switch 
Series, and up to 8192 ARP entries for 
HP 5500 EI Switch Series. 
If the value of the 
number a r g u m e n t  i s  s e t  
to 0, the interface is disabled from 
learning dynamic ARP entries. 
 
Setting the aging timer for dynamic ARP entries 
Each dynamic ARP entry in the ARP table has a limited  lifetime, called aging timer. The aging timer of a 
dynamic ARP entry is reset each time the dynamic AR P entry is updated. Dynamic ARP entries that are not 
updated before their aging timers expire are deleted from the ARP table. 
To set the age timer for dynamic ARP entries: 
 
Step Command Remarks 
1.   Enter system view. 
system-view  N/A
    Add page 487 to Favourites
    image text
    Enable zoom 
    							 5 
Step Command Remarks 
2.  Set the age timer for dynamic 
ARP entries.  arp timer aging 
aging-time  Optional. 
20 minutes by default. 
 
Enabling dynamic ARP entry check 
The dynamic ARP entry check function controls whether the device supports dynamic ARP entries with 
multicast MAC addresses. 
When dynamic ARP entry check is enabled, the devi
ce cannot learn dynamic ARP entries containing 
multicast MAC addresses.  
When dynamic ARP entry check is disabled, the device can learn dynamic ARP entries containing 
multicast MAC addresses. 
To enable dynamic ARP entry check: 
 
Step Command Remarks 
1.   Enter system view. 
system-view  N/A 
2.  Enable dynamic ARP entry 
check.  arp check enable  Optional. 
Enabled by default. 
 
Configuring ARP quick update 
HP recommends enabling ARP quick update in WLANs only. 
As shown in Figure 3
, the 
laptop frequently roams between AP 1 and AP 2. This affects the mapping 
between its MAC address and output interface on the sw itch. If the switch does not update its ARP table 
immediately after the output inte rface changes, it may fail to communicate with the laptop. 
Figure 3  ARP quick update application scenario 
 
 
With ARP quick update enabled, th e switch updates the corresponding ARP entry immediately after the 
change of the mapping between a MAC address and  an output interface to ensure nonstop data 
forwarding. 
To enable ARP quick update: 
GE1/0/1 GE1/0/2
Switch
AP1 AP2
Laptop
    Add page 488 to Favourites
    image text
    Enable zoom 
    							 6 
 
Step Command Remarks 
1.  Enter system view. 
system-view  N/A 
2.  Enable ARP quick 
update.  mac-address station-move 
quick-notify enable  Optional. 
Disabled by default. 
 
Configuring multicast ARP 
Microsoft Network Load Balancing (NLB) is a load bala
ncing technology for server clustering developed 
on Windows Server.  
NLB supports load sharing and redundancy among servers within a cluster. To implement fast failover, 
NLB requires that the switch forwards network traffic to  all servers or specified servers in the cluster, and 
each server filters out unexpected traffic. In a medium or small data center that uses the Windows Server 
operating system, the proper cooperation of the switch  and NLB is very important. For more information 
about NLB, see the related documents of Windows Sever. 
Microsoft NLB provides the following packet sending modes to make the switch forward network traffic 
to all servers or specified servers:  
•   Unicast mode—NLB assigns each cluster member a common MAC address, which is the cluster 
MAC address, and changes the source MAC address of each sent packet. Thus, the switch cannot 
add the cluster MAC address to its MAC table. In addition, because the cluster MAC address is 
unknown to the switch, packets destined to it are forwarded on all the ports of the switch.  
•   Multicast mode —NLB uses a multicast MAC address that is a virtual MAC address for network 
communication, for example 0300-5e1 1-1111.   
•   Internet Group Management Protocol (IGMP) multicast mode —The switch sends packets only out of 
the ports that connect to the cluster members rather than all ports.  
 
  NOTE: 
Multicast ARP is applicable to  only multicast-mode NLB. 
 
To  c o n fig u re  mu l t ic as t  A R P :  
Step Command Remarks 
1.  Disable the ARP entry check 
function.  undo arp check enable 
N/A 
2.  Configure a static ARP entry.  arp static
 ip-address mac-address  
vlan-id  interface-type interface-number 
[ vpn-instance  vpn-instance-name  ]  Optional. 
Only HP 5500 EI Switch Series 
supports the vpn-instance
 
vpn-instance-name  option. 
3.  Configure a static multicast 
MAC address entry.  mac-address multicast 
mac-address 
interface  interface-list  vlan vlan-id   See IP Multicast Command 
Reference
. 
 
Displaying and maintaining ARP
    Add page 489 to Favourites
    image text
    Enable zoom 
    							 7 
 CAUTION: 
•
  Clearing ARP entries from the ARP table may cause communication failures. 
•   The verbose keyword is available only on the HP 5500 EI Switch Series. 
 
Task Command  Remarks 
Display ARP entries in the ARP 
table.  display arp [ [ 
all |  dynamic  | static  ] [ slot 
slot-number  ] | vlan  vlan-id  | interface  
interface-type interface-number  ] [ count | 
verbose  ] [ | { begin |  exclude |  include } 
regular-expression  ]   Available in any view 
Display the ARP entry for a 
specified IP address. 
display arp 
ip-address [  slot slot-number  ] 
[  verbose  ] [ | { begin  | exclude  | include  } 
regular-expression  ]   Available in any view 
Display the ARP entries for a 
specified VPN instance (only 
available on the HP 5500 EI).  display arp vpn-instance 
vpn-instance-name 
[ count ] [ |  { begin  | exclude |  include } 
regular-expression  ]  Available in any view
 
Display the age timer for dynamic 
ARP entries.  display arp timer aging
 [ | { begin  | exclude  
|  include  } regular-expression  ] Available in any view
 
Clear ARP entries from the ARP 
table.  reset arp
 { all | dynamic  | static  | slot 
slot-number  | interface  interface-type 
interface-number  }  Available in user view 
 
ARP configuration examples 
Static ARP entry configuration example 
Network requirements 
As shown in Figure 4
, hosts are connected to the switch, which is connected to the router through 
interface GigabitEthernet 1/0/1 in VLAN 10. The IP and MAC addresses of the router are 
192.168.1.1/24 and 00e0-fc01-0000 respectively. 
To prevent malicious users from attacking the switch and enhance security for communications between 
the router and switch, configure a static  ARP entry for the router on the switch.
    Add page 490 to Favourites
    image text
    Enable zoom 
    							 8 
Figure 4 Network diagram 
 
 
Configuration procedure 
Configure the switch: 
# Create VLAN 10. 
 system-view 
[Switch] vlan 10 
[Switch-vlan10] quit 
# Add interface GigabitEthernet 1/0/1 to VLAN 10. 
[Switch] interface GigabitEthernet 1/0/1 
[Switch-GigabitEthernet1/0/1] port link-type trunk 
[Switch-GigabitEthernet1/0/1] port trunk permit vlan 10 
[Switch-GigabitEthernet1/0/1] quit 
# Create interface VLAN-interface 10 and configure its IP address. 
[Switch] interface vlan-interface 10 
[Switch-vlan-interface10] ip address 192.168.1.2 24 
[Switch-vlan-interface10] quit 
# Configure a static ARP entry that has IP address 192.168.1.1, MAC address 00e0-fc01-0000, and 
output interface GigabitEthernet 1/0/1 in VLAN 10. 
[Switch] arp static 192.168.1.1 00e0-fc01-0000 10 GigabitEthernet 1/0/1 \
# Display information about static ARP entries. 
[Switch] display arp static 
                Type: S-Static    D-Dynamic    A-Authorized 
IP Address       MAC Address     VLAN ID  Interface              Aging T\
ype 
192.168.1.1      00e0-fc01-0000  10       GE1/0/1                 N/A   \
S   
Multicast ARP configuration example 
Network requirements 
As shown in Figure 5, a small data c enter uses Microsoft multicast-mode NLB. To enable the switches to 
cooperate with NLB, configure the following:
    All HP manuals Comments (0)

    Related Manuals for HP 5500 Ei 5500 Si Switch Series Configuration Guide