Configuration of the central Layer-2-Switch: HP ProCurve Switch 2824


Roger Großmann <roger.grossmann@oclc.org>
$Id: HP_ProCurve_Switch_2824.html,v 1.3 2010/07/30 13:57:53 gr Exp $

1. Basic Information

The HP Procurve Switch 2824 is a Layer-2-Switch. It means that the switch does not only switch network packets at the MAC level. The switch is also able to route ip network packets.
For a full description of the capabilities please read the product description. This short guide describes only the basic handling and configuration of the switch.

The HP Procurve Switch 2824 has 24 autosensing ports. Every port supports network transfer rates of 10, 100 or 1000 MBit/s. Every port is able to determine the transfer rate of the network he's connected to.

The switch uses socalled VLANs to create network segments. Each switch port can be a member of one or more VLAN. A VLAN has no, one or more than one ip address. The routing between this network segments is done automatically if there are different ip address scopes configured.

The switch supports 3 configuration modes with different capabilities:
This guide uses only the Command Line Interface (CLI) to change the switch configuration. The CLI is also easy-to-use because there is an context sensitive help which lists all possible commands or options. After opening a telnet connection to the switch, you are in the CLI-mode. Use the <TAB> key to get this help. If you want to see options of commands, type in the command and than type again <TAB> and the CLI lists the command options.

2. Connect to the switch

The switch should be accessible in the Sisis-Network by using the name "switch" . We use a telnet connection.
$myhost> telnet 10.0.1.75
HP J4903A ProCurve Switch 2824
Firmware revision I.07.31

Copyright (C) 1991-2003 Hewlett-Packard Co.  All Rights Reserved.

                           RESTRICTED RIGHTS LEGEND

 Use, duplication, or disclosure by the Government is subject to restrictions
 as set forth in subdivision (b) (3) (ii) of the Rights in Technical Data and
 Computer Software clause at 52.227-7013.

         HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA 94303







Password:
Enter the right password to login.
switch#

After connecting to the switch you can use the Menu Interface Mode by entering the command "menu".

3.Basic Configuration

Connect to the switch (section 2) and change to the configuration mode (the default config name of the switch isn't "switch" but "HP ProCurve Switch 2824") :

HP ProCurve Switch 2824#config
HP ProCurve Switch 2824(config)#

Set the time:

HP ProCurve Switch 2824(config)# time 17:12 07/22/04
Thu Jul 22 17:12:09 2004
HP ProCurve Switch 2824(config)#

Set the hostname:

HP ProCurve Switch 2824(config)# hostname switch
switch(config)#

Set the correct time zone:

switch(config)# time timezone 60
switch(config)#

Set hunter as the TimeP server:

switch(config)# ip timep manual 193.31.10.90
switch(config)#

Set the correct time rule:

switch(config)# time daylight-time-rule Western-Europe
switch(config)#

Set the default gateway to no gateway. The switch shouldn't have a default gateway, because this is a the central Sisis switch. We want to loose unrouted data should.

switch(config)# ip default-gateway 0.0.0.0
switch(config)#

Enable routing:

switch(config)# ip routing
switch(config)#

4. VLAN Configuration

The default configuration of the switch provides 1 VLAN. This "DEFAULT_VLAN" can be renamed but not deleted. At least one VLAN must exist. In default configuration all 24 ports belong to the "DEFAULT_VLAN". This could be useful, if  we wouldn't use any network segmentation. All ports of a VLAN build a physical subnet. Thats why the default configuration creates a big subnet with all ports.

The SISIS-network now consists of 3 physical subnets. The 10.0.1.0 subnet, the 193.31.10.32 subnet and the 193.31.10.64 subnet. The 10.0.1.0 is basic subnet for Oberhaching. All important server and most clients have an ip address of this local class C subnet. Some of the server of this network are directly connected the the HP ProCurve 2824 Switch.
Thats why we created a VLAN "SISIS_10" with the port members 1-22. On port 23 and 24 we connected the 193.31.10.32 subnet and the 193.31.10.64 subnet.

The following table shows the actual configuration:

    VLAN         IP Config   IP Address       Subnet Mask      Ports
  ------------ + ----------  ---------------  ---------------  --------- 
  SISIS_10     | Manual      10.0.1.75        255.255.255.0    1-22
  SISIS_193_32 | Manual      193.31.10.58     255.255.255.224  23
  SISIS_193_64 | Manual      193.31.10.65     255.255.255.224  24


To save this configuration (starting from default configuration) use the following commands on the CLI after login:

configure
vlan 1
   name "SISIS_10"
   ip address 10.0.1.75 255.255.255.0
   untagged 1-22
   no untagged 23-24
   exit
vlan 2
   name "SISIS_193_32"
   untagged 23
   ip address 93.31.10.58 255.255.255.0
   exit
vlan 3
   name "SISIS_193_64"
   untagged 23
   ip address 93.31.10.64 255.255.255.0
   exit

The switch automatically creates a route for directly-connected networks (VLANs) when a IP VLAN interface was added. This will be done after setting the ip address of the VLAN.

5. Static Routes

You can add up to 16 routes directly to the route table of the switch. The corresponding CLI-command is:

ip route 10.0.4.0 255.255.255.0 193.31.10.38

This command routes ip packets of the network 10.0.4.0 to the ip address 193.31.10.38.
Delete this static route with the CLI-command:

no ip route 10.0.4.0 255.255.255.0 193.31.10.38

6. Get / Show configuration parameters

The CLI-command "show" provides all configuration. This command kows the following options:

 option                description
 -------------------------------------------------------------------------------
 accounting            Show Accounting configuration parameters.
 arp                   Show the IP ARP translation table.
 authentication        Show Authentication configuration parameters.
 boot-history          Display the system boot log.
 cdp                   Show CDP configuration and neighbors discovered.
 config                Show the switch startup configuration.
 console               Show serial link/console settings.
 cpu                   Show Average CPU utilization over last 1 second, 5
                       seconds and 1 minute or the specified time.
 crypto                Display flash files used for authentication.
 debug                 Display currently active debug log destinations and
                       types.
 fault-finder          Show the fault-finder table.
 filter                Show a table of security filters or a filter detailed
                       information, if the filter's INDEX is specified.
 flash                 Show the versions of software stored in the Primary and
                       Secondary image locations.
 gvrp                  Show GVRP settings.
 history               Show previously entered commands.
 instrumentation       Show internal version-dependant counters for debugging.
 interfaces            Show port configuration and status information.
 ip                    Show the device IP configuration.
 port-security         Show a table describing port security settings.
 radius                Show RADIUS status and statistics information.
 rmon                  Show detailed rmon statistics for the ports.
 running-config        Show the switch running configuration.
 snmp-server           Display information on all SNMP communities and trap
                       receivers configured on the switch.
 snmpv3                Show configuration of SNMPv3 features.
 sntp                  Show configured time protocol and servers.
 spanning-tree         Show spanning tree status information.
 stack                 Show the stack status of this switch.
 system-information    Show global configured and operational system
                       parameters.
 tacacs                Show TACACS status and statistics.
 tech                  Display output of a predefined command sequence used by
                       technical support.
 telnet                Show active incoming and outgoing sessions.
 terminal              Show logical window dimensions.
 time                  Show current date and time.
 timep                 Show configured time protocol and servers.
 trunks                Show a list of ports and the trunks to which they
                       belong.
 version               Show software version.
 vlans                 Show status information for all VLANs.

7. Saving Configuration Changes

The switch maintains two configuration files, the running-config and the startup-config.
The startup-config is saved in the flash-memory of the switch. It is the saved configuration und this one is used while booting the switch.
After boot-process is done, the startup-config is copied to the volatile memory und used as running-config. All configuration changes are made in the volatile memory. So you have a possibilty to try changes in the running-config. If you are satisfied that the changes are satisfactory, use the command 

write memory

to make the changes permanent. If you wouldn't do so, the switch will not use the changed options when booting next time.
The following commands are useful to handle the two configuration files:

show config              Display a listing of the startup-configuration file of the switch.
show running config      Display a listing of the running-configuration file of the switch.
show config status       Compares the current running-configuration file to the startup-config
                         and determines whether there are updates or no.

To reset the switch to the Factory-Default configuration use the following command:

erase startup-config

If you want to make a backup of the configuration file to an other host you must have a tftp-Server running on this host. The following command saves the running-config to the host 10.0.1.37 to the file "ProCurveConf"

copy running-config tftp 10.0.1.37 ProCurveConf

To use a saved configuration from a remote host, try the following command:

copy tftp running_config 10.0.1.37 ProCurveConf

The last command replaces the running-config with a saved config named "ProCurveConf" on host 10.0.1.37.

8. Software reboot

To reboot from the switch with the command: 

boot

or

reload

9. The actual configuration

Running configuration:

; J4903A Configuration Editor; Created on release #I.07.31

hostname "switch" 
time timezone 60 
time daylight-time-rule Western-Europe 
cdp run 
mirror-port 20 
ip default-gateway 0.0.0.0 
sntp server 193.31.10.90 
ip routing 
timesync sntp 
sntp unicast 
snmp-server community "public" Unrestricted 
vlan 1 
   name "SISIS_10" 
   untagged 1-23 
   ip address 10.0.1.75 255.255.255.0 
   ip address 193.31.10.58 255.255.255.224 
   no untagged 24 
   exit 
vlan 2 
   name "SISIS_193_32" 
   no ip address 
   exit 
vlan 3 
   name "SISIS_193_64" 
   untagged 24 
   ip address 193.31.10.65 255.255.255.224 
   exit 
fault-finder bad-driver sensitivity high 
fault-finder bad-transceiver sensitivity high 
fault-finder bad-cable sensitivity high 
fault-finder too-long-cable sensitivity high 
fault-finder over-bandwidth sensitivity high 
fault-finder broadcast-storm sensitivity high 
fault-finder loss-of-link sensitivity high 
ip route 10.1.1.2 255.255.255.255 193.31.10.38 
ip route 10.1.2.2 255.255.255.255 193.31.10.38 
ip route 10.1.3.2 255.255.255.255 193.31.10.38 
ip route 10.1.4.2 255.255.255.255 193.31.10.38 
ip route 10.0.2.0 255.255.255.0 193.31.10.91 
ip route 10.0.4.0 255.255.255.0 193.31.10.38 
ip route 10.0.5.0 255.255.255.0 193.31.10.38 
ip route 10.0.6.0 255.255.255.0 193.31.10.38 
ip route 10.0.7.0 255.255.255.0 193.31.10.38 
ip route 10.40.101.0 255.255.255.0 10.0.1.200 
ip route 172.19.10.11 255.255.255.255 10.0.1.200 
ip route 10.1.56.200 255.255.255.255 10.0.1.200 
password manager
password operator

Disclaimer

1. Content
OCLC GmbH accepts no warranty whatsoever for the topicality, correctness, completeness or quality of the information provided. Liability claims towards OCLC GmbH related to damages of a material or ideal nature which were caused by the use or non-use of the information provided or by the use of erroneous or incomplete information are excluded on principle with the exception of proven intentional or grossly negligent conduct on the part of OCLC GmbH.

2. Copyright and Trademarks
OCLC GmbH aims to respect copyrights of graphics and texts used in all publications, to use graphics and texts created by itself or to resort to license free graphics and texts. Alle trademarks mentioned within this publication and protected by a third party where applicable are unrestrictedly subject to the regulations of the respective valid trademark law and the right of ownership of the respective registered owners. Solely on the basis of mere stating no conclusion can be drawn that trademarks are not protected by third party rights! The copyright for any object published and created by OCLC GmbH remains solely with OCLC GmbH. Any duplication or use of such graphics and texts in other electronic or printed publications without the explicit consent of OCLC GmbH is prohibited.

3. Legal Effect of this Disclaimer
If parts or single phrases of this text do not, not any more or not completely correspond to the valid legal situation the remaining parts of this document in their content and their validity remain unaffected.

© OCLC GmbH 2010.
Grünwalder Weg 28g, D-82041 Oberhaching, Phone ++49 (0)89/61308-300, Fax ++49 (0)89/61308-399
E-Mail: support-de@oclc.org, www.oclc.org