HP Procurve Switch 2824 CLI Telnet Experience , Guide and Tutorial

-------------------------------------
ProCurve J4903A Switch 2824
Software revision I.10.77

Copyright (C) 1991-2009 Hewlett-Packard Co. All Rights Reserved.

RESTRICTED RIGHTS LEGEND

Use, duplication, or disclosure by the Government is subject to restrictions
as set forth in subdivision (b) (3) (ii) of the Rights in Technical Data and
Computer Software clause at 52.227-7013.

HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA 94303

We'd like to keep you up to date about:
* Software feature updates
* New product announcements
* Special events

Please register your products now at: www.ProCurve.com

Press any key to continue
-------------------------------------------

LACP Problems - Be Warned - Disable LACP Unless You Need It!

Disable LACP, this is the link aggregation protocol where you can combine 4 ports to increase the overall bandwidth. This sure sounds great but all LACP ports should be disabled unless you are using it. The reason is because it often takes down ports of computers/servers for no apparent or justified reason and it is a pain to troubleshoot. LACP should only be enabled on ports that are actually going to use LACP.

Symptoms in the log are as follows:

I 01/02/90 01:41:36 ports: port 7 is Blocked by LACP
I 01/02/90 01:41:39 ports: port 7 is now on-line
I 01/02/90 01:45:23 ports: port 7 is now off-line
I 01/02/90 01:45:48 ports: port 7 is Blocked by LACP
I 01/02/90 01:45:51 ports: port 7 is now on-line
I 01/02/90 01:56:47 ports: port 7 is now off-line
I 01/02/90 02:22:42 ports: port 7 is Blocked by LACP
I 01/02/90 02:22:42 ports: port 7 is now off-line
I 01/02/90 02:39:44 ports: port 7 is Blocked by LACP
I 01/02/90 02:39:47 ports: port 7 is now on-line
I 01/02/90 02:45:15 ports: port 7 is now off-line
I 01/02/90 02:56:42 ports: port 7 is Blocked by LACP
I 01/02/90 02:56:45 ports: port 7 is now on-line
I 01/02/90 02:57:44 ports: port 7 is now off-line

#check if you have lacp enabled on any ports

show lacp
no LACP ports found.

How to disable LACP:

*Warning if you have machines that do not come back automatically if the link goes up and down be warned that this could take some or all machines offline and needs physical intervention. When I typed the "no interface all lacp" this took down most computers on the switch and they did not come back on their own except a few.

ProCurve Switch 2824# config ProCurve Switch 2824(config)# ProCurve Switch 2824(config)# no interface all lacp wr mem

Disable port

*Warning about port disable/enable is that I find some servers detect the uplink but will not work after being re-enabled without a network restart (eg. service network restart

The "8" represents port numbers. You can also do a range such as "8-15"

config

int ethernet 8 disable

---------------------------

Enable Port

*Warning about port disable/enable is that I find some servers detect the uplink but will not work after being re-enabled without a network restart (eg. service network restart

config

int ethernet 8 enable

------------------------------------

Check each port's bandwidth usage in mbit

The "Util" field is how many mbit per second the port is doing. You need to base the % percentage off the port speed eg. 10,100 or 1000 mbit.

Port Mode | --------------------------- | --------------------------- | Kbits/sec Pkts/sec Util | Kbits/sec Pkts/sec Util --------- -------- + ---------- ---------- ----- + ---------- ---------- ----- 1 1000FDx | 5016 15 00.50 | 5040 47 00.50 2 1000FDx | 0 0 0 | 0 0 0 3 1000FDx | 2536 0 00.25 | 5024 32 00.50 4 1000FDx | 12376 691 01.23 | 5352 448 00.53 5 1000FDx | 600 0 00.06 | 5024 32 00.50 6 1000FDx | 3960 0 00.39 | 5024 32 00.50 7 1000FDx | 5360 77 00.53 | 5344 112 00.53 8 1000FDx | 0 0 0 | 0 0 0 9 1000FDx | 2488 0 00.24 | 5024 32 00.50 10 1000FDx | 2536 0 00.25 | 5024 32 00.50 11 1000FDx | 2488 0 00.24 | 5024 32 00.50 12 1000FDx | 2472 0 00.24 | 5024 32 00.50 13 1000FDx | 0 0 0 | 0 0 0 14 1000FDx | 0 0 0 | 0 0 0 15 1000FDx | 0 0 0 | 0 0 0 16 1000FDx | 0 0 0 | 0 0 0 17 1000FDx | 0 0 0 | 0 0 0 18 1000FDx | 0 0 0 | 0 0 0 19 1000FDx | 5680 538 00.56 | 12760 784 01.27 20 100HDx | 0 0 0 | 520 32 00.52 21 1000FDx | 0 0 0 | 0 0 0 22 1000FDx | 0 0 0 | 0 0 0 23 1000FDx | 0 0 0 | 0 0 0 24 1000FDx | 0 0 0 | 0 0 0

-------------------------------------------------------------

Show What Port MAC Address Belongs To

show mac 00:1F:D0:00:13:CC

Status and Counters - Address Table - 001fd0-0013cc

MAC Address : 001fd0-0013cc
Located on Port : 8

Show All MAC Addresses By Port

show mac all

If no MAC is displayed it means no device is connected or the device is not active or the port on the switch may be bad or disabled.

Status and Counters - Port Address Table - 17

MAC Address
-------------

show specific port mac

show mac 10

Set Mac Address Security:

ProCurve Switch 2824(config)# port-security 1 learn-mode static

The 1 above is the port number and then we are setting the learn mode:

The learn mode options are:

continuous            Continuous MAC address learn mode.
static                Static MAC address learn mode.
configured            Static MAC address configured mode.
port-access           Learn port-access authorized MAC address only.
limited-continuous    Limited continuous MAC address learn mode.

Set how many MAC's are allowed to use the port:

port-security 1 address-limit X

Where x is the number of devices that are allowed to use the port

Add allowed MAC's like this:

port-security 1 mac-address themacaddress

Check port security settings of port:

show port-security 1 Port Security Port : 1 Learn Mode [Continuous] : Static Address Limit [1] : 3 Action [None] : Send Alarm Authorized Addresses -------------------- deadbe-efbce8

Check overall port status

show interfaces is very useful for counting traffic and also identifying network issues

Status and Counters - Port Status | Intrusion MDI Flow Bcast Port Type | Alert Enabled Status Mode Mode Ctrl Limit ----- --------- + --------- ------- ------ ---------- ----- ----- ------ 1 100/1000T | No Yes Up 1000FDx MDIX off 0 2 100/1000T | No Yes Down 1000FDx MDIX off 0 3 100/1000T | No Yes Up 1000FDx MDI off 0 4 100/1000T | No Yes Up 1000FDx MDIX off 0 5 100/1000T | No Yes Up 1000FDx MDIX off 0 6 100/1000T | No Yes Up 1000FDx MDI off 0 7 100/1000T | No Yes Up 1000FDx MDI off 0 8 100/1000T | No No Down 1000FDx MDI off 0 9 100/1000T | No Yes Up 1000FDx MDI off 0 10 100/1000T | No Yes Up 1000FDx MDI off 0 11 100/1000T | No Yes Up 1000FDx MDI off 0 12 100/1000T | No Yes Up 1000FDx MDI off 0 13 100/1000T | No Yes Down 1000FDx MDI off 0 14 100/1000T | No Yes Down 1000FDx MDI off 0 15 100/1000T | No Yes Down 1000FDx MDIX off 0 16 100/1000T | No Yes Down 1000FDx MDIX off 0 17 100/1000T | No Yes Down 1000FDx MDIX off 0 18 100/1000T | No Yes Down 1000FDx MDIX off 0 19 100/1000T | No Yes Up 1000FDx MDIX off 0 20 100/1000T | No Yes Up 100HDx MDIX off 0 21 100/1000T | No Yes Down 1000FDx MDIX off 0 22 100/1000T | No Yes Down 1000FDx MDI off 0 23 100/1000T | No Yes Down 1000FDx MDI off 0 24 100/1000T | No Yes Down 1000FDx MDIX off 0

show interfaces gives you more detail

Notice Port 7 showing 203 "Errors Rx". It was because of a bad cable and we wondered why that server had spotty connectivity.

Status and Counters - Port Counters Flow Bcast Port Total Bytes Total Frames Errors Rx Drops Rx Ctrl Limit ----- ------------ ------------ ------------ ------------ ----- ------ 1 3,164,403... 2,285,255... 0 0 off 0 2 457,687,164 2,150,118... 0 0 off 0 3 3,716,409... 2,795,214... 14 0 off 0 4 1,897,977... 2,207,705... 0 0 off 0 5 626,012,466 3,843,597... 0 0 off 0 6 2,628,057... 2,138,559... 0 0 off 0 7 1,498,582... 476,790,025 0 0 off 0 8 2,830,274... 1,696,622... 589 0 off 0 9 1,573,201... 3,990,337... 0 0 off 0 10 1,930,438... 2,808,292... 238 0 off 0 11 3,137,823... 3,577,438... 1476 0 off 0 12 2,363,525... 99,291,760 1102 0 off 0 13 0 0 0 0 off 0 14 0 0 0 0 off 0 15 0 0 0 0 off 0 16 0 0 0 0 off 0 17 0 0 0 0 off 0 18 0 0 0 0 off 0 19 2,186,889... 2,963,434... 1 0 off 0 20 530,240,341 746,865,357 581 0 off 0 21 1866 7 2 0 off 0 22 2288 7 2 0 off 0 23 2246 7 2 0 off 0 24 190,610 1821 2 0 off 0

Password Issues/Requirements

Note that these switches support a maximum of 16 characters. Spaces cannot be used and it is not obvious if you have gone over the limit so if you cannot login after setting a password type it out and count 16 characters and use only those and you should be able to login.

If your password is lost/unknown you can reset just the password (not the switch settings) by holding the "Clear" button on the front of the switch for at least 1 second. Note again this does not reset the switch config but only the password when done this way.

Tags:

hp, procurve, cli, telnet, tutorialtelnet, software, revision, copyright, hewlett, packard, reserved, restricted, duplication, disclosure, restrictions, subdivision, ii, technical, clause, hanover, palo, alto, ca, feature, updates, announcements, register, products, www, lacp, disable, aggregation, protocol, combine, ports, overall, bandwidth, disabled, servers, apparent, justified, troubleshoot, enabled, follows, blocked, automatically, offline, intervention, typed, quot, interface, config, wr, mem, enable, detect, uplink, restart, eg, represents, int, ethernet, usage, mbit, util, percentage, mode, kbits, pkts, fdx, hdx, cc, counters, fd, located, addresses, displayed, active, interfaces, identifying, intrusion, mdi, bcast, ctrl, mdix, errors, rx, server, spotty, connectivity, bytes, frames, password, requirements, switches, maximum, characters, spaces, login, reset, settings,