Professional Documents
Culture Documents
ProCurve Adaptive EDGE Fundamentals 8.41 - Lab Activity Guide - 20081121
ProCurve Adaptive EDGE Fundamentals 8.41 - Lab Activity Guide - 20081121
Version 8.41
Lab Guide
Technical Training
Contents
Lab Overview
Introduction .............................................................................................................. 1
Equipment List ......................................................................................................... 1
Scenario .................................................................................................................... 2
Module 1 Lab 1: Enabling Remote Management
Objectives ................................................................................................................. 1
Overview .................................................................................................................. 2
Getting started .......................................................................................................... 3
Network diagram ...................................................................................................... 4
Task 1. Explore the different CLI privilege levels........................................... 5
Task 2. Explore the CLI command syntax....................................................... 6
Task 3: Define host names for the switches..................................................... 8
Task 4. Define usernames and passwords for the privilege levels................... 9
Task 5. Define an IP address and mask for in-band management ................. 10
Task 6. Establish an in-band management session ........................................ 12
Task 7. Explore the Switch Setup screen ....................................................... 13
Task 8. Use the Menu interface to configure IP authorized managers .......... 14
Task 9. Verify the IP authorized managers configuration ............................. 15
Task 10. Explore the Web interface............................................................... 16
Command Reference .............................................................................................. 17
Module 1 Lab 2: Software and File Management
Objectives ................................................................................................................. 1
Overview .................................................................................................................. 1
Network diagram ...................................................................................................... 2
Task 1. Upgrade the switch software ............................................................... 3
Task 2. Create a back-up of the switch configuration file ............................... 5
Task 3. Boot the switch with a factory default configuration file.................... 6
Task 4. Implement the multiple configuration files feature............................. 7
Task 5. Implement the SNTP service............................................................... 9
Task 6. View the Event Log and implement Syslog services ........................ 11
Task 7. View interfaces and define friendly port names................................ 13
Task 8. View LLDP information ................................................................... 14
Task 9. Back up your switch configuration files............................................ 15
Optional tasks ......................................................................................................... 16
Optional Task 10. Use advanced options of the copy command ................... 16
Optional Task 11. Use the show tech command ............................................ 17
Command Reference .............................................................................................. 19
Rev. 8.41 1
ProCurve Adaptive EDGE Fundamentals
Optional task........................................................................................................... 12
Optional Task 8. Verify load sharing............................................................. 12
Command Reference .............................................................................................. 13
Module 4 Lab 2: Configuring RSTP
Objectives ................................................................................................................. 1
Overview .................................................................................................................. 1
Network diagram ...................................................................................................... 2
Task 1. Configure VLAN 30 support on your switches................................... 3
Task 2. Configure the spanning tree bridge priority and version..................... 4
Task 3. View spanning tree details and enable RSTP...................................... 5
Task 4. Add a redundant link and verify the state of each port ....................... 6
Task 5. Verify connectivity and proper configuration ..................................... 7
Task 6. Add the second redundant link and verify the state of each port ........ 8
Task 7. Verify connectivity and proper configuration ..................................... 9
Task 8. Tag connected ports to carry all user VLANs................................... 10
Task 9. Back up your switch configuration files............................................ 11
Command Reference .............................................................................................. 13
Module 4 Lab 3: Configuring MSTP
Objectives ................................................................................................................. 1
Overview .................................................................................................................. 1
Network diagram ...................................................................................................... 2
Task 1. Tag the currently connected ports to carry all user VLANs................ 3
Task 2. Configure the spanning tree bridge priority and version..................... 4
Task 3. Enable spanning tree and view spanning tree information for the CST5
Task 4. Configure MST region and per-instance parameters .......................... 6
Task 5. Add a redundant link and verify the state of each port ....................... 7
Task 6. Verify connectivity and proper configuration ................................... 10
Task 7. Add the second redundant link and verify the state of each port ...... 11
Task 8. Verify connectivity and proper configuration for the second link .... 13
Task 9. Back up your switch configuration files............................................ 14
Command Reference .............................................................................................. 15
Module 4 Lab 4: Enabling HP Switch Meshing
Objectives ................................................................................................................. 1
Overview .................................................................................................................. 1
Network diagram ...................................................................................................... 2
Task 1. Modify the Core switch configuration ................................................ 3
Task 2. Modify the Edge_3 switch configuration............................................ 4
Task 3. Modify the Edge_1 and Edge_2 switch configurations ...................... 5
Task 4. Modify the Windows server computer configuration ......................... 6
Task 5. Configure additional ports on Core, Edge_1 and Edge_2................... 7
Task 6. Enable switch meshing on Core, Edge_1 and Edge_2........................ 8
Task 7. Verify proper spanning tree operation and network connectivity....... 9
Task 8. View the spanning tree details for MST instance 2........................... 11
Task 9. Verify switch meshing operation and network connectivity............. 12
Task 10. Restore your switch configuration files from lab 4.2 or lab 4.3...... 13
Rev. 8.41 3
ProCurve Adaptive EDGE Fundamentals
Task 4. Access the video file on your partner group’s Windows computer .... 7
Task 5. Use TfGen to generate additional traffic........................................... 10
Task 6. Configure QoS for the video traffic in VLAN 40 ............................. 11
Task 7. Reconfigure your network................................................................. 12
Task 8. Back up your switch configuration files............................................ 13
Command Reference .............................................................................................. 15
Module 8 Lab 1: Configuring the Access Point 530
Objectives ................................................................................................................. 1
Overview .................................................................................................................. 1
Network diagram ...................................................................................................... 2
Task 1. Configure a port for VLAN 20 on Edge_2.......................................... 3
Task 2. Navigating the CLI of the Access Point 530....................................... 4
Task 3. Change the Default Password ............................................................. 6
Task 4. Assigning the country code ................................................................. 7
Task 5. Configuring the IP address of the Ethernet interface .......................... 8
Task 6. Using the web interface to configure the Access Point 530.............. 10
Task 7. Configuring System Information....................................................... 11
Task 8. Configuring WLAN for your group at PCU ..................................... 13
Task 9. Check Radio Status ........................................................................... 15
Task 10. Save Configuration.......................................................................... 16
Task 11. Configure the Windows client computer for wireless connectivity 18
Command Reference .............................................................................................. 19
Module 8 Lab 2: Configuring the Wireless Edge Services zl Module
Objectives ................................................................................................................. 1
Overview .................................................................................................................. 1
Network diagram ...................................................................................................... 2
Task 1. Access the Web browser interface for the Wireless Edge Services
Module ............................................................................................................. 3
Task 2. Configure Radio Settings .................................................................... 4
Task 3. Configure PoE Source switch for RP Connection............................... 8
Task 4. Configure the WLANs ...................................................................... 11
Task 5. Associate to the WLANs................................................................... 16
Task 6. Save the Configuration File to your TFTP Server ............................ 17
Command Reference .............................................................................................. 19
Module 9 Lab : Network Troubleshooting
Objectives ................................................................................................................. 1
Overview .................................................................................................................. 1
Module 10 Lab : Network Design
Objectives ................................................................................................................. 1
Overview .................................................................................................................. 1
Scenario .................................................................................................................... 2
Rev. 8.41 5
ProCurve Adaptive EDGE Fundamentals
Appendices
Appendix A: Configuration File Solutions
Appendix B: Answers to Lab Questions
Appendix C: Step-by-Step Lab Guide
6 Rev. 8.41
Lab Overview
Introduction
These lab activities are designed as a supplement to the Adaptive EDGE
Fundamentals course to prepare network engineers to install, configure, and
troubleshoot ProCurve switching and routing products.
Equipment List
Each group of students is assigned to an equipment set that typically consists of
the following equipment:
1 ProCurve 7102dl Secure Router With 1 port (or 2 port) T1/E1 module
The two Windows computers should have the following additional software
installed:
HyperTerminal or Tera Term Pro
TFTP, SNTP, and Syslog server applications
Traffic generator application
Scenario
The lab activities in the HP ProCurve Adaptive EDGE Fundamentals course are
based upon a scenario involving an enterprise network at an educational institution
named “ProCurve University”. Throughout the lab exercises, the various
configuration tasks that you perform are described from the perspective of the
evolving networking environment at ProCurve University.
The lab activities begin with the initial configuration of multiple ProCurve
switches in a basic LAN topology simulating a small portion of the university’s
infrastructure. The subsequent lab exercises, introduce a variety of ProCurve
networking features and technologies in a progressively more complex topology
that includes additional switches and wide area networking. Some of the ProCurve
networking capabilities that will be implemented include VLANs, high-availability
and high-capacity features, WAN connections, static and dynamic routing, traffic
prioritization, and wireless access controls.
The configuration tasks will be accomplished primarily using the command line
interface (CLI). To introduce you to other ProCurve configuration tools that are
available, some configuration tasks will be performed using the menu interface,
web interface, and ProCurve Manager application.
Each group of two or more students will be assigned to work with a set of
ProCurve switches and Windows computers.
Objectives
After completing this activity you will be able to:
Use the CLI to develop familiarity with the syntax of switch commands and
the different context levels.
Assign switch identities and passwords for the different privilege levels.
Assign an IP address to the switches to enable remote management.
Use the menu interface to configure switch features.
Explore the switch Setup screen and web management interface.
Note
Please note that the network topologies and approaches presented in this Lab
Activity Guide are developed to expedite learning of specific products and
solutions. Consequently, some of the approaches used here would not be
suitable for a production network and should not be considered best practices.
Students should not assume that all material presented here is appropriate for
implementation in their work environments. For instance, the instructions
suggest insecure passwords in many cases, as they are easier to remember and
use than more complex passwords. Similarly, this topology uses VLAN 1, the
Default VLAN, for device management, which may not be suitable for all
environments.
Overview
ProCurve University is in the process of upgrading their enterprise network and
has acquired several ProCurve switches that will be deployed in the main
administration building. Initially, the switches will support a small LAN
environment consisting of three LAN segments. To begin the deployment, you
will first need to develop familiarity with the command line, menu and web
interfaces supported by the switches for management and configuration tasks.
Initially, you will access the switch using the command line interface (CLI)
through a serial port (out-of-band) connection from a Windows computer.
Since these are new ProCurve switches they come with a minimal, factory default
configuration. As part of the process of developing familiarity with the switch
CLI, you perform a number of initial configuration tasks that are commonly done
by network engineers. One of the first configuration tasks to be done involves
implementing basic security for the switches. This will include assigning a
password to each of the privilege levels, operator and manager, and limiting in-
band management access from a particular IP address.
Another initial configuration task involves assigning an IP address to the switch’s
default VLAN, VLAN 1, which will serve as the management VLAN. After the
IP address has been assigned, you will be able access the switch over an in-band
connection using a Telnet client program on the Windows computer.
Note
Be sure to read the following instructions and background information before
starting the lab exercise.
Getting started
Equipment set
In this lab, you will work on your own or in a team of two students to configure
and physically connect the switches and workstations.
Your lab equipment includes two Windows computers, four ProCurve switches,
one ProCurve Access Point 530 and one ProCurve Secure WAN router. Initially,
the two Windows computers will be used for out-of-band (serial port connection)
access to two of the switches for the purpose of performing initial configuration
tasks. These tasks include assigning passwords to the operator and manager
privilege levels and an IP address to the management VLAN.
Later during this lab, the Windows computers will be used for in-band (Telnet)
access to the switches. For in-band management, the Windows computers should
have the Tera Term Pro or Microsoft HyperTerminal terminal emulator program
installed.
Parameter Setting
Data bits 8
Parity none
Stop bits 1
Note
For Microsoft HyperTerminal, ensure the “Function, arrow, and ctrl keys act
as Windows keys” parameter is disabled.
Addressing scheme
The classroom contains six groups of equipment, similar to that shown in the
diagram in the next section. Your instructor will assign a number to your student
group that will be used for substitution in various references to IP address and
hostnames in the lab exercises. For example, for the IP address 10.x.1.0/24, the
“x” in the second octet is used to represent your group number. If you are
assigned to group 1, then this IP address would be 10.1.1.0/24.
In addition, the third octet in each IP address is used to identify the VLAN to
which a device belongs. For example, the third octet in the IP address 10.1.1.0/24
implies it is associated with VLAN 1.
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will use the two edge switches labeled Edge_1 and
Edge_2 and the two Windows computers. Substitute your assigned group number
for the “x” in each of the IP addresses.
Note
If there are two students in your group, each of you can select one of the
switches labeled Edge_1 or Edge_2 and perform the activities of this
task independently.
2. On your desktop, double-click the Tera Term Pro icon or equivalent to run
the terminal emulation program. Press <Enter> several times to display the
prompt from the switch. It should appear similar to the following.
Note
If the output listing exceeds the screen size you will see the following
instructions.
-- MORE --, next page: Space, next line: Enter, quit:
Control-C
You can also type the letter “q” to return to the prompt.
Note
You will receive an “Ambiguous input error” message if you do not
enter enough characters to make the command unique from others that
have the same initial sequence of characters.
3. Display the running configuration and the startup configuration and note any
differences that you can see.
4. Type “show running-config status” and then “show config status” and note
the status information displayed.
5. Type “write memory” to save the running-configuration into the startup-
configuration.
6. Once again, view the status of either the running or the startup configuration.
Note
If you do NOT explicitly define a username for the Operator or Manager
privilege level, then the switch does not prompt you for a username
when accessing the respective privilege level. As you have seen, up to
this point the switch also has NOT prompted you for a password since
the factory default configuration is a null password.
Note
Although it is not necessary to define a default gateway for the switches
and Windows computers for traffic to flow correctly in this particular
lab, a default gateway will be required in later labs. More background
on VLANs and default gateways will be provided in later modules.
1. On the Edge_1 and Edge_2 switches you are managing, enter the VLAN 1
context level.
2. Assign the IP addresses from the following table. Also, verify and/or
reconfigure the Windows computers to match the IP addresses listed in the
table below.
Device IP Address
Edge_1 10.x.1.2/24
Edge_2 10.x.1.3/24
Note
Substitute your group number for “x”.
Note
The port identifiers specified in the table are examples. Substitute a port
identifier of your choice that is appropriate for the switch model you are
using.
Note
At the bottom of some Switch Setup screens are navigation or edit
instructions, depending on whether you are navigating through the menu
items or within a configuration screen.
2. Move the cursor to the “Logon Default” field and press the space bar to
toggle through the choices.
3. Move the cursor to the “Time Sync Method” field and press the space bar to
toggle through the choices. Select ‘SNTP’.
4. Move the cursor to the “SNTP Mode” field. Notice this field name changed
based on the ‘Time Sync Method’ field value.
5. Press the space bar to toggle through the choices.
6. Press <Enter> to position the cursor in the Actions field. Select “Cancel” so
that any changes you may have made are not saved. Press <Enter> to exit the
Switch Setup screen and return to the CLI.
For more on using the Switch Setup screen, see the Installation and Getting
Started Guide for the associated switch.
Note
A good time saver when navigating through the menu interface is to try
and remember the numbering scheme to move through the menus to
arrive at your destination menu item more quickly.
For instance from the main menu, the number sequence “2 → 7 →3”
will take you to the VLAN Port Assignment screen and the number
sequence “2 → 6” will take you the IP Authorized Managers screen.
2. Select the “Status and Counters” menu item and explore the menu listing
displayed which provides access to a variety of helpful switch information.
3. Navigate to the IP Authorized Managers screen. Add the IP address of your
Windows computer and select “Manager” for the Access Level. Then save
the configuration.
Note
To add a single station, the mask must be specified as 255.255.255.255.
Note
During the remaining steps of this task, you will need to coordinate with
your partner so that you synchronize the activities performed.
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command Description
show history Displays a list of previous commands
password operator user-name operator Defines operator level user name and password
password manager user-name manager Defines manager level user name and password
Objectives
After completing this activity you will be able to:
View the current and stored software revisions on a switch and upgrade
switch software.
Manage switch configuration files and use the multiple configurations
feature.
Enable SNTP services.
View event logs and implement a Syslog service.
View interfaces and define friendly port names.
View LLDP information.
Overview
As the network manager for ProCurve University, you realize it is important to
understand how to manage the switch system software and configuration files.
ProCurve University, like many IT organizations, has standard procedures that
must be followed for maintaining systems in the network. These procedures
include backing up configuration files on a scheduled basis, evaluating and
updating system images as a vendor releases them, and implementing syslog
facilities. Therefore, you will need to develop familiarity with the management of
configuration and system software files on the ProCurve switches.
In addition, you plan on continuing with several other initial configuration tasks.
These include configuring the switch to use a time server and syslog server and
modifying the port names to use a more user friendly scheme.
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will use the two edge switches labeled Edge_1 and
Edge_2 and the two Windows computers. Substitute your assigned group number
for the “x” in each of the IP addresses.
Note
While there are other TFTP programs available, TFTPd32 is used in
these lab exercises. This is a free TFTP program and can be
downloaded from the website at http://tftpd32.jounin.net.
3. Browse to the directory where the switch software is stored to establish that
directory as the TFTP root directory.
Note
Your instructor will provide a copy of the latest firmware for the
switches and their location on the Windows computers.
4. Using the CLI “copy” command, transfer the latest software image from the
TFTP server to the switch’s secondary flash location.
copy tftp flash <ip-address> <remote-file> secondary
5. After the prompt reappears, use “show flash” to list the software image
versions stored on flash.
Write the two versions below:
Primary: _____________________
Secondary: _____________________
Note
With the Primary/Secondary flash option you can test a new image in
your system without having to replace a previously existing image. You
can also use the image options for troubleshooting. For example, you
can copy a problem image into Secondary flash for later analysis and
place another, proven image in Primary flash to run your system. The
switch can use only one image at a time.
6. Use the “boot system flash secondary” command to reboot the switch with
the new software.
7. Use “show version” to verify the secondary software image is the one the
switch was booted with.
8. Use the “copy” command to copy the secondary flash contents to the primary
flash location. This is a local operation—you do not use the TFTP service to
do this.
a. What is the command syntax that you would use?
__________________________________________________________
9. After the prompt reappears, verify that the primary location has been updated.
Switch Filename
Edge_1 lab1.1_edge_1
Edge_2 lab1.1_edge_2
Configuration files:
Note
If you see additional configuration files other than “oldConfig” or
“workingConfig” they may be from the previous class and will need to
be deleted so that a slot can be freed up.
You can delete a configuration file using the command below.
erase config <filename>
Note
At the first reboot with a software release supporting multiple
configurations, the switch does the following:
Assigns the filename oldConfig to the existing startup-config file
which is stored in memory slot 1.
Saves a copy of the existing startup-config file in memory slot 2
with the filename workingConfig.
Assigns the workingConfig file as the active and default
configuration for all subsequent reboots using either the primary
or secondary flash.
2. Go to the directory where you saved your startup-config and open it using a
text editor such as Notepad or WordPad. Add the text “Secondary” to the
hostname and then save the file as “secondaryconfig” in the same directory.
Note
When copying switch configuration files the filename must be exact.
This includes extensions if the file has one. Since you will have saved
this file using a new name, Notepad or WordPad will append the “.txt”
extension to the filename. Therefore, you will need to either rename the
file and remove the .txt extension or remember to specify the extension
when copying the file.
Note
This will assign the configuration file “secondaryconfig” to boot with
the secondary software image.
Note
Only one of the Windows computers in your group will be running the
SNTP service. Use the Windows Server as the time server.
2. From the switch CLI, view the current time and SNTP settings on the switch.
3. From the global context level, use the “sntp” command to specify the time
server IP address and priority and the use of unicast mode.
4. Use the “timesync” command to set the mode to “SNTP”.
5. View the current time setting again. Depending on your local time zone, you
may notice that the time displayed at the switch CLI is not the same as the
time displayed on the SNTP server.
6. Use the “time” command to specify a GMT offset in minutes. For example,
if your time zone is five hours west of GMT, the offset is -300. View the
current time setting once completed.
7. Change the time on the Windows computer running the SNTP service and
see how long it takes for the switch to reflect the updated time.
8. To view the results faster, use the “sntp” command to adjust the polling
interval for updates of the system clock. By default, the switch is set to poll
every 720 seconds (12 minutes).
9. Use the “time” command to adjust the “daylight-time-rule” to reflect your
location.
7. From the CLI, type “reload” to reboot one of the switches. When the switch
becomes available, view the event log and verify that the events that occurred
before the reboot are no longer listed.
8. Here are some options for viewing the log at the CLI using the “show
logging” command.
List recorded log messages since last reboot.
show logging
List all recorded log messages, including those before the last reboot.
show logging -a
List log messages with “system” in the text or module name.
show logging system
Lists all log messages since the last reboot that have “system” in the text or
module name.
show logging -a system
Lists all log messages since the last reboot in reverse order.
show logging -r
Command
show interface
Note
As you progress through the subsequent labs and you start connecting more
switches, practice the “lldp” commands to view the information as your
network increases in size.
Switch Filename
Edge_1 lab1.2_edge_1
Edge_2 lab1.2_edge_2
Optional tasks
Continue on with these optional tasks if you have completed the required section
of the lab exercise.
Note
The command you specify can be enclosed in single or double quotation
marks.
3. View the file content sent to the TFTP server using Windows Explorer.
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command Description
Displays version of currently active software
show version
image
show lldp info local-device Displays LLDP information of the local system
Command Description
logging <ip-address> Specifies the IP address of a Syslog server
interfaces <port-id> name <name> Defines a friendly port name for specified port
copy tftp flash <ip-address> <filename> Copies software image file from a TFTP server
secondary to secondary flash slot
copy startup-config tftp <ip-address> Copies the startup configuration file on flash to
<filename> a TFTP server
copy tftp startup-config <ip-address> Copies the named configuration file from a TFTP
<filename> server to startup-config on flash
copy command-output <’cli-command’> tftp Copies the output of the specified command to
<ip-address> <filename> the named file on a TFTP server
Objectives
After completing this activity you will be able to:
Add/Define VLANs
Enable IP routing on the core switch
Tag switch-to-switch links with the appropriate VLANs and verify
connectivity
Configure an IP helper address
Overview
At this point, as the network manager for ProCurve University you have developed
an overall familiarity with the essential tasks of locally and remotely managing a
ProCurve switch. You are now ready to take the next step and introduce an
additional ProCurve switch and deploy user VLANs. This additional switch will
be deployed as a core switch and will support routing between the user VLANs.
The addition of multiple VLANs into the network environment will allow for the
segmentation of traffic types. This segmentation will allow for easier management
as well as configuration of QoS policies in the future. For example, providing a
voice VLAN will provide a more solid foundation with higher call quality and
fewer dropped calls.
VLANs are utilized to create logical networks, maximizing physical connections;
grouping together users by application, geographical location or department
through port specifications. Alternatively, or in addition, protocol VLANs could
also be useful for similar purposes. For instance, one might wish to create a
VLAN to handle IPv4 traffic only, while creating an additional VLAN for IPv6
traffic. This would allow for easier administration, and where IPv6 may be a
phased rollout, this design would also allow for easier reporting, baselining and
capacity planning when adding new devices that will be configured for IPv6 only.
In this lab exercise you will deploy port-based VLANs.
In this hands-on activity you will perform basic configuration of four VLANs,
numbered 1, 10, 20 and 30. VLAN 1, the management VLAN, will be modified
on the Edge 1 and Edge 2 switches and initial configuration will be done on the
Core and Edge_3 switches. VLANs 10, 20 and 30 will serve as user VLANs and
will be added selectively to each of the switches.
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will use two additional switches labeled Core and Edge_3.
Note the following configuration changes:
Default gateway specification has been added to Edge_1, Edge_2, Edge_3,
and the Windows Server computer.
IP address assignment for Windows XP computer set to DHCP.
Ethernet cable between Edge_1 and Edge_2 has been removed. Windows
XP computer Ethernet cable connects to Edge_3.
Substitute your assigned group number for the “x” in each of the IP addresses.
Note
If there are two students in your group, each of you can select one of the
switches labeled Core or Edge_3 and perform the activities of this task
independently.
1. Connect a console cable from one of your Windows computers to the Core or
Edge_3 switch and establish a console session.
2. Since this is the first time you are accessing these switches, use the
“password” command to configure both a username and password for each
of the Operator and Manager privilege levels. Specify the usernames and
passwords from the following table.
Device IP Address
Core 10.X.1.1/24
Edge_3 10.X.1.4/24
Note
In the steps that follow, divide the switch management responsibilities
with your partner. Ensure you do not attempt to edit a switch’s
configuration at the same time.
1. From one of the Windows computers, open a Telnet session with the core
switch using Tera Term Pro. Remember only one person in your group will
do this.
2. Access the global configuration level and define VLANs 10, 20, and 30 using
the “vlan <vlan-id>”command.
3. Use “show vlans” to verify the VLANs have been created.
4. You should see a listing of the newly created VLANs on the Core switch
similar to the following.
Note
Depending on the switch model you are using for the Core switch. The
column labeled Jumbo (indicating whether jumbo frame support is
enabled) may not be listed.
Additional notes:
We have been using the CLI, which is capable of configuring and displaying
both port-based and protocol-based VLANs. The Menu interface can ONLY
be used to configure and display port-based VLANs whereas ProCurve
Manager Plus can be used to configure and display both port-based and
protocol-based VLANs.
For additional information, refer to the ProCurve documentation for the
3500yl, 5400zl, 6200yl, and 8212zl series switches — static VLAN section
of the Advanced Traffic Management Guide and the Management and
Configuration Guide. This can be found at www.procurve.com/manuals.
Note
All remaining ports that are not explicitly referenced retain an
“untagged” status in VLAN 1.
2. Connect to the Core switch and use the “vlan <vid> tagged <port-list>”
command to tag the appropriate switch-to-switch ports.
3. Use “show vlan <vid>” to examine the status of each tagged port.
4. Connect to each of the Edge_1, Edge_2, and Edge_3 switches and access the
global configuration context level. Tag the switch-to-switch ports as
necessary, based on the network diagram and the table above.
The table below summarizes some basic rules of port-based and protocol-based
VLANs in terms of untagged and tagged status. We have created port-based
VLANs in order to allow traffic to pass from one switch to another. A protocol-
based VLAN will generally require more planning due to the number of protocols
on the network and the variety of devices, applications, and end-users that may use
these protocols.
Note
If you were not successful, use the previous steps to verify your
configuration. Also verify the tagged/untagged state of your switch-to-
switch links.
Note
The edge switches will remain configured as layer 2 switches. Do not
enable routing on the edge switches.
2. Verify that the Core switch has a local path to the four networks by viewing
the IP route table. Use the “show ip route” command. You should see
information similar to the following where “x” is replaced with your group
number.
IP Route Entries
3. Using “ping”, test connectivity to the other subnets from your Windows
computers and switches.
a. Were you successful? ______________
b. If you were not successful, what added configuration would be needed
for your Windows computer to pass their network traffic to networks
not in its local subnet?
_______________________________________________________
Scope
IP Range Subnet Mask Router
Name
10.x.10.50 to /24 or
VLAN 10 10.x.10.1
10.x.10.150 255.255.255.0
10.X.20.50 to /24 or
VLAN 20 10.x.20.1
10.x.20.150 255.255.255.0
10.x.30.50 to /24 or
VLAN 30 10.x.30.1
10.x.30.150 255.255.255.0
2. Configure an IP helper address for VLAN 30. The IP helper address should
be that of the Windows Server running the DHCP service.
c. On which switch or switches should this task be done?
___________________
Use the command “ip helper-address 10.x.1.10”.
Note
You only need to configure switches to the extent that VLAN 10 traffic
from the Windows XP computer can reach the Core switch. The Core
switch will be sending the DHCP messages to the Windows Server that
is located in VLAN 1.
Switch Filename
Core lab2_core
Edge_1 lab2_edge_1
Edge_2 lab2_edge_2
Edge_3 lab2_edge_3
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command Description
show vlans Displays list of defined VLANs
password operator user-name operator Defines operator level user name and password
password manager user-name manager Defines manager level user name and password
copy running-config tftp <ip-address> Copies the running configuration file to a TFTP
<filename> server
Objectives
After completing this activity you will be able to:
Install the PCM+ network management application
Install the PCM+ remote client component and configure the PCM+ server
for remote client connections
Manage switch configuration changes and software updates using PCM+
Use the find node and trace path diagnostic tools to determine the location
and connectivity of systems and network paths between systems
Monitor link utilization and examine traffic composition using the traffic
monitoring tool
Generate events based on traffic threshold settings use the alerts feature to be
notified of network conditions
Use configuration templates to deploy pre-built configurations to switches
Overview
In this lab exercise, you deploy the ProCurve Manager Plus (PCM+) network
management application on your Windows server computer and the remote client
component of PCM+ on your Windows client computer. The primary objective is
to demonstrate the installation process and the functionality of the product.
At this point as the network manager for ProCurve University, you have deployed
several switches and implemented multiple VLANs, primarily using the CLI.
PCM+ provides a graphical interface that is useful when implementing ProCurve
Networking’s Intelligent Edge features and to perform various network monitoring
and management tasks. In preparation for those tasks, ProCurve University would
like to investigate how the PCM+ tool is installed and examine some of the
configuration and network management capabilities that it provides.
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
Verify and modify the network connections, if necessary, so that the Windows XP
computer that will be used as a PCM+ remote client is connected to Edge_3. The
Windows server computer will be used as the PCM+ server and should be
connected to Edge_1.
Note
This task is only performed on your Windows server computer. In a
subsequent task you will install a PCM+ remote client component on your
Windows XP client computer.
PCM+ software is available for purchase or as a 30-day free trial. The PCM+
software is shipped on a CD with the purchase of any ProCurve managed switch.
The software can also be downloaded from the ProCurve website.
For this lab, you will be using a copy of the software stored on your Windows
server computer.
1. On your Windows server computer, start the ProCurve Manager Installation
Wizard by clicking on the install.exe file.
Note
Unless otherwise indicated by the instructor, the software can be found in the
directory named C:\Kits\PCM.
3. Click I accept the terms of the License Agreement and then click Next to
continue.
4. Use the scroll bar to view the contents of the Readme file.
5. After you have finished viewing the Readme file, click Next to continue.
Note
To install PCM+ NNM, you must already have OpenView NNM
installed on your computer. Otherwise, the standalone PCM+ version
will be installed.
8. For the purposes of this lab, ensure only the ProCurve Manager check box is
checked and then click Next to continue. The ProCurve Identity Driven
Management and ProCurve Mobility Manager will not be used in this lab.
9. Accept the default installation location and then click Next to continue.
You have the option of changing this to a directory of your choosing.
However, for the purposes of this lab the default installation path will be
used, but as a helpful reference it is good to know where PCM+ is installed
so you can explore these folders later and see some of the behind the scenes
structure of PCM+.
10. Review the pre-installation summary and then click Install to continue.
Note
Once the Installation Wizard begins the process of installing the PCM+
files on your system, you cannot safely cancel the installation. You must
wait until the installation process is complete and then uninstall PCM+
using the Add/Remove Programs function on the Windows Control
Panel.
If you do cancel the installation while files are being copied to your
system, PCM+ may not be able to uninstall the files, or properly
reinstall over the existing files.
After this stage of the installation process has completed, the Setup
Administrator Password window appears. Various user settings will be
configured in this window and those that follow.
11. Configure the password for the Administrator account. For the purposes of
this lab, set the password to password in lower case.
Note
It is very important to remember what you set for this password as this
account is the primary and only method for configuring PCM+ until
some other administrator level accounts are created.
To start the discovery of the network devices, you need to identify a Start
from device by its IP address or DNS name. For the discovery process to take
place most efficiently, this device should be a ProCurve switch that is
centrally located in your network. Avoid using routing devices, non-
ProCurve devices, or an edge device that is primarily connected to end nodes.
13. For this lab, enter the IP address 10.x.1.1. Substitute your group number for
“x”. This IP address corresponds to the closest routing interface and is
located in VLAN 1 which the Windows Server computer is a member.
The default for PCM+ is to use SNMPv2 with Read Community and Write
Community names of public to communicate with devices. PCM+ supports
the use of both SNMP version 2 and version 3. Both versions can be selected
by using the Primary Version and Secondary Version radio buttons.
At this point in the lab exercises, the switches are configured to use the
default settings of SNMPv2 with a read-write (unrestricted) community name
of public which correspond to the PCM+ default settings.
This window is used to configure the settings for how PCM+ will interface
with the network switches in its management domain. The default
configuration uses Telnet with the Username and Password set to public.
That username and password are not the switch settings that you currently
have configured.
16. For the purposes of this lab, your switches are already configured with
Operator and Manager accounts named operator and manager, respectively.
Both of these accounts should have the password set to password. Specify
that information in the applicable fields.
In your company’s or organization’s network, if a switch is configured for
more secure management, you can also configure PCM+ to use SSH for
encrypted CLI commands so that network information won’t be passed over
the network in clear text.
PCM+ requires access to the Internet for downloading program and switch
software updates. If your network has a proxy server, you would specify the
proxy information here so that PCM+ can communicate with the Internet.
Note
Check with your instructor to determine if a proxy server is needed. If a
proxy server is used, specify the IP address and port information in the
applicable fields.
23. In the Install Complete window, click Done to exit the installation wizard.
L3.1 – 16 Rev. 8.41
Using ProCurve Manager Plus
Note
This task is only performed on your Windows XP client computer.
1. To install the PCM+ remote client component, open a web browser on your
Windows XP computer and type the following URL:
http://10.x.1.10:8040
Substitute your group number for “x”. The following window appears.
If this dialog box appears, simply click Yes and the browser window should
refresh with a web page similar to the following.
6. The installer checks for space on the hard drive and then launches the
installation program.
8. Click I accept the terms of the License Agreement and then click Next to
continue.
The installation wizard will automatically detect the system configuration and
determine the appropriate client software.
11. For the purposes of this lab, accept the default installation location and then
click Next to continue.
12. Review the pre-installation summary and then click Install to continue. The
Installing ProCurve Manager Client window appears, and provides progress
indicators for the software installation process.
L3.1 – 22 Rev. 8.41
Using ProCurve Manager Plus
After the installation process has completed, the Install Complete window
appears.
13. In the Install Complete window, click Done to exit the installation wizard.
Note
This task is only performed on your Windows server computer.
Note
Substitute your group number for “x”.
3. Save and close the access.txt file and then exit Windows Explorer.
From this point on you can either access PCM+ directly on your Windows
server computer or using the PCM+ remote client installed on your Windows
XP client.
Note
Access the PCM+ application from only one of your Windows computers.
2. You may receive a Windows Security Alert dialog box when you start the
PCM+ remote client and have the Windows Firewall running. If the security
alert appears, click Unblock to continue.
The first time you start the PCM+ application the server discovery process
will run and attempt to find all PCM+ servers that may be located on the
network.
After several seconds the server discovery process completes and the
ProCurve Manager Startup window appears. The information shown on the
window will depend on whether you started PCM+ on the Windows server or
Windows client computer.
If you start PCM+ on the Windows server computer, then the ProCurve
Manager Startup window will identify the PCM+ server running on that
computer.
3. You can then simply select the management server entry and click Connect.
If you start PCM+ on the Windows client computer, then the ProCurve
Manager Startup window may not identify a PCM+ server.
4. In that case, you will need to manually type the IP address of your PCM+
server, 10.x.1.10, in the Direct Address field and then click Connect.
You will then be prompted for the PCM+ administrator username and
password that you defined during the PCM+ software installation process.
Note
If you are attempting to access PCM+ using the remote client on your
Windows client computer and a Login Failure dialog box appears indicating
the PCM+ server could not authenticate the client, then either you did not add
an IP address entry in the access.txt file or the entry does not match the
client’s IP address.
6. Enter administrator for Username and password for Password and then
click Login.
After you successfully log on to PCM+, the Network Management Home window
appears.
panel will open the Device List window. If you are using PCM+ for HP
OpenView NNM, end node information will not be available within PCM+.
Device Configurations—This panel displays two charts.
• A histogram indicating the number of devices with software
configurations that have changed since the original PCM+ device scan,
and days since the configuration changed. Clicking on this sub-panel
will open the Device Configuration window.
• A pie chart indicating the number of devices with the Preferred or
Other switch software installed. Hovering over the chart sections
displays a tool tip indicating the number of devices in that segment.
Events—This panel displays a summary of the outstanding
(unacknowledged) events, including a count (from left to right) of the number
of informational, warning, minor, major, and critical events. Clicking on this
panel will open the Events Monitor window. The color coded square
correlates to the severity level, e.g., purple is used for informational events.
Traffic Status—A color-coded gauge indicating traffic measurement in the
worst segment of the network based on threshold settings. If you do not have
PCM+ installed, an unavailable message is displayed within the Traffic
Status panel. The message “No devices monitored” is displayed if you do not
have any devices configured in the Traffic Monitor. Clicking on the Traffic
Status sub-panel will open the Traffic Monitor window. The color indicators
used in the Traffic gauge are:
• Green indicates the values are within normal range.
• Yellow indicates threshold values have exceeded the normal range, but
are not critical.
• Red indicates threshold values are in the critical range, and corrective
action is needed.
7. You can access most of the contextual tools and commands provided with
PCM+ using the right-click menus. To use the right-click menu, fully expand
the navigation tree on the left-hand side of the window and then right-click
on a switch node to display the menu. The menu should look as follows:
You can also access the right-click menus when you select a switch device in
the Devices List tab located on the right-hand side.
The options enabled in the right-click menu will vary based on the node or
device you have selected in the navigation tree, whether you are using PCM
or PCM+, and your login account type. Disabled functions will be grayed out.
9. For those models that support it, you can select the “Live View” tab to
display a front panel view of the switch indicating such things as module and
port status.
10. Now that you have seen some of the key windows and navigation features in
PCM+, take some time to go exploring and get comfortable with the
interface. Navigate through the main PCM+ menus and see the options under
each one. From the Dashboard tab, select the Network Device Status
histogram to expand the currently installed devices.
11. Examine each device navigation tool bar by letting your mouse sit on each
one for a few seconds to see the mouse-over display of each button. Also
make sure to use the right mouse button so you can see what menu options
are available at the different levels of PCM.
12. Explore the connectivity options available to you for the devices through the
Device Access Menu icon.
13. Connect to your switch with the Telnet or Web interface available in PCM.
You can change PCM+ communication parameters per device through the
Device Wizard.
14. Examine the events collected so far by clicking on one of the status bars for
an event in the Events window.
This will open a new window allowing you to see the events listed up above
and detailed information for a selected event below.
15. Determine how you can filter events by severity which will eliminate events
that are not of interest at the moment, for example, if you trying to
troubleshoot a specific problem.
16. On the PCM+ menu bar, click Tools > Preferences to display the
Preferences window.
Most of the settings specified during the installation wizard and many others
can be changed using the PCM+ Preferences menu.
17. Looking down through the options on the left side, you will see the settings
that control the operation of the server. Take a few moments here and
expand the menus to see the various settings you can control.
18. Click the Automatic Updates menu option.
This is where you can configure how you would like the PCM+ application to
manage software updates for PCM.
19. If you have Internet access, click on the Check Now button to have PCM+
find any updates and install them.
23. At the bottom of the menu is the Software Update section. Click the
Download now! button. If the download is successful, the Last downloaded
field will be updated to match the date and time on your server.
You can control how device names are displayed, for example, in the
navigation tree and in the Devices List window and whether any friendly port
names that may have been configured are displayed.
25. Enable the System Name (IP Address) radio button to have PCM+ show the
hostname and IP address of your switches. Also, enable the Use Port
Friendly Names checkbox. Then click Apply.
You will be able to see the updated system names after the devices are
rediscovered in a step below.
26. Click the Discovery menu option and notice the managed and unmanaged
networks that are listed.
By default, PCM+ will only add the subnet of the discovery starting point
device (specified during the installation process) as a managed subnet. This
prevents the discovery process from running on networks where no network
devices exist and therefore generating unnecessary traffic.
27. Edit each of the three user VLANs and configure the following information.
29. Close the Preferences window. Examine the display name format that you
configured for your switches in a prior step by expanding the nodes in the
navigation tree or by double clicking on the Interconnect Devices node.
If your switch is configured correctly, the window should look like the
example below when the testing is finished:
Repeat these steps for each of your devices
Note
If one of these tests fails, consult with your instructor before continuing on
with the rest of the lab as you may not be able to perform all of the needed
procedures without full access to the switch.
5. You will have the option of using TFTP or Secure Copy, accept the default
“TFTP” and click Next. After the scan completes, click Next to continue.
You will revisit this feature in a later step after you have made a
configuration change to your switch using PCM+.
7. Click on the Configuration tab above the device. You should see a window
that looks similar to the image below.
10. On the device tool bar, click the VLAN tool button and choose Create
VLAN to run the Create VLAN wizard.
12. Type 40 in the VLAN ID field and click Next to configure VLAN-specific
settings.
13. Add two currently unused ports as untagged members of VLAN 40. Leave
the IP Config setting disabled since there is no need to assign an IP address at
this time.
15. Review your settings. If everything looks correct, click Next to create the new
VLAN.
17. Now that you have made a change to your switch configuration, revisit the
configuration management features by running a new configuration scan on
your switch. But this time enter the comment “New VLAN 40”.
18. When the scan completes, choose the View Differences option this time and
click Next.
This is an example of what you will see. The window is divided into four
separate panels. PCM+ will highlight any differences between the two
configurations in a color-coded manner. You can scroll through the software
configurations line by line.
19. Scroll through your configuration files to note the changes that adding a
VLAN had on the configuration file.
20. Close the Configuration Difference Viewer window.
21. If these changes were unauthorized, the administrator has the option of
rolling back to the previously saved version of the configuration file.
Access the Configuration History tab for the Edge_3 device in the
Interconnect Device window.
This screen shows the history of the configuration scans and any changes
between the configuration files between scan as well as their timestamp. This
gives the network administrator the flexibility in being able to select an older
2. Click the Software Update wizard icon in the tool bar. The Software
Update Wizard window appears.
This window shows the current software versions installed in the primary and
secondary flash areas and a list of other software versions the PCM+ server
has available.
5. Select the Primary or Secondary flash image area that you want to update and
then use the Select Version drop-down menu to choose a software version to
be installed.
This window allows you to specify the time for the software update and
whether or not the switch is to be rebooted after the update is completed.
7. Accept the default settings and click Finish to continue. The software update
will begin.
8. In the upper tool bar of the PCM+ window is a Software Update Status icon
After several minutes the update process and reboot of the switch should be
complete.
10. Once your switch reboots, access the switch CLI via Telnet or the serial port
and use the show version command to verify that the software update has
been successful.
11. Once you have successfully deployed the latest software update for your
Edge_3 switch, you can perform the equivalent task for your Core switch.
The software for the Edge_1 and Edge_2 switches were updated in lab 1.
Task 7. Use the Find Node and Trace Path diagnostic tools
PCM+ has several diagnostic tools, but two of the most useful and easiest to use
are the Find Node and Node to Node Trace Path tools. These tools allow you to
find a node on your network and return information that not only indicates whether
the node is reachable, but also to which switch and port the node is connected.
This can be done based on the device’s IP address or MAC address.
1. Connect your Windows client computer into a port on the Edge_3 switch that
you configured as an untagged member of VLAN 30. That configuration task
was done in lab 2.
2. Use “ipconfig” from a DOS prompt to verify the Windows client computer
has an IP address in VLAN 30 (10.x.30.y), where “x” is your group number
and “y” is a host number from the scope defined on the DHCP server (50 to
150).
3. Verify you can “ping” other devices on the network from the Windows client
computer.
4. Click the Find Node icon in the upper tool bar of the PCM+ window.
The Find Node window appears.
5. Enter the IP address of your Windows client computer and click Find.
Click the Node to Node Trace Path icon in the upper tool bar of the
PCM+ window. The Node to Node Path Trace window appears.
7. Specify the IP address of your Windows client computer as the source device
and the IP address of your Windows server computer as the destination
device.
Note
You can reverse the order of what you specify as the source and destination
devices.
The output of a node to node path trace will display each hop traversed
between the Windows client computer and the Windows server computer.
The output will also show the uplink ports traversed.
2. In the Devices List tab, click the Tool menu drop-down icon and
choose the Scan option.
3. Enter the appropriate comment from the table below and click Next to
continue.
Comment/
Switch
Filename
Core lab3_core
Edge_1 lab3_edge_1
Edge_2 lab3_edge_2
Edge_3 lab3_edge_3
Optional tasks
Continue on with these optional tasks if you have completed the required section
of the lab exercise.
In this lab exercise, you explore the traffic monitoring capabilities of PCM+. This
includes the ability to monitor network traffic showing utilization percentage, and
packet and error transmission rates. You will be using the Traffic Manager to
examine network traffic produced by a basic traffic generator program. Using the
traffic generator program, you can designate the destination IP address and port
number, and the relative traffic loading level. The Traffic Manager’s main window
will provide an overview of the traffic activity on a given segment and the Top
Overview Window will provide a means to drill-down and examine the traffic
profile in more detail.
An icon may be located on the desktop or you may need to use Start
> Programs to locate the program.
4. Configure the following options:
• Utilization rate: 15000
• Destination: 10.x.1.1 (Core switch)
Substitute your Group number for “x”.
• User-definable port: 69
Optional Task 10. Use the Traffic Manager to examine the traffic
data
In this task, you will examine a variety of traffic statistics collected by the Traffic
Monitor.
1. In the PCM+ navigation pane, click Interconnect Devices and then click the
Devices List tab.
2. Click the core switch and then click the Traffic tab.
You will see the Traffic Manager window. On the left is the Top Overview
summary which displays the worst measures for each metric group, and the
number of ports that have reached critical or warning thresholds in the last
interval. To the right is the Traffic Gauge and Mini-Trend panel which
displays the worst port in the current minute. When a heading row is selected,
for example Utilization (0 Critical, 1 Warning), the worst metric in that group
is selected. Below is the Overview Panel which displays a table with the
device/ports for the selected device or device group in the navigation pane.
Note
You may have to wait several minutes for activity to appear in the
gauges and the segment view. If relatively low activity levels appear,
you may need to increase the TfGen utilization values proportionately.
You should see the activity on the gauge increasing. From the traffic you are
generating, you should be able to cause the utilization of a 100 Mbps client
port to easily exceed 50%.
L3.1 – 62 Rev. 8.41
Using ProCurve Manager Plus
The other statistics will likely be relatively low on that port and register
primarily in the green region of the gauges.
Notice the port identified in the gauge, it will likely be the Edge_1 port
connecting to the client in most cases, but not necessarily.
3. In the Top Overview, expand the Utilization node and then click the port
connecting to the edge0x switch.
4. To view the levels better, use the horizontal sliders to decrease the time for
both Rx and Tx traffic.
The Statistics tab provides a table that lists the summary details for each
traffic metric of the selected port.
You should not see any threshold violations from the traffic you have
generated from this point. Later in the lab you will move the thresholds to
create violations.
8. Click the Port tab.
The Port tab provides port attributes like the port name, speed, whether the
port is active or inactive the port index number. Notice that this tab also
displays if the port is using the Default Thresholds for traffic.
The Device tab lists the basic information for the device the port belongs to,
including IP Address, Product Name (model or device group) and if sFlow
and XRMON functions are supported on the device (yes or no).
10. Click the Log tab.
The Log tab displays timestamps for the latest received traffic updates. It is
essentially a history of the contents of the Traffic tab's Msg/Time column. It
is a good place to start troubleshooting traffic issues.
11. Close the Port Summary window.
12. Stop both TfGen programs.
Notice that the sliders allow you to adjust the relative ranges that correspond
to the warning and critical thresholds.
Rev. 8.41 L3.1 – 67
Adaptive EDGE Fundamentals
2. In the interest of time for this lab, move the Rx and Tx sliders of the
Utilization % Warning threshold to 3 % and the Critical threshold to 5%.
You could also change the values from 75% to 5% and 3% respectively.
3. Click OK.
4. Restart both TfGen programs.
5. Increase the TfGen program instance that had Utilization set at 15000 to
45000.
Notice that the traffic gauge has now changed its thresholds
Notice that the warning alarm is lit in three places; the Top Overview, the
traffic gauge and in the Port summary view.
7. In the Top Overview panel of the Traffic tab, expand the Summary node and
then the Utilization node.
8. Click the port connecting to the edge_1 switch.
Notice that the bars have changed color from green to yellow denoting a
warning.
9. In the navigation pane, click Network Management Hone and then click the
Events tab.
The Threshold Violations should look similar to the graphic above. Notice
that the only metric type that is in violation is the Rx side of the Utilization.
11. Close the Port Summary window.
4. In the RMON Threshold window, select the port connecting to the Windows
client computer.
5. Accept the defaults for the remaining parameters and click OK.
6. Click Close.
7. In the navigation pane, click the Network Management Home node and
then click the Events tab.
Wait a few minutes for the RMON threshold for bytes received by the Core
switch on the client port to be exceeded. The event will be sourced from the
Core switch as an enterprise-specific trap with a critical severity level.
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command Description
copy running-config tftp <ip-address> Copies the running configuration file to a TFTP
<filename> server
Objectives
After completing this activity you will be able to:
Configure a port trunk between two switches
Verify operation of the port trunk
Overview
ProCurve University is expecting that the links connecting the core switch to the
edge switches will require additional bandwidth to support increasing use of
convergence technologies, data warehousing, and system backups. In this lab
exercise, you will implement three port trunks to increase the capacity of the links
between the switches. You will configure a port trunk between the Core switch
and Edge_1, one between the Core switch and Edge_2, and one between Edge_2
and Edge_3.
Link aggregation, which is also referred to as “trunking” or “load sharing”, is used
primarily to increase throughput between switches and maximize the efficiency of
available bandwidth. The connected ports forming a trunk can have differing
characteristics such as speed, flow control settings and media type. It is also very
important to remember that the links being added to form a port trunk are
disconnected or disabled while you are carrying out the configuration tasks to
avoid a broadcast storm on the network.
One common example of a trunk is to use multiple ports as a network backbone,
shuttling traffic to and from a building, for instance. Another example might be to
use a trunk to move large data files, such as graphics or video to/from a server
farm. This same scenario might apply to backups or data warehousing. In any case,
trunks provide increased bandwidth while allowing for increased efficiency
throughout the attached networks.
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will be implementing redundant uplinks between your
switches by configuring a port trunk using the switch CLI. You may select any
ports you prefer, but it is recommended that you use gigabit ports when available.
You will require three additional Ethernet cables for the redundant links.
Substitute your assigned group number for the “x” in each of the IP addresses.
Note
Depending on whether you performed the optional tasks in lab exercise
2, you may have previously configured a port on Edge_1 as an untagged
member of VLAN 10.
2. Connect the Windows client computer to the port you configured above.
3. Verify the Windows client computer is assigned an IP address in VLAN 10
using DHCP.
4. Verify you can ping the IP address of the Core switch in VLAN 10,
10.x.10.1, from the Windows client computer.
Note
Do not connect the ports representing the second link of a port trunk
with an Ethernet cable until the configuration is complete.
1. Using the CLI on the Core switch, define two ports as members of a static
LACP trunk that will connect to Edge_1. Use the “trunk” command to
create the static trunk. For example, use trk1 as the trunk name.
The network diagram illustrates the use of two gigabit ports as a trunk. If
you choose to aggregate 10/100 ports into a trunk, be sure to use ports that
are untagged members of VLAN 1 on both sides of the trunk and not
members of one of the user VLANs.
Use the CLI help or refer to the switch documentation provided on your
Windows computer for assistance with command syntax.
2. Using the CLI on Edge_1, define two ports as members of a static LACP
trunk that will connect to the Core switch. For example, use trk1 as the
trunk name.
3. From the CLI on Edge_1, verify that the Core switch is reachable.
4. Connect the second link of the trunk you defined between the two switches
using an available Ethernet cable.
Note
Ensure you use a trunk name that is different than the one used
previously. Otherwise, the ports will be added to the existing trunk. For
example, use trk2 as the trunk name.
3. On Edge_2, define two ports as members of a static LACP trunk that will
connect to the Core switch.
4. From the CLI on Edge_2, verify that the Core switch is reachable.
5. Connect the second link of the trunk you defined between the two switches
using an available Ethernet cable.
6. Verify that all switches in your group are available using the “show lldp info
remote” and “ping” commands.
7. From a command prompt on the Windows client computer, “ping” the IP
address of the Core switch in VLAN 20, 10.x.20.1, to verify connectivity has
been lost for VLAN 20.
8. Display a list of the VLANs defined on the Core and Edge_2 switches.
9. Display a list of the ports assigned to each VLAN.
10. Make the appropriate port VLAN assignments on both switches to enable
connectivity for hosts in VLAN 20 and 30.
11. From a command prompt on the Windows client computer, “ping” the IP
address of the Core switch in VLAN 20, 10.x.20.1, to verify connectivity has
been restored for VLAN 20.
12. From a command prompt on the Windows server computer, “ping” the IP
address of the Windows client computer to verify connectivity has been
restored for VLAN 20.
Note
Ensure you use a trunk name that is different than the one used
previously. Otherwise the ports will be added to the existing trunk. For
example, use trk3 as the trunk name.
3. On Edge_3, define two ports as members of a static LACP trunk that will
connect to Edge_2.
4. From the CLI on Edge_3, verify that Edge_2 is reachable.
5. Connect the second link of the trunk you defined between the two switches
using an available Ethernet cable.
6. Verify that all switches in your group are available using the “show lldp info
remote” and “ping” commands.
7. From a command prompt on the Windows client computer, “ping” the IP
address of the Core switch in VLAN 30, 10.x.30.1, to verify connectivity has
been lost for VLAN 30.
8. Display a list of the VLANs defined on the Edge_2 and Edge_3 switches.
9. Display a list of the ports assigned to each VLAN.
10. Make the appropriate port VLAN assignments on both switches to enable
connectivity for hosts in VLAN 20 and 30.
11. From a command prompt on the Windows client computer, “ping” the IP
address of the Core switch in VLAN 30, 10.x.30.1, to verify connectivity has
been restored for VLAN 30.
Rev. 8.41 L4.1 – 9
Adaptive EDGE Fundamentals
12. From a command prompt on the Windows server computer, ping the IP
address of the Windows client computer to verify connectivity has been
restored for VLAN 30.
Comment/
Switch
Filename
Core lab4.1_core
Edge_1 lab4.1_edge_1
Edge_2 lab4.1_edge_2
Edge_3 lab4.1_edge_3
3. Back up the configuration file of each switch from the CLI by transferring the
configuration file to the Windows client computer using TFTP.
Use the “copy” command and specify a filename for each switch from the
table above.
Optional task
Continue on with this optional task if you have completed the required section of
the lab exercise.
Note
For the IP address you need to specify an IP address of any device that
is on the other side of a trunk relative to the Windows client computer.
Although the TfGen window shows that utilization is expressed in Kbps, this
is not a literal measurement, so don't make the number so high that the links
will be saturated.
2. In the TfGen window, click Start to start the traffic flow.
3. Use the “show interface” command to view a snapshot of the port counters.
Since the CLI does not refresh dynamically, you will need to repeat the
command to see the port counters increment. Traffic is shared by
“conversation”. Because you have started only one conversation, the traffic
is not balanced over the links in the trunk.
4. To view the port counters dynamically, access the web interface and choose
“Port counters” from the “Status and Counters” submenu.
5. Without terminating the first instance of TfGen, start a second instance of
TfGen and specify a different IP address on the other side of the trunk as the
destination.
Because this is a second distinct conversation (source IP address/destination
IP address pair), it may be assigned to a different link in the trunk.
It is important to note that there is no guarantee the second conversation will
be assigned to a different link in the trunk compared to the first conversation.
However, conversations among a larger group of hosts are more likely to
result in evenly distributed traffic.
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command Description
show vlans Displays list of defined VLANs
vlan <vlan-id> tagged <port-list> Defines port list as tagged members of a VLAN
copy running-config tftp <ip-address> Copies the running configuration file to a TFTP
<filename> server
Objectives
After completing this activity you will be able to:
Configure RSTP
Verify operation of RSTP
View RSTP operational status and information
Overview
Now that additional links using port trunking have been put in place to address
bandwidth concerns, ProCurve University would like to have redundant links in
place in the event a trunk fails between a pair of switches. To address this issue,
you will use redundant links and the Rapid Convergence Spanning Tree Protocol
(RSTP).
In this lab exercise, you enable RSTP on your core and edge switches. Additional
links will be implemented to provide the necessary link redundancy. You will
then examine spanning tree detail, record the active path through the network, and
make any necessary configuration changes to enable user VLAN traffic to be
transported in the modified topology.
Note
At the instructor’s discretion, you may be given the option of performing either lab
exercise 4.2 or lab exercise 4.3.
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will be implementing RSTP and additional links for
redundancy. You will need to modify the Ethernet cabling among three of your
switches as indicated in the network diagram. You will be using the CLI to
perform all of the configuration tasks.
Substitute your assigned group number for the “x” in each of the IP addresses.
Spanning Tree
Switch
Bridge Priority
Core 1
Edge_1 2
Edge_2 2
Edge_3 3
2. On your four switches, force the version of spanning tree for RSTP operation.
Task 4. Add a redundant link and verify the state of each port
1. Connect the new link between Edge_1 and Edge_2 shown on the network
diagram below. Select any unused ports to connect the Ethernet cable.
Task 6. Add the second redundant link and verify the state of each
port
1. Connect the new link between Edge_1 and Edge_3 shown on the network
diagram below. Select any unused ports to connect the Ethernet cable.
Comment/
Switch
Filename
Core lab4.2_core
Edge_1 lab4.2_edge_1
Edge_2 lab4.2_edge_2
Edge_3 lab4.2_edge_3
3. Back up the configuration file of each switch from the CLI by transferring the
configuration file to the Windows client computer using TFTP.
Use the “copy” command and specify a filename for each switch from the
table above.
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command Description
show vlans <vlan-id> Displays tagged/untagged VLAN status of ports
vlan <vlan-id> tagged <port-list> Defines port list as tagged members of a VLAN
copy running-config tftp <ip-address> Copies the running configuration file to a TFTP
<filename> server
Objectives
After completing this activity you will be able to:
Configure MSTP
Verify operation of MSTP
View operational status and details of multiple MST instances
View operational status and details of the CST
Overview
Now that additional links using port trunking have been put in place to address
bandwidth concerns, ProCurve University would like to address the need for
redundant links in the event a trunk fails between a pair of switches. To address
this issue, you will use redundant links and the Multiple Spanning Tree Protocol
(MSTP) to improve network availability for the ProCurve University environment.
In contrast to how RSTP operates, ProCurve University management would like to
investigate how MSTP could be used to help distribute user VLAN traffic more
efficiently across the network. Instead of having all user VLAN traffic traverse a
common spanning tree as it does when using RSTP, MSTP will be deployed with
multiple MST instances to distribute traffic load based on VLANs. The switches
will map two of the user VLANs to one MST instance and the remaining VLAN to
the other MST instance.
The tasks you perform include configuring parameters common to the MST
Region and parameters specific to each of two MST instances. After defining MST
parameters, you will examine MST operational status and other detailed
information using CLI commands.
Note
At the instructor’s discretion, you may be given the option of performing either lab
exercise 4.2 or lab exercise 4.3.
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will be implementing MSTP with two MST instances.
You will need to modify the Ethernet cabling among your four switches as
indicated in the network diagram. The Core switch will be configured as the Root
Bridge of MST instance 1 and Edge_2 will be configured as the Root Bridge of
MST instance 2. You will be using the CLI to perform all of the configuration
tasks.
Substitute your assigned group number for the “x” in each of the IP addresses.
Task 1. Tag the currently connected ports to carry all user VLANs
1. Verify each of the user VLANs have all currently connected ports of the
trunks as tagged members. Make any configuration changes that may be
necessary.
Spanning Tree
Switch
Bridge Priority
Core 1
Edge_1 2
Edge_2 2
Edge_3 3
2. On each of your four switches, configure spanning tree for MSTP operation.
3. Save your configuration and reboot each switch for MSTP to become active.
Parameter Value
config-name procurve
config-revision 1
Note
All switches in your group will be members of the same MSTP Region and
therefore must have the same region configuration parameters.
2. Associate user VLANs with MST instances on each of your switches using
the following settings:
Instance VLANs
1 10
2 20 and 30
3. Configure Bridge Priorities for each MST instance on the switches that will
function as the Root Bridges using the following settings:
Edge_1 1 1
Edge_1 2 2
Edge_2 1 2
Edge_2 2 1
Task 5. Add a redundant link and verify the state of each port
1. Connect the new link between Edge_1 and Edge_2 shown on the network
diagram at the beginning of the lab. Select any unused ports to connect the
Ethernet cable.
Note
For MSTP, the default setting of each port is “non-edge” port, i.e., the
port is assumed to be used for a switch-to-switch link. In contrast, for
RSTP, the default is “edge” port, i.e., the port is assumed to be used for
connectivity to an end station.
Therefore, you can use the default MSTP setting for the ports of the two
new switch-to-switch links you add in this lab exercise.
2. View the spanning tree details for MST instance 1 on each of your switches.
3. Record the Regional Root MAC Address reported by each of the switches.
Core
Edge_1
Edge_2
Edge_3
4. Verify that all four switches agree that Edge_1 is the Root Bridge of MST
instance 1.
5. Using the output from the “show span instance 1” command, record the state
of each port on the network diagram below using “F” to indicate forwarding
or “B” to indicate blocking
6. View the spanning tree details for MST instance 2 on each of your switches.
7. Verify that all four switches agree that Edge_2 is the Root Bridge of MST
instance 2.
8. Using the output from the “show span instance 2” command, record the state
of each port on the network diagram below using “F” to indicate forwarding
or “B” to indicate blocking.
Task 7. Add the second redundant link and verify the state of each
port
1. Connect the new link between Edge_1 and Edge_3 shown on the network
diagram at the beginning of the lab. Select any unused ports to connect the
Ethernet cable.
2. View the spanning tree details for MST instance 1 on each of your switches.
3. Using the output from the “show span instance 1” command, record the state
of each port on the network diagram below using “F” to indicate forwarding
or “B” to indicate blocking
4. View the spanning tree details for MST instance 2 on each of your switches.
5. Using the output from the “show span instance 2” command, record the state
of each port on the network diagram below using “F” to indicate forwarding
or “B” to indicate blocking.
Comment/
Switch
Filename
Core lab4.3_core
Edge_1 lab4.3_edge_1
Edge_2 lab4.3_edge_2
Edge_3 lab4.3_edge_3
3. Back up the configuration file of each switch from the CLI by transferring the
configuration file to the Windows client computer using TFTP.
Use the “copy” command and specify a filename for each switch from the
table above.
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command Description
show vlans <vlan-id> Displays tagged/untagged VLAN status of ports
vlan <vlan-id> tagged <port-list> Defines port list as tagged members of a VLAN
spanning-tree config-revision <number> Defines the revision number of the MST region
copy running-config tftp <ip-address> Copies the running configuration file to a TFTP
<filename> server
Objectives
After completing this activity you will be able to:
Enable HP Switch Meshing
Verify operation of HP Switch Meshing
Overview
Up to this point you have investigated how network capacity between switches can
be improved using HP port trunking and multiple links. You have also deployed
either RSTP or MSTP with redundant paths to address network availability.
In this activity, you will examine an alternative approach to Layer 2 redundancy,
HP Switch Meshing, which can also support redundant paths in a network, but
with an important difference. With HP Switch Meshing, the alternative paths can
be used concurrently rather than be blocked by a spanning tree protocol. This
capability will enable ProCurve University to use the available bandwidth more
efficiently.
Before you actually move forward with implementing HP switch meshing, there
are various changes that you will need to make to the lab environment in terms of
the switch configurations and physical connections. These changes are necessary
for this lab scenario, because of two factors. The first factor is IP routing and HP
switch Meshing cannot be enabled concurrently on a ProCurve switch. The second
factor is the switch that you are using as Edge_3 (2610 series) does not support HP
Switch Meshing.
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will be implementing HP Switch Meshing on the Core,
Edge_1, and Edge_2 switches using the CLI. Edge_3, a 2610 series switch, does
not support HP Switch Meshing and so will not participate in the mesh. The IP
routing support will be “moved” from the Core switch to Edge_3 because IP
routing and HP switch Meshing cannot be enabled concurrently on a ProCurve
switch.
Edge_3 will forward IP traffic on behalf of users connected to VLANs 10, 20, and
30. RSTP (if lab 4.2 was completed) or MSTP (if lab 4.3 was completed) will
remain enabled since redundant paths exist between Edge_3 and the other two
edge switches.
Substitute your assigned group number for the “x” in each of the IP addresses.
Note
Due to the various IP addressing and Ethernet cabling changes you will
be making, it is recommended you access the CLI of each switch
directly using the console port instead of a Telnet connection.
1. Remove the IP address assigned to each user VLAN—VLANs 10, 20 and 30.
2. Remove IP routing.
3. Specify a default gateway IP address identifying the Edge_3 switch, 10.x.1.4.
4. Change the common spanning tree bridge priority to 2.
10 10.X.10.1/24 10.X.1.10
20 10.X.20.1/24 10.X.1.10
30 10.X.30.1/24 10.X.1.10
3. Enable IP routing.
4. Change the common spanning tree bridge priority to 1.
Note
Any ports configured in previous lab exercises can remain unchanged.
In most cases, you will be disconnecting the Ethernet cables from those
ports and using them to connect the additional ports you configure in
this task.
Note
The single link connecting Edge_1 to Edge_3 and the links of the port
trunk connecting Edge_2 to Edge_3 remain in place.
Note
If you show the list of ports in VLAN 1, you will see that the “Mesh”
entry is also tagged in this VLAN.
2. Verify the Windows server and client computers can successfully ping the IP
address of Core, Edge_1 and Edge_2, and the four IP addresses of Edge_3. If
any of the systems are unreachable, resolve the problem before proceeding.
3. Verify the Windows client computer can acquire a DHCP-assigned IP
address in each user VLAN.
4. If you have RSTP running, then display the spanning tree information for the
CST instance on all four switches for the currently connected links.
Otherwise, skip this step.
5. If you have MSTP running, then display the spanning tree information for
MST instance 1 on all four switches. Otherwise, skip this step.
6. Record the state of each port on the network diagram below using “F” to
indicate forwarding or “B” to indicate blocking.
Note
For the IP address, specify an IP address of any device that is on the
other side of a mesh link relative to the Windows client computer.
Although the TfGen window shows that utilization is expressed in Kbps, this
is not a literal measurement, so don't make the number so high that the links
will be saturated.
4. In the TfGen window, click Start to start the traffic flow.
5. Use the “show interface” command to view a snapshot of the port counters.
To view the port counters dynamically, access the web interface and choose
“Port counters” from the “Status and Counters” submenu.
Task 10. Restore your switch configuration files from lab 4.2 or lab
4.3
In preparation for the next lab exercise, you will need to restore the configuration
file you saved at the end of either lab 4.2 or lab 4.3 to each of your switches.
1. Using either the Deploy Configuration tool of ProCurve Manager or the
TFTP server on the Windows client, restore the respective configuration file
to Core, Edge_1, Edge_2, and Edge_3.
Note
To avoid disconnecting your Telnet connection(s), it is recommended
that you perform this step progressing from the farthest switch to the
nearest switch relative to the Windows computer you are using.
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command Description
Displays common spanning tree information for
show spanning-tree <port-list>
a list of ports
vlan <vlan-id> tagged <port-list> Defines port list as tagged members of a VLAN
copy running-config tftp <ip-address> Copies the running configuration file to a TFTP
<filename> server
Objectives
After completing this activity you will be able to:
Perform the initial configuration of a Secure Router 7000dl
Configure passwords for serial console port, Telnet and privilege mode
access
Configure a WAN link that will use T1/E1 facilities and the Point-to-Point
protocol
Configure static routes to enable routing between your network and other
networks
Overview
ProCurve University is in the process of expanding geographically in the local
region by including a campus that has served as a separate community college in
the recent past. This expansion of the university will require deployment of a
Wide Area Network (WAN) link and two ProCurve Secure Router 7000dl series
systems. With the introduction of additional routers in the topology there is also
the need for the exchange of routing information. Initially, this will be
accomplished using static routes.
Deploying the Secure Router 7000dl will involve configuring one of its Ethernet
interfaces for local access and an E1/T1 interface that will support the Point-to-
Point (PPP) protocol for the WAN connection. A T1 connection is used primarily
in North America and Canada, whereas E1 is commonly used in locations. Since,
the ProCurve University main and remote campus locations comprise a routed
environment, either static routes will need to be defined or a dynamic routing
protocol such as Routing Information Protocol (RIP) or Open Shortest Path First
(OSPF) could be used. In this lab exercise, you will implement static routes. In a
later lab exercise you will implement dynamic routing.
Rev. 8.41 L5 – 1
Adaptive EDGE Fundamentals
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will configure a ProCurve Secure Router 7000dl labeled
Router. Router will connect to the instructor’s Secure Router 7000dl using a T1 (or
E1) crossover cable providing WAN connectivity between your network and the
instructor’s network.
Substitute your assigned group number for the “x” in each of the IP addresses.
L5 – 2 Rev. 8.41
Configuring WAN Connectivity
Parameter Setting
Data bits 8
Parity none
Stop bits 1
Note
Only one student will perform the configuration tasks on the Secure
Router 7000dl.
1. Using the console cable, connect your Windows computer to the Secure
Router 7000dl and start the Tera Term Pro or other terminal emulation
application you are using.
2. Press enter a few times and you should see a prompt similar to the following:
ProCurveSR7102dl>
Note
The CLI supports the use of command syntax shortcuts and
tab completion. To display a list of commands type “?”. To
see a list of options for a given command type a space and a
“?” after the command.
Rev. 8.41 L5 – 3
Adaptive EDGE Fundamentals
Note
In cryptography, MD5 (Message-Digest algorithm 5) is a widely-used
cryptographic hash function with a 128-bit hash value. MD5 is
commonly used with such facilities as the Challenge Handshake
Authentication Protocol (CHAP) and IPSec VPN tunnels. MD5 is
defined in RFC 1321.
L5 – 4 Rev. 8.41
Configuring WAN Connectivity
9. Access the global configuration context level and use the “do write
memory” command to commit the configuration changes to memory.
The “do” command provides a way to execute commands in other
configuration modes without taking the time to exit the current configuration
mode and enter the desired one.
Note
For the 7000dl series, it is necessary to commit password changes to the
startup configuration file stored on the compact flash.
Rev. 8.41 L5 – 5
Adaptive EDGE Fundamentals
L5 – 6 Rev. 8.41
Configuring WAN Connectivity
Note
The Ethernet ports on the 7000dl series must be activated before the
configured IP addresses can be used.
1. Access the Ethernet interface context of the port 1 using the “interface”
command.
The prompt should look like the following:
Router(config-eth 0/1)#
Note
Like other ProCurve switches, you can use CIDR notation when
assigning an IP address. One difference is that for the Secure Router
7000dl series you must insert a space between the IP address and the “/”
that precedes the number of mask bits.
Example: ip address 10.1.1.5 /24
3. Examine the interface status using the “do show interfaces ethernet
0/1” command.
Notice that the interface is indicated as “administratively down”. The
Ethernet ports on the 7000dl series must be explicitly enabled before they can
be used.
4. Enable Ethernet interface 1 using the “no shutdown” command.
5. Connect an Ethernet cable to the port labeled Eth 0/1 on the Secure Router
7000dl and the other end to an unused port on the Core switch that is an
untagged member of VLAN 1.
A message should be displayed in the console window indicating the
interface’s state has changed to up “INTERFACE_STATUS.eth 0/1
changed state to up”.
Rev. 8.41 L5 – 7
Adaptive EDGE Fundamentals
Note
You will be assigning a password for all the Telnet sessions (0 to 4), but
you can setup an distinct password for each session. By doing so, you
would need to know the association of a session number to its password.
L5 – 8 Rev. 8.41
Configuring WAN Connectivity
Note
At this point, you have configured three passwords. One password to
access the CLI through the console port, a second password to connect
through Telnet, and a third password for accessing the privilege mode
level. Privilege mode access is initiated using the enable command.
4. Save your configuration changes and close your out-of-band console session.
5. Now, you should be able to return to a Telnet session, login, and use the
enable command to access the privilege mode level.
Rev. 8.41 L5 – 9
Adaptive EDGE Fundamentals
Note
Time Division Multiplexing is assigned by a service provider. TDM
group assigns DS0 channels. A TDM group consists of some number of
DS0 channels from 1 to 24, with anything less than 24 implying
fractional T1 service. 24 channels multiplied by 64 Kbps is equal to 1.5
Mbps for full T1 service.
6. Check the status of the T1 interface again to examine the “up” status
information in more detail.
Rev. 8.41 L5 – 11
Adaptive EDGE Fundamentals
Note
Time Division Multiplexing is assigned by a service provider. TDM
group assigns DS0 channels. A TDM group consists of some number of
DS0 channels from 1 to 24, with anything less than 24 implying
fractional T1 service. 24 channels multiplied by 64 Kbps is equal to 1.5
Mbps for full T1 service.
2. View the running configuration and note the PPP interface configuration.
a. By default, what is the state of a newly created PPP interface?
_________________________________________________________
3. Assign the IP address and mask from the network diagram to the PPP
interface. Note that the mask is 29 bits, 255.255.255.248.
4. Bind the T1 interface to PPP using the “bind” command.
Several messages similar to the following should be displayed in the console
window indicating the interface’s state has changed to “up”.
The bind command creates a bind group which, as it sounds, binds the T1
physical interface with the virtual PPP interface and then considers the two as
one unique group.
Command syntax: bind <bind number (1-1024)> <physical interface type (t1
or e1)> <slot number>/<port number> <tdm* group number> <virtual
interface type (ppp or frame relay) > <virtual interface number (1-1024)>
5. Examine the PPP interface status using the “show interfaces” command.
6. Save your configuration changes.
L5 – 12 Rev. 8.41
Configuring WAN Connectivity
Rev. 8.41 L5 – 13
Adaptive EDGE Fundamentals
Note
Use the show ip route command throughout the remaining steps to
verify routing table entries and to help you in troubleshooting. There are
additional options that you can specify with the show ip route
command that you may find useful such as ‘static’, ‘connected’,
‘rip’, ‘summary’ (7000dl) and ‘table’ (7000dl).
The command will specify the instructor’s inside network as the destination
and the instructor’s PPP interface as the next hop.
Note
Remember, you must insert a space between the IP address and the “/”
that precedes the number of mask bits when using CIDR notation.
4. Try again to ping a device in the instructor’s inside network from Router.
a. Were you successful this time? _________
b. What do you think may be configured on the instructor’s router that tells
it where to respond to your ping request? ________________________
__________________________________________________________
L5 – 14 Rev. 8.41
Configuring WAN Connectivity
Using this route, you are telling the Core switch that the path to the
10.100.1.0/24 network is reached through the Ethernet interface of Router,
10.x.1.5.
7. Try again to ping a device in the instructor’s inside network from your
Windows server and client computers.
The ping from the Windows server computer should be successful.
a. Why was the ping from the Windows client computer unsuccessful?
_______________________________________________________
_______________________________________________________
_______________________________________________________
_______________________________________________________
b. Where do you need to add a route so that you can ping a device in the
instructor’s inside network from one of your user VLANs?
Hint: Examine the routing tables of Core and Router.
_______________________________________________________
_______________________________________________________
8. On Router, add one of the following routes based on the VLAN in which the
Windows client computer is located. Then, verify you can successfully ping
a device in the instructor’s inside network from your Windows client
computer?
Rev. 8.41 L5 – 15
Adaptive EDGE Fundamentals
Task 11. Use summary and default routes to reach other networks
To reach each of the networks of other student groups (10.x.1.0, 10.x.10.0, and so
forth), you could add a route for each network that includes the student group
number in the second octet of the route’s destination network. Alternatively, you
could use a shortcut approach that involves defining a summarized route.
1. On Router, add the following summary route.
a. Are there any potential negative aspects to using the summary route as
opposed to adding individual routes? ___________________________
__________________________________________________________
2. From Router, test connectivity by pinging devices in another student group’s
network.
In general, when the router receives a packet that it does not know how to forward,
it drops it. You can configure a default route, which allows the router to forward
all such packets toward a destination most likely to be able to route them.
To configure a default route, you define a route that has a destination IP address of
all zeros and a subnet mask of all zeros. The subnet of all zeros tells the router that
a packet’s IP address does not have to match any of the destination address bits of
the default route to be valid. Because the router attempts to match a packet’s
destination IP address to the most specific route, it will only use the default route
as the last choice.
Note
The addition of the default route on your router will be performed during the
“Configuring Dynamic Routing” lab. At that time, once all teams have
performed that task, you will be able to ping from your router to another
student group’s network.
3. On your Core switch, add a default route that specifies the IP address of
Router’s Ethernet interface as the gateway.
L5 – 16 Rev. 8.41
Configuring WAN Connectivity
4. From your Windows server and client computers, test connectivity to the
other student group networks by pinging the IP address of the other student
group’s Core switch.
Write the group number below when you receive a successful ping response,
implying that student group has completed the equivalent configuration tasks
on their side of the network.
10._____.1.1
10._____.1.1
10._____.1.1
10._____.1.1
10._____.1.1
10._____.1.1
5. From your Windows server and client computers, try using the “tracert”
command to follow the path from your source network to any of the other
student group networks.
Rev. 8.41 L5 – 17
Adaptive EDGE Fundamentals
Note
To use PCM to back up your Secure Router’s configuration file, you
must first configure SNMP on the Secure Router 7000dl and then
discover the device using PCM. See the optional task at the end of this
lab for the steps on how to do that.
Comment/
Switch
Filename
Core lab5_core
Router lab5_router
4. Back up the configuration file of the Router from the CLI by transferring the
configuration file to the Windows client computer using TFTP.
Note
The syntax of the “copy” command on the Secure Router 7000dl series
is different from that of the other ProCurve switches you have been
using during this course. Here is an example of the syntax for the
Secure Router 7000dl series:
L5 – 18 Rev. 8.41
Configuring WAN Connectivity
Optional Tasks
Continue on with these optional tasks if you have completed the required section
of the lab exercise.
Optional Task 13. Using the Web interface of the Secure Router
7000dl
In this task you configure the Secure Router 7000dl to allow access to the built-in
web interface and then use a browser to access the web interface.
1. From global configuration context level, enable the HTTP server using the
“ip” command.
2. Configure a username and password for the HTTP authentication realm using
the “username” command. Specify “procurve” for the username and
“password” for the password.
3. Save the configuration changes.
4. On your Windows computer, open a web browser and specify the IP address
of Router for the URL.
5. In the authentication realm dialog box, specify the username and password
you configured in the prior step.
6. After you acknowledge the registration window prompt, the ProCurve Secure
Router 7000dl main window appears.
Rev. 8.41 L5 – 19
Adaptive EDGE Fundamentals
7. Examine some of the options listed in the left pane of the main window. For
example, if you click “IP interfaces”, you should see the IP addresses you
defined for the Ethernet 0/1 and the PPP 1 interfaces.
L5 – 20 Rev. 8.41
Configuring WAN Connectivity
8. If you click “Route Table”, you should see the directly connected routes and
the static routes you added.
9. Close your browser window when you are done examining the web interface.
Rev. 8.41 L5 – 21
Adaptive EDGE Fundamentals
Optional Task 14. Using PCM to manage the Secure Router 7000dl
In this task you configure the Secure Router 7000dl to allow SNMP access so it
can be discovered by ProCurve Manager.
1. From global configuration context level, enable the SNMP agent using the
“ip” command.
2. Configure the SNMP community name as “public” for read-write access
using the “snmp-server” command.
3. Start ProCurve Manager and click Tools > Manual Discovery Wizard.
4. In the “Welcome to the Device Discovery Wizard” window, click Next.
5. In the “SNMP Version Selection” window accept the default of “SNMP
V2” and click Next.
L5 – 22 Rev. 8.41
Configuring WAN Connectivity
Rev. 8.41 L5 – 23
Adaptive EDGE Fundamentals
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command * Description
show running-config Displays the running configuration
L5 – 24 Rev. 8.41
Configuring WAN Connectivity
Command * Description
ping <ip-address> Pings an IP address
copy running-config tftp <ip-address> Copies the running configuration file of a switch to
<filename> a TFTP server
* All commands are applicable to the secure router and switches unless otherwise noted.
Rev. 8.41 L5 – 25
Configuring Dynamic Routing
Module 6 Lab
Objectives
After completing this activity you will be able to:
Configure routing switches to use RIP
Examine routing tables to determine the active path used to reach destinations
Implement alternate paths to a destination and examine how RIP selects the
preferred route
Modify RIP operation by adjusting the route metric
Overview
The next step for ProCurve University is to migrate from the initial use of static
routes for connectivity to the remote campus to the use of a RIP for their interior
network. RIP is not new technology and has been in fairly widespread use since
the early 1990’s. RIP allows for dynamic changes in network connectivity to occur
and for the network to recover and use alternate paths if they are available.
In this lab exercise, you will be deploying RIP so that your network can
dynamically adjust to topology changes such as a link-down condition where the
primary path to a destination is no longer available. RIP will automatically switch
to another available link, allowing the source and destination to reestablish
network connectivity.
As part of your task, you will be implementing an additional LAN link to the
instructor’s network. This additional link will serve as an alternative path to the
existing one that uses the WAN link to the instructor’s network and which was
implemented in the prior lab exercise.
Rev. 8.41 L6 – 1
Adaptive EDGE Fundamentals
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will be implementing RIP and examining the affects on
route selection when multiple paths exist to the same destination and how RIP
adjusts the route selection when a link in the primary path fails. RIP will be
enabled on the Core and Router routing switches. On Router, you will enable RIP
on the 10.x.1.0/24 network. On Core, you will enable RIP on VLANs 1 and 1x.
Substitute your assigned group number for the “x” in each of the IP addresses.
L6 – 2 Rev. 8.41
Configuring Dynamic Routing
Note
Be sure your routing table includes the default route highlighted in bold above.
If the default route is not added, you will not be able to ping across your router
to another student group’s network. As long as that student group has also
added the default route on their router.
Rev. 8.41 L6 – 3
Adaptive EDGE Fundamentals
Note
You must specify the mask using dotted-decimal quad notation, not a
prefix length format, because RIP does not support CIDR.
!
router rip
version 2
redistribute static
network 10.x.1.0 255.255.255.0
!
L6 – 4 Rev. 8.41
Configuring Dynamic Routing
Note
Unplugging a cable connected to a port used by a static route will only
temporarily disable that route. The route will be removed from the
routing table, however, when the port is reconnected, the route will be
inserted back into the routing table.
1. On Core, examine the static routes that are currently configured by listing the
routing table.
2. Remove the static routes to the 10.100.1.0 subnet and the default route using
the “no ip route” command.
3. At this point the routing table on Core should look similar to the following
where “x” will be replaced by your group number.
IP Route Entries
Rev. 8.41 L6 – 5
Adaptive EDGE Fundamentals
Note
You can enable RIP on VLAN 1 from within the RIP configuration
context (Core(rip)#) using a single command. Alternatively, you can
first access the VLAN configuration context (Core(vlan-1)#) and
then enable RIP.
router rip
exit
vlan 1
ip rip 10.x.1.1
exit
L6 – 6 Rev. 8.41
Configuring Dynamic Routing
IP Route Entries
The routing table on Router should look similar to the following where “x”
will be replaced by your group number.
Rev. 8.41 L6 – 7
Adaptive EDGE Fundamentals
3. From your Windows client computer, test connectivity using ping. Check to
see that devices in the instructor’s network as well as other student networks
are reachable.
For example, you should be able to ping the instructor’s WAN link IP
address (192.168.x.2) corresponding to your group number and those of the
other student groups. You should also be able to ping the VLAN 1, 10, 20,
and 30 IP addresses of the Core, Edge_1, Edge_2, Edge_3, and Router
systems in the networks of other students.
L6 – 8 Rev. 8.41
Configuring Dynamic Routing
Note
By default, the Secure Router increases the cost of a RIP route that is
learned on an interface. The Secure Router increases the cost by adding
one to the route's metric before storing the route. You can change the
amount that an individual VLAN interface adds to the metric of RIP
routes learned on the interface.
RIP considers a route with a metric of 16 to be unreachable. Use this
metric only if you do not want the route to be used. In fact, you can
prevent the switch from using a specific interface for routes learned
though that interface by setting its metric to 16.
Rev. 8.41 L6 – 9
Adaptive EDGE Fundamentals
Note
Substitute your group number for “x” in the VLAN identifier and the IP
address.
Remember, you can create the VLAN and assign the IP address from
within the RIP configuration context using a single command.
Alternatively, you can first access the VLAN configuration context and
then assign the IP address.
L6 – 10 Rev. 8.41
Configuring Dynamic Routing
Note
An additional VLAN is being added and RIP enabled on this VLAN to
expedite the time that RIP takes to send a triggered update when a
routing topology change occurs. The default route entry on Core,
learned via RIP, will be more quickly updated when the LAN link
associated with the new VLAN fails. In contrast, if you had assigned the
new LAN link to VLAN 1, then you would simply have to wait thirty
seconds or more for the switch to learn the new default path.
2. Connect an Ethernet cable from the port you assigned to VLAN 1x on Core
to the instructor’s switch. Ask the instructor which port on the instructor’s
switch you are to use to connect your Core switch.
Rev. 8.41 L6 – 11
Adaptive EDGE Fundamentals
Task 9. Observe updates to the routing tables with the new VLAN
1. Display the RIP routes in the routing table using the “show ip route
rip” command on Core. Indicate below, the differences in the routing table
compared to how the routing table appeared prior to connecting the second
link to the instructor’s network.
Include the default route, routes to destinations in the instructor’s network,
and routes to destinations in the networks of other students. Summarize the
routes to the other students’ networks by substituting the “x” for the second
octet.
Note
The number of routes in the instructor’s network may vary depending
on how the instructor has configured the switches.
2. Display the RIP routes in the routing table using the “show ip route
rip” command on Router and indicate the differences below.
L6 – 12 Rev. 8.41
Configuring Dynamic Routing
Rev. 8.41 L6 – 13
Adaptive EDGE Fundamentals
Comment/
Switch
Filename
Core lab6_core
Router lab6_router
4. Back up the configuration file of each switch from the CLI by transferring the
configuration file to the Windows client computer using TFTP.
Use the “copy” command and specify a filename for each switch from the
table above.
L6 – 14 Rev. 8.41
Configuring Dynamic Routing
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command * Description
show running-config Displays the running configuration
vlan <vlan-id> tagged <port-list> Defines port list as tagged members of a VLAN
copy running-config tftp <ip-address> Copies the running configuration file of a switch to
<filename> a TFTP server
* All commands are applicable to the secure router and switches unless otherwise noted.
Rev. 8.41 L6 – 15
Adaptive EDGE Fundamentals
L6 – 16 Rev. 8.41
Configuring Traffic Prioritization
Module 7 Lab
Objectives
After completing this activity you will be able to:
Enable simple, non-redundant connectivity and generate delay-sensitive
traffic by playing a video over the network
Simulate network congestion by manually configuring the link speed and
mode to 10 Mbps between your core and edge switches and observe any
impact this action may have on the delay-sensitive traffic
Use a traffic generator to add load to the network and observe any impact this
action might have on the delay-sensitive traffic.
Define policies at the edge of the network that will assign high priority to the
delay-sensitive traffic and observe any impact
Overview
ProCurve University would like to investigate how traffic prioritization can be
implemented on ProCurve switches for its delay-sensitive video conferencing
traffic. In this lab exercise, you will investigate how to configure Quality of
Service prioritization on your switches to ensure video traffic is given high
priority.
Rev. 8.41 L7 – 1
Adaptive EDGE Fundamentals
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
L7 – 2 Rev. 8.41
Configuring Traffic Prioritization
Note
It is recommended that only one student group has the role of the video
playback source while the other student group only has the role of the
video playback destination. Once the lab steps that follow are
completed, the roles can be reversed.
Rev. 8.41 L7 – 3
Adaptive EDGE Fundamentals
Note
After disconnection your links, please keep in mind that the XP client will be
isolated from Core and Edge_1. Therefore, in order to configure either of those
switches it will be necessary to use the serial cable.
L7 – 4 Rev. 8.41
Configuring Traffic Prioritization
Note
You will need to constrain the inter switch link in your lab environment
so that you can introduce a sufficient traffic load and create a queuing
build-up. Then you will be able to actually demonstrate how QoS can
improve the video application performance.
2. On Core and Edge_1, add a new VLAN based on the information in the table
below.
IP Helper
Switch VLAN ID Name IP Address
Address
3. On Core and Edge_1, add the 10 Mbps FDX ports you configured above as
tagged members of VLAN 40.
4. Connect Core and Edge_1 through the 10 Mbps FDX ports you configured
above. Use one of the Ethernet cables that are currently disconnected.
Rev. 8.41 L7 – 5
Adaptive EDGE Fundamentals
Scope
IP Range Subnet Mask Router
Name
10.x.40.50 to /24 or
VLAN 40 10.x.40.1
10.x.40.150 255.255.255.0
3. Connect the Windows client computer to the VLAN 40 port on Edge_1 you
configured above. Verify the Windows client computer is assigned an IP
address in network 10.x.40.0/24.
L7 – 6 Rev. 8.41
Configuring Traffic Prioritization
Note
VLC is a free cross-platform media player available from
www.videolan.org. It also can be used as a server for unicast or
multicast streams in a high-bandwidth IPv4 or IPv6 network.
Rev. 8.41 L7 – 7
Adaptive EDGE Fundamentals
4. Double click this icon to run the media player application. The following
window appears.
6. Click the Browse button. Select the mapped network drive and the media
file.
L7 – 8 Rev. 8.41
Configuring Traffic Prioritization
7. Unless otherwise configured, the media stream will only play once. In the
menubar, click View > Playlist.
Rev. 8.41 L7 – 9
Adaptive EDGE Fundamentals
1. On the Windows server computer of the student group that is viewing the
video clip, start the TfGen program and configure the following options:
• Utilization rate: 10000
• Destination: 10.x.1.10
This is the IP address of your partner group’s Windows server
computer. Your partner group is the video playback source.
• Traffic pattern: Continuous and constant
2. In the TfGen window, click Start to start the traffic flow.
Note
Start TfGen on only one side initially.
3. Watch the video for a response. You should see the video playback
performance degrade.
L7 – 10 Rev. 8.41
Configuring Traffic Prioritization
40 7
40 7
The other student group should see the video playback performance improve.
5. Working with your partner group, take turns disabling and then re-enabling
QoS on the VLAN designated for prioritized traffic and view the results.
Rev. 8.41 L7 – 11
Adaptive EDGE Fundamentals
L7 – 12 Rev. 8.41
Configuring Traffic Prioritization
Comment/
Switch
Filename
Core lab7_core
Edge_1 lab7_edge_1
4. Back up the configuration file of each switch from the CLI by transferring the
configuration file to the Windows client computer using TFTP.
Use the “copy” command and specify a filename for each switch from the
table above.
Rev. 8.41 L7 – 13
Adaptive EDGE Fundamentals
L7 – 14 Rev. 8.41
Configuring Traffic Prioritization
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command Description
Sets the speed and duplex mode of the
interface <port-id> speed-duplex 10-full
specified port
vlan <vlan-id> qos priority <value> Sets the QoS priority value for traffic of a VLAN
copy running-config tftp <ip-address> Copies the running configuration file to a TFTP
<filename> server
Rev. 8.41 L7 – 15
Adaptive EDGE Fundamentals
L7 – 16 Rev. 8.41
Configuring the Access Point 530
Module 8 Lab 1
Objectives
After completing this activity you will be able to:
Access the ProCurve Access Point (AP) 530’s command line interface (CLI)
locally and remotely
Configure the IP address for the AP 530’s Ethernet interface
Secure access to management interfaces
Use the web interface to Configure your AP 530
Save an AP 530 configuration file to a Trivial File Transfer Protocol (TFTP)
server
Overview
ProCurve University is in the process of deploying wireless connectivity
throughout the main and remote campuses. You have been assigned the task of
developing familiarity with the installation and configuration of the ProCurve
Access Point 530.
In order to provide greater access to network resources for administrators, faculty,
and students, ProCurve University has decided to install a campus-wide wireless
network. To test the viability of providing wireless connectivity, they have decided
to set up a prototype wireless network in the student union. Since this network is
intended only for proof-of-concept purposes, the network will be left open to the
public and controlled with ACLs on VLAN 20. To implement this wireless
network you will need to do the following:
Connect the hardware components based on the network topology.
Verify your networks IP addressing and routing configuration and add the
access point to the appropriate VLAN
Set the country code, disable DHCP, assign an IP address, set the SSID,
adjust radio settings, and disable SNTP on the ProCurve Access Point 530
Configure the wireless client
Test wireless network connectivity.
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will be installing and configuring a ProCurve Access
Point 530. Your Windows client computer will require a wireless 801.11b/g
interface. For the initial setup of the Access Point 530, you connect your Windows
computer to the Access Point 530 using a ProCurve switch console cable.
You will be using the Access Point 530’s CLI and web interface to perform the
configuration tasks.
Substitute your assigned group number for the “x” in each of the IP addresses.
Note
At the factory default settings, the Access Point 530 first tries to obtain
an IP address using DHCP. If the access point is unable to obtain an IP
address using DHCP, the device will use IP address 192.168.1.1.
In this lab, you will disable DHCP and manually assign an IP address.
1. Use a serial cable to connect the COM port on the Windows XP station to the
console port on the back of the AP 530.
2. On the Windows XP station, use Tera Term Pro to open a terminal session
with the AP, using the following settings:
a. Select Serial.
b. Choose COM1 for the port.
c. Click OK.
d. Press Enter.
3. When prompted for your username and password, enter admin for both.
These are the default settings for the AP 530. (If the default password does
not work try password and then ask your instructor for the configured
password.)
Note
The prompt is displayed as follows:
ProCurve Access Point 530#
For simplicity, the labs will display the AP 530 prompt as:
ProCurve AP 530#
4. To ensure that the AP 530 is using the factory default settings, copy the
factory default file to the startup configuration.
ProCurve AP 530# copy factory-default startup-config
The CLI will notify you that the AP 530 is automatically rebooting.
5. After the AP 530 reboots, re-enter the default username and password to
again access the CLI.
6. You are now in the Exec privilege mode of the CLI. To get familiar with the
command structure, type “help”.
Note
The up and down arrow keys allow you to scroll through the history of
previously entered commands from which you can select one to repeat.
Note
If the “% Unrecognized Command” response is displayed, then the
country code has already been set or was preset at the time of shipment.
The country code is preset on the North American products and you will
not be able to modify this option on these units. For the worldwide
product, the country code is the first configuration task that must be
completed before any other tasks can be performed. Setting the country
code allows the radio to be enabled. Use the show system command
to verify the country code setting.
Note
If the IP address of the Access Point 530 is 192.168.1.1, then the access
point was unable to obtain an IP address using DHCP. If DHCP is
working properly, you should see an IP address in VLAN20 such as
10.X.20.50, or something similar.
2. Access the global configuration context level and configure the System Name
as Groupx, where x is your group number, using the “Hostname”
command.
The ProCurve AP 530 takes its management address from the address configured
on its Ethernet interface. By default, this interface receives a DHCP address. To
ensure that the AP always has the same IP address, the PCU administrators want to
assign the Ethernet interface a static IP address. Use this table to assign your
AP530 a static address, subnet mask and gateway.
Parameter Value
IP Address 10.x.20.20
Task 6. Using the web interface to configure the Access Point 530
In this task, you will use your Windows server computer to access the web
interface of the Access Point 530, since the Windows client computer will be used
as a wireless client in this lab exercise. For the remainder of this lab, you will use
the Web browser interface to configure the AP 530.
1. Open a Web browser on the Windows Server 2003 and enter the IP address
that you assigned your AP 530 as the URL:
http://10.x.20.20
2. Enter the username (admin) and password (procurve) to access the Web
browser interface.
1. On the AP 530, you will create the WLAN listed in the table below. Replace
x with the group number your instructor assigned you and your partner.
4. Configure the Groupx WLAN using the settings shown in the table at the
beginning of this section.
1. By default, the AP 530’s radios are disabled. To protect your network, you
should not enable the radios until you configure security for the WLANs. To
verify that the radios are disabled, click Network Setup > Radio.
2. As shown above, the Network Setup > Radio window shows the settings for
one radio at a time. To view the status for the other radio, select it from the
Radio drop-down menu.
3. Turn the Radio status to On and click update. Do this for both Radio 1 and
Radio 2.
Whenever you select Update, the AP 530 automatically saves your configurations
to the startup-config file from which it boots. You can also save a configuration in
a custom default file to be used as the baseline configuration for all APs in your
network. You can back up the startup-config or the custom default-config to a
remote server.
1. Open the Tftpd32 program on the Windows XP station.
2. In the Web browser interface for the AP 530, select Management > System
Maintenance.
3. Select the Configuration Files tab.
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command * Description
help Displays help information
Objectives
After completing this lab, you should be able to:
Access the web browser interface for the ProCurve Wireless Edge Services zl
Module
Ensure that the ProCurve Radio Ports (RPs) are automatically adopted
Configure wireless LANs (WLANs) on the Wireless Module
Overview
The ProCurve University (PCU) network administrators are ready to deploy the
Wireless LAN System into there campus. In this lab, you will explore the Web
browser interface for the Wireless Edge Service zl Module. You will configure a
WLAN for your group:
GroupX—for students and faculty
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
Task 1. Access the Web browser interface for the Wireless Edge
Services Module
1. Launch Internet Explorer from either your Windows XP workstation or
Windows Server system.
2. In the Address bar enter http://10.100.1.11 and press enter.
3. For the login enter the username manager and password procurve. Then
click login.
4. At this point take some time to become familiar with the available menu items
listed at the left of the window.
3. Under Radio Settings, in the Desired Power field, use the drop-down menu
to select 8 dB. On the Wireless Module, you set the transmit power as an
absolute value, and available settings are determined by both the channel you
select and the country code (which, of course, makes the RPs comply with
regulations in your area).
10. Next click on WLAN Setup and verify you are in the Configuration tab.
11. Click on Global Settings in the lower right hand corner and select or verify
that the Advanced Configuration option is checked, click OK.
1. In this task we will configure our GroupX Core 5400zl switch for our RP:
When you install the Wireless Edge Services Module into the 5400zl Switch, the
switch, by default, automatically creates the Radio Port VLAN (2100). Likewise,
the switch automatically detects RPs when they are connected to the network and
makes each RP’s switch port an untagged member of the Radio Port VLAN.
Note
For each Group’s 5400zl Switch to provide power for the RPs, you must make
sure the port to which you connect the RP are untagged members of VLAN
210x (we will accomplish this by using the auto-provision function of lldp).
You must also make sure the uplink port to the instructor’s 5400 on your
groups 5400zl Switch is a tagged member of VLAN 210x and 2x.
7. In the Web browser interface for the Wireless Module, click Network Setup
> Radio. The Configuration tab should be selected. This window displays
the RPs that the Wireless Module has adopted. If you are the first one to do
this step the window will be empty.
Both LEDs go off for a moment; then both If no error conditions have
illuminate for a few seconds. occurred, RP is communicating
with Wireless Module.
If one of the RPs experiences an error condition, verify that you have set the
country code.
9. Refresh the Network Setup > Radio window in the Wireless Module’s Web
browser interface. The RPs’ radios should be listed.
10. From your 5400zl console connection review the port you plugged your RP
into
Groupx 1 2x Open
1. Click Network Setup > WLAN Setup. You should be at the Configuration
tab.
d. Next select the box under Encryption for WPA/WPA2-TKIP and then
click on Config…
e. Under the Key Settings verify and select if needed the ASCII
Passphrase button and enter groupXwpa as the passphrase (where X is
your group number).
f. Click OK. You are returned to the Network Setup > WLAN Setup
window.
g. Click OK and you should be returned to the Network Setup > WLAN
Setup window.
By default, the WLANs are disabled. In a production environment, you should not
enable the WLANs until you have configured security for the WLANs.
Remember, however, that enabling a WLAN before you configure the security for
it is not a best practice.
3. Next you need to navigate to Network Setup > Radio and find the MAC
address for your RADIO1.
4. Once you locate your RADIO# MAC address highlight the one with
802.11bg listed under the type filed and click Edit.
5. Under Radio Descr. Enter GroupX and click OK
9. Next navigate to WLAN setup and Select the Groupx SSID and click Enable.
10. Click Save in the upper right corner to save your changes and click Yes and
OK to complete the save function.
3. Select the startup-config file and click View. Although you can view the
settings included in the startup-config, you cannot edit them from here. Click
Close.
Command Reference
The following commands are used in this lab. Refer to them as needed.
Command Description
Configure terminal Enters the global configuration mode
context
Ip address Set IP parameters for communication
within an IP network
Ip helper-address Add or remove a DHCP server IP address
for the VLAN.
Lldp auto-provision Configure various parameters related to
lldp automatic provisioning.
Show vlans Show status information for all VLANs
vlan <number> tagged <port #> Makes a port a tagged member of a VLAN
wireless-services <slot letter> Accesses the CLI for the Wireless Module
Objectives
After completing this activity you will be able to:
Use CLI commands to examine the network configuration and connectivity
Use the output from system status displays and the event log to assist in
troubleshooting
Use basic tools to diagnose network connectivity
Overview
For this lab exercise, your instructor introduces several problems to the equipment
in your student station. These problems can involve a range of possibilities from
misconfiguration errors, and physical connectivity and equipment failures.
Based on the presence of network reachability problems for your Windows
computers, you must determine why some communications is prevented and repair
the problems.
Objectives
After completing this activity you will be able to:
Apply the principles of a network design methodology to develop a basic
switched network
Identify the appropriate placement of various ProCurve networking
equipment to address high performance, high availability, and convergence
needs in an Adaptive Edge network
Overview
In this activity, your team will specify a network design solution based on a set of
requirements.
Rev. 8.41 L 10 – 1
Adaptive EDGE Fundamentals
Scenario
ProCurve University has two sites. The main campus consists of one building with
four floors and a remote campus has one building with two floors. The remote
campus is located several kilometers from the main campus.
The remote campus location is temporary and the personnel and associated
departments will eventually be moved to the main campus when a new building at
the main campus is completed.
Main campus
School of
4th School of Computer
floor Engineering Science
3rd
floor School of Computer Science
Remote campus
Security
1st 1st
floor Administration IT floor Administration IT
The general layout and locations of the wiring closets of each floor at the main and
remote campuses is shown below.
Wiring Wiring
closet closet
Main
entrance
Elevators`
The layout of the first floor at the main and remote campuses consists of office
space allocated to the university’s administration, IT, and security departments,
and storage areas. The typical build-out of the upper floors consists of classrooms,
some larger lecture auditoriums, library or research rooms, and faculty offices. IP
video surveillance cameras are installed in the primary common areas such as
building entrances, hallways, stairways, and elevator waiting areas.
L 10 – 2 Rev. 8.41
Network Design
Application support
The major applications supported by the network include the following:
The faculty of each department use video conferencing for distance learning
applications.
The IT department provides file and database backup services to the
departments at both campuses.
The computer science and engineering departments uses a variety of
bandwidth intensive and multimedia applications.
Rev. 8.41 L 10 – 3
Adaptive EDGE Fundamentals
Wireless APs 3
1
Security department monitors a total of 60 IP cameras installed in the building
L 10 – 4 Rev. 8.41
Network Design
The connectivity requirements for the remote campus are the following:
Rev. 8.41 L 10 – 5
Adaptive EDGE Fundamentals
Worksheets
Use the following worksheets to help organize and document your network design
solution. Two examples of the types of entries you may create are listed.
Example 530 AP NA Y NA
Main
Campus
Floor 1
Main
Campus
Floor 2
Main
Campus
Floor 3
Main
Campus
Floor 4
L 10 – 6 Rev. 8.41
Network Design
Remote
Campus
Floor 1
Remote
Campus
Floor 2
Rev. 8.41 L 10 – 7
Adaptive EDGE Fundamentals
L 10 – 8 Rev. 8.41
Configuration File Solutions
Appendix A
Lab 2: Core
hostname "Core"
time timezone -300
time daylight-time-rule Continental-US-and-Canada
module 1 type J8702A
interface A12
name "Edge_1"
exit
interface A23
name "Edge_2"
exit
ip routing
timesync sntp
sntp unicast
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged A1-A24
ip address 10.1.1.1 255.255.255.0
exit
vlan 10
name "VLAN10"
ip helper-address 10.1.1.10
ip address 10.1.10.1 255.255.255.0
tagged A12
exit
vlan 20
name "VLAN20"
ip helper-address 10.1.1.10
ip address 10.1.20.1 255.255.255.0
tagged A23
Lab 2: Edge_1
hostname "Edge_1"
time timezone -300
time daylight-time-rule Continental-US-and-Canada
module 1 type J86xxA
interface 12
name "Edge_2"
exit
ip default-gateway 10.1.1.1
timesync sntp
sntp unicast
sntp 30
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 1-14,16-24
ip address 10.1.1.2 255.255.255.0
no untagged 15
exit
vlan 10
name "VLAN10"
Lab 2: Edge_2
hostname "Edge_2"
time timezone -300
time daylight-time-rule Continental-US-and-Canada
module 1 type J86xxA
interface 12
name "Edge_1"
exit
ip default-gateway 10.1.1.1
timesync sntp
sntp unicast
sntp 30
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 1-14,16-24
ip address 10.1.1.3 255.255.255.0
no untagged 15
exit
vlan 20
name "VLAN20"
untagged 15
tagged 24
no ip address
exit
Lab 2: Edge_3
hostname "Edge_3"
time timezone -300
time daylight-time-rule Continental-US-and-Canada
interface 1
name "WinClient"
exit
interface 9
name "Edge_2"
exit
ip default-gateway 10.1.1.1
sntp server 10.1.1.10
timesync sntp
sntp unicast
logging 10.1.1.10
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 2-9
ip address 10.1.1.4 255.255.255.0
no untagged 1
exit
vlan 30
A – 10 Rev. 8.41
Appendix A
Rev. 8.41 A – 11
Adaptive EDGE Fundamentals
A – 12 Rev. 8.41
Appendix A
Rev. 8.41 A – 13
Adaptive EDGE Fundamentals
Rev. 8.41 A – 15
Adaptive EDGE Fundamentals
A – 16 Rev. 8.41
Appendix A
Rev. 8.41 A – 17
Adaptive EDGE Fundamentals
Rev. 8.41 A – 19
Adaptive EDGE Fundamentals
A – 20 Rev. 8.41
Appendix A
A – 22 Rev. 8.41
Appendix A
Rev. 8.41 A – 23
Adaptive EDGE Fundamentals
Lab 5: Core
hostname "Core"
time timezone -300
time daylight-time-rule Continental-US-and-Canada
module 1 type J8702A
interface A12
name "Edge_1"
exit
interface A23
name "Edge_2"
exit
trunk A13-A14 Trk1 LACP
trunk A23-A24 Trk2 LACP
ip routing
timesync sntp
sntp unicast
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged A1-A12,A15-A22,Trk1-Trk2
ip address 10.1.1.1 255.255.255.0
exit
vlan 10
name "VLAN10"
ip helper-address 10.1.1.10
ip address 10.1.10.1 255.255.255.0
tagged A12,Trk1-Trk2
exit
Rev. 8.41 A – 25
Adaptive EDGE Fundamentals
Lab 5: Edge_1
<<No changes>>
Lab 5: Edge_2
<<No changes>>
Lab 5: Edge_3
<<No changes>>
A – 26 Rev. 8.41
Appendix A
Lab 5: Router
!
!
hostname "RouterGroup2"
enable password md5 encrypted
5f4dcc3b5aa765d61d8327deb882cf99
!
clock timezone +2-Helsinki
!
ip subnet-zero
ip classless
ip routing
!
event-history on
no logging forwarding
no logging email
logging email priority-level info
!
no service password-encryption
!
!
no ip firewall alg h323
!
!
!
!
!
no autosynch-mode
no safe-mode
!
!
!
!
!
!
!
Rev. 8.41 A – 27
Adaptive EDGE Fundamentals
Lab 6: Core
hostname "Core"
time timezone -300
time daylight-time-rule Continental-US-and-Canada
module 1 type J8702A
Rev. 8.41 A – 29
Adaptive EDGE Fundamentals
Lab 6: Edge_1
<<No changes>>
Lab 6: Edge_2
<<No changes>>
Lab 6: Edge_3
<<No changes>>
Rev. 8.41 A – 31
Adaptive EDGE Fundamentals
Lab 6: Router
!
!
hostname "Router"
enable password md5 encrypted
5f4dcc3b5aa765d61d8327deb882cf99
!
!
ip subnet-zero
ip classless
ip routing
!
event-history on
no logging forwarding
no logging email
logging email priority-level info
!
no service password-encryption
!
username "procurve" password "password"
!
!
no ip firewall alg h323
ip firewall alg sip udp 5060
!
!
!
!
!
no autosynch-mode
no safe-mode
!
!
!
!
!
A – 32 Rev. 8.41
Appendix A
A – 34 Rev. 8.41
Appendix A
Lab 7: Core
hostname "Core"
time timezone -300
time daylight-time-rule Continental-US-and-Canada
module 1 type J8702A
interface A3
speed-duplex 10-full
exit
interface A12
name "Edge_1"
exit
interface A23
name "Edge_2"
exit
trunk A13-A14 Trk1 LACP
trunk A23-A24 Trk2 LACP
ip routing
timesync sntp
sntp unicast
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged A1-A12,A15-A22,Trk1-Trk2
ip address 10.1.1.1 255.255.255.0
exit
vlan 10
name "VLAN10"
Rev. 8.41 A – 35
Adaptive EDGE Fundamentals
Lab 7: Edge_1
hostname "Edge_1"
time timezone -300
time daylight-time-rule Continental-US-and-Canada
module 1 type J86xxA
interface 3
speed-duplex 10-full
exit
interface 12
name "Edge_2"
exit
trunk 13-14 Trk1 LACP
ip default-gateway 10.1.1.1
timesync sntp
sntp unicast
sntp 30
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 1-12,16-23,Trk1
ip address 10.1.1.2 255.255.255.0
Rev. 8.41 A – 37
Adaptive EDGE Fundamentals
Lab 7: Edge_2
<<No changes>>
Lab 7: Edge_3
<<No changes>>
Lab 8.1: Core
<<No changes>>
Lab 8.1: Edge_1
<<No changes>>
Lab 8.1: Edge_2
<<No changes>>
Lab 8.1: Edge_3
<<No changes>>
Lab 8.1: Router
<<No changes>>
Lab 8.1: Access Point 530
<<Configuration not included in this appendix>>
Lab 8.2: Core
hostname "Core"
time timezone -300
time daylight-time-rule Continental-US-and-Canada
module 1 type J8702A
interface A3
speed-duplex 10-full
exit
interface A12
name "Edge_1"
exit
interface A23
name "Edge_2"
Rev. 8.41 A – 39
Adaptive EDGE Fundamentals
A – 40 Rev. 8.41
Appendix A
Rev. 8.41 A – 41
Adaptive EDGE Fundamentals
A – 44 Rev. 8.41
Answers to Lab Questions
Appendix B
Lab 1.1
Task 1
a. Which privilege level have you entered? Manager
b. Now which privilege level have you entered? Operator
Task 2
a. What has the prompt changed to? switch-name(config)
b. What has the prompt changed to? switch-name(vlan-1)
c. What has the prompt changed to? switch-name(<int-name>-<port-id>),
the interface context level for the specified port.
d. What did you receive as output? hostname and help
e. What would you need to type to tab-complete the “hostname”
command? ho
Task 4
a. Do you have to save the switch configuration for the passwords to be
retained? No
Task 5
a. If you needed to change the IP address assigned to the VLAN, what
command would you have to enter before redefining the IP address? no
ip address <ip-address/mask>
Task 9
a. Were you allowed to establish a Telnet session? No
b. What was the response? Invalid password
c. What was the response? Access authorization level is set to ‘Operator’
only
Lab 1.2
Task 1
a. What is the command syntax that you would use?
copy flash flash secondary
Task 3
a. Was the password information lost when the configuration was erased?
No, the password configuration is not deleted.
Task 4
a. What is the “workingConfig” operating as? It is the Active, Primary
and Secondary configuration.
b. What is the active configuration file? secondaryconfig
c. Which boot image are you running? secondary software image
Task 7
What type of information is displayed using each of the following
commands?
a. Command: show interface? port counters
b. Command: show interface brief? port status
c. Command: show interface config? port settings
Task 8
a. What is the default AdminStatus of the ports? transmit and receive lldp
packets
Lab 2
Task 3
Note: The port identifiers indicated above may differ depending on your switch
model and configuration and your particular port selections.
Task 5
a. Should the port be tagged or untagged and why?
Untagged because the Windows computer does not support 802.1Q
packets.
b. Were you successful? No
c. If no, what additional configuration step must be completed?
Routing needs to be enabled on the Core switch.
Task 6
a. Were you successful?
The answer should be “No” unless you previously configured a default
gateway on the switches and Windows computers.
b. If you were not successful, what added configuration would be needed
for your Windows computer to pass their network traffic to networks
not in its local subnet?
Gateway information needs to be configured on the systems.
Task 8
a. On which switch or switches should this task be done?
Only the Core switch.
Lab 4.1
Task 3
a. Why was the connection lost? By looking at the running configuration,
it can be seen that the ports assigned to the trunk have been removed
from VLAN 10.
b. Why was this connection maintained? The Windows server computer is
in VLAN 1 and can ping the 10.x.10.1 IP address because its default
gateway is 10.x.1.1 – the IP address of the Core switch in VLAN 1.
Lab 4.2
Task 3
a. Based on the configured settings, which switch do you expect to be the
Root Bridge of the spanning tree? The Core switch since it has the
lowest bridge priority.
Task 5
a. Do all switches appear as neighbors? Yes
b. Why or why not? The spanning tree protocol ensures no loops exist, but
LLDP packets are allowed to be sent and received on ports in the
Blocked State.
Lab 4.3
Task 3
a. What are the VLAN mappings for the Internal Spanning Tree (IST)?
All VLANs defined on the switch.
b. Which switch is the Root of the CST? Core,.
c. What spanning tree configuration parameter in the running
configuration caused this switch to become the CST Root? Spanning-
tree priority 1
Task 6
a. Do all switches appear as neighbors? Yes
b. Why or why not? The spanning tree protocol ensures no loops exist, but
LLDP packets are allowed to be sent and received on ports in the
Blocked State.
Lab 5
Task 2
a. Are you able to read your configured password? No, because MD5 was
specified in the password command to encrypt the password.
b. Are you asked to provide a password? No
c. What is needed in the configuration to prompt for a password for an out-
of-band management session? The configuration for console 0 needs to
be changed from “no login” to “login”.
Task 6
a. Are you allowed to access the privilege mode? Why? No, a password
has not been set for privilege mode access using the “enable” command.
Task 8
a. By default, what is the state of a newly created PPP interface? The PPP
interface is down, i.e., it is set to “no shutdown”.
Task 10
a. Were you successful? No
b. Were you successful this time? Yes
c. What do you think may be configured on the instructor’s router that tells
it where to respond to your ping request? The instructor’s router is
preconfigured with static routes that specify the path to use to reach the
networks of each student group.
d. Were you successful from the Windows computers? Why? No. The
default gateway for the Windows computers is the Core switch, but the
Core switch does not have a routing table entry that specifies how to
reach the instructor’s network.
e. Why was the ping from the Windows client computer unsuccessful?
The windows client has a DHCP-assigned IP address corresponding to
one of the user VLANs, e.g., 10.x.30.50, and has a default gateway
identifying the user VLAN IP address on the Core switch, 10.x.30.1. So
the ping request is actually routed to the instructor’s inside network and
back to Edge_4, but there is no routing table entry on Edge_4 to return
the ping response to the network of your user VLAN.
f. Where do you need to add a route so that you can ping a device in the
instructor’s inside network from one of your user VLANs?
Hint: Examine the routing tables of Core and Edge_4.
A route for the network of each user VLAN would need to be added to
Edge_4.
Lab 5 (continued)
Task 11
a. Are there any potential negative aspects to using the summary route as
opposed to adding individual routes? A summarized route could
include subnets that are actually reachable through some other router
and therefore packets could be forwarded through the wrong gateway.
b. What does the command above do? This route specifies that the Core
switch will send all packets to Edge_4 for which the destination IP
address does not match any of its local networks.
Lab 6
Task 4
a. What command would you use to change the RIP version used on Core?
vlan 1 ip rip v2-only
Task 9
0.0.0.0/0 10.1.1x.2 1x 2
10.x.1.0/24 10.1.1x.2 1x 3
10.x.10.0/24 10.1.1x.2 1x 3
10.x.1x.0/24 10.1.1x.2 1x 2
10.x.20.0/24 10.1.1x.2 1x 3
10.x.30.0/24 10.1.1x.2 1x 3
10.1.100.0/24 10.1.1x.2 1x 2
10.1.101.0/24 10.1.1x.2 1x 2
10.x.1.0/24 10.1.1.1 3
10.x.10.0/24 10.1.1.1 3
10.x.1x.0/24 10.1.1.1 2
10.x.20.0/24 10.1.1.1 3
10.x.30.0/24 10.1.1.1 3
10.1.100.0/24 10.1.1.1 2
10.1.101.0/24 10.1.1.1 2
Lab 6 (continued)
Task 10
a. When the link is disconnected, what happens?
On Core and Router, the routes to the other students’ networks are
removed from the respective routing tables. In addition, on Core the
default route via the preferred LAN link is also removed. After the
settling period, the default route via the WAN link is reinserted into the
routing table on Core.
b. Then, when you reconnect, what happens?
On Core and Router, the routes to the other students’ networks are
reinserted into the respective routing tables. In addition, on Core the
default route is modified so that it uses the preferred LAN link once
again.
B – 10 Rev. 8.41
Appendix B
Lab 8.1
Task 2
a. What information is displayed? An explanation of the partial and full
help syntax.
b. What commands are displayed? bootfile, configure, copy, delete, dir,
exit, help, ping, reset and show.
c. What are your options? board, to operationally reset the access point,
and configuration, to reset access point’s configuration to the factory
default settings.
d. What files are stored in the flash memory? Two software image files
(hp530-xxxx.bin, the current running version of software, and dflt-
img.bin, a default version that cannot be deleted), and two configuration
files (syscfg, the current running configuration, and syscfg.bak, a
backup copy.
e. Which command is used to boot using a different software image?
bootfile
f. Which command identifies the software version?
show version
g. Which command displays system up time and IP settings?
show system
h. Which command is used to access the global configuration mode?
configure
i. What differences are there when you are in the global configuration
mode? You can execute basic configuration commands, such as prompt
and system name, and you can access other context levels such as the
management, Ethernet and wireless g interface levels.
j. What is the difference between the end and exit commands? “exit” will
return you to the Exec privilege mode, regardless of the current
configuration context level and “end” will return you to the prior
configuration context level.
Task 4
a. Which command displays the IP address of the Ethernet interface?
show interface Ethernet
Task 5
a. On the home page, what color is the status indicator and what is
indicated about the radio status? Status indicator is red and the radio is
disabled.
Rev. 8.41 B – 11
Adaptive EDGE Fundamentals
Task 6
a. How many stations are currently connected? There should be only one
unless a student from another group has connected to your access point.
b. If there is more than one station connected to your access point can it be
easily determined who the other clients are? No, the MAC addresses
listed would need to be used for comparison to the output from a
command like ipconfig /all on a client.
B – 12 Rev. 8.41
Step-by-Step Lab Guide
Appendix C
Rev. 8.41
Adaptive EDGE Fundamentals
Rev. 8.41
Enabling Remote Management
Module 1 Lab 1
Objectives
After completing this activity you will be able to:
Use the CLI to develop familiarity with the syntax of switch commands and
the different context levels.
Assign switch identities and passwords for the different privilege levels.
Assign an IP address to the switches to enable remote management.
Use the menu interface to configure switch features.
Explore the switch Setup screen and web management interface.
Note
Please note that the network topologies and approaches presented in this Lab
Activity Guide are developed to expedite learning of specific products and
solutions. Consequently, some of the approaches used here would not be
suitable for a production network and should not be considered best practices.
Students should not assume that all material presented here is appropriate for
implementation in their work environments. For instance, the instructions
suggest insecure passwords in many cases, as they are easier to remember and
use than more complex passwords. Similarly, this topology uses VLAN 1, the
Default VLAN, for device management, which may not be suitable for all
environments.
Overview
ProCurve University is in the process of upgrading their enterprise network and
has acquired several ProCurve switches that will be deployed in the main
administration building. Initially, the switches will support a small LAN
environment consisting of three LAN segments. To begin the deployment, you
will first need to develop familiarity with the command line, menu and web
interfaces supported by the switches for management and configuration tasks.
Initially, you will access the switch using the command line interface (CLI)
through a serial port (out-of-band) connection from a Windows computer.
Since these are new ProCurve switches they come with a minimal, factory default
configuration. As part of the process of developing familiarity with the switch
CLI, you perform a number of initial configuration tasks that are commonly done
by network engineers. One of the first configuration tasks to be done involves
implementing basic security for the switches. This will include assigning a
password to each of the privilege levels, operator and manager, and limiting in-
band management access from a particular IP address.
Another initial configuration task involves assigning an IP address to the switch’s
default VLAN, VLAN 1, which will serve as the management VLAN. After the
IP address has been assigned, you will be able access the switch over an in-band
connection using a Telnet client program on the Windows computer.
Note
Be sure to read the following instructions and background information before
starting the lab exercise.
Getting started
Equipment set
In this lab, you will work on your own or in a team of two students to configure
and physically connect the switches and workstations.
Your lab equipment includes two Windows computers, four ProCurve switches,
one ProCurve Access Point 530 and one ProCurve Secure WAN router. Initially,
the two Windows computers will be used for out-of-band (serial port connection)
access to two of the switches for the purpose of performing initial configuration
tasks. These tasks include assigning passwords to the operator and manager
privilege levels and an IP address to the management VLAN.
Later during this lab, the Windows computers will be used for in-band (Telnet)
access to the switches. For in-band management, the Windows computers should
have the Tera Term Pro or Microsoft HyperTerminal terminal emulator program
installed.
Parameter Setting
Data bits 8
Parity none
Stop bits 1
Note
For Microsoft HyperTerminal, ensure the “Function, arrow, and ctrl keys act
as Windows keys” parameter is disabled.
Addressing scheme
The classroom contains six groups of equipment, similar to that shown in the
diagram in the next section. Your instructor will assign a number to your student
group that will be used for substitution in various references to IP address and
hostnames in the lab exercises. For example, for the IP address 10.x.1.0/24, the
“x” in the second octet is used to represent your group number. If you are
assigned to group 1, then this IP address would be 10.1.1.0/24.
In addition, the third octet in each IP address is used to identify the VLAN to
which a device belongs. For example, the third octet in the IP address 10.1.1.0/24
implies it is associated with VLAN 1.
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will use the two edge switches labeled Edge_1 and
Edge_2 and the two Windows computers. Substitute your assigned group number
for the “x” in each of the IP addresses.
Note
If there are two students in your group, each of you can select one of the
switches labeled Edge_1 or Edge_2 and perform the activities of this
task independently.
2. On your desktop, double-click the Tera Term Pro icon or equivalent to run
the terminal emulation program. Press <Enter> several times to display the
prompt from the switch. It should appear similar to the following.
Note
If the output listing exceeds the screen size you will see the following
instructions.
-- MORE --, next page: Space, next line: Enter, quit:
Control-C
You can also type the letter “q” to return to the prompt.
10. Some commands have multiple choices that are needed to complete the
command. To view these choices you would type the top level command and
the “?” key with a space between to list the choices. For example, typing
“password ?” will list the available choices for that command.
ProCurve Switch 5406zl(config)# password ?
11. ProCurve switches also support command shortcuts by entering just enough
characters needed to make the command unique. Below is a table of some
commands with their meanings to practice with.
Note
You will receive an “Ambiguous input error” message if you do not
enter enough characters to make the command unique from others that
have the same initial sequence of characters.
Note
If you do NOT explicitly define a username for the Operator or Manager
privilege level, then the switch does not prompt you for a username
when accessing the respective privilege level. As you have seen, up to
this point the switch also has NOT prompted you for a password since
the factory default configuration is a null password.
Note
Although it is not necessary to define a default gateway for the switches
and Windows computers for traffic to flow correctly in this particular
lab, a default gateway will be required in later labs. More background
on VLANs and default gateways will be provided in later modules.
1. On the Edge_1 and Edge_2 switches you are managing, enter the VLAN 1
context level.
Edge_1# configure
Edge_1(config)# vlan 1
Repeat this command on Edge_2
2. Assign the IP addresses from the following table. Also, verify and/or
reconfigure the Windows computers to match the IP addresses listed in the
table below.
Device IP Address
Edge_1 10.x.1.2/24
Edge_2 10.x.1.3/24
Note
Substitute your group number for “x”.
Note
The port identifiers specified in the table are examples. Substitute a port
identifier of your choice that is appropriate for the switch model you are
using.
Note
At the bottom of some Switch Setup screens are navigation or edit
instructions, depending on whether you are navigating through the menu
items or within a configuration screen.
2. Move the cursor to the “Logon Default” field and press the space bar to
toggle through the choices.
3. Move the cursor to the “Time Sync Method” field and press the space bar to
toggle through the choices. Select ‘SNTP’.
4. Move the cursor to the “SNTP Mode” field. Notice this field name changed
based on the ‘Time Sync Method’ field value.
5. Press the space bar to toggle through the choices.
6. Press <Enter> to position the cursor in the Actions field. Select “Cancel” so
that any changes you may have made are not saved. Press <Enter> to exit the
Switch Setup screen and return to the CLI.
For more on using the Switch Setup screen, see the Installation and Getting
Started Guide for the associated switch.
Note
A good time saver when navigating through the menu interface is to try
and remember the numbering scheme to move through the menus to
arrive at your destination menu item more quickly.
For instance from the main menu, the number sequence “2 → 7 →3”
will take you to the VLAN Port Assignment screen and the number
sequence “2 → 6” will take you the IP Authorized Managers screen.
2. Select the “Switch Configuration” menu item and explore the menu listing
displayed which provides access to a variety of helpful switch information.
Menu interface: Type 2 to select “2. Switch Configuration”.
3. Navigate to the IP Authorized Managers screen. Add the IP address of your
Windows computer and select “Manager” for the Access Level. Then save
the configuration.
Note
To add a single station, the mask must be specified as 255.255.255.255.
Note
During the remaining steps of this task, you will need to coordinate with
your partner so that you synchronize the activities performed.
4. Open a Command Prompt and once again try to telnet to your partner’s
switch and attempt to log in using the manager level username and password.
To connect to Edge_1 from the Windows XP computer managing Edge_2:
C:> telnet 10.x.1.2
Username: manager
Password: <Type password>
Invalid password
Username:
To connect to Edge_1:
http://10.x.1.3
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command Description
show history Displays a list of previous commands
password operator user-name operator Defines operator level user name and password
password manager user-name manager Defines manager level user name and password
Objectives
After completing this activity you will be able to:
View the current and stored software revisions on a switch and upgrade
switch software.
Manage switch configuration files and use the multiple configurations
feature.
Enable SNTP services.
View event logs and implement a Syslog service.
View interfaces and define friendly port names.
View LLDP information.
Overview
As the network manager for ProCurve University, you realize it is important to
understand how to manage the switch system software and configuration files.
ProCurve University, like many IT organizations, has standard procedures that
must be followed for maintaining systems in the network. These procedures
include backing up configuration files on a scheduled basis, evaluating and
updating system images as a vendor releases them, and implementing syslog
facilities. Therefore, you will need to develop familiarity with the management of
configuration and system software files on the ProCurve switches.
In addition, you plan on continuing with several other initial configuration tasks.
These include configuring the switch to use a time server and syslog server and
modifying the port names to use a more user friendly scheme.
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will use the two edge switches labeled Edge_1 and
Edge_2 and the two Windows computers. Substitute your assigned group number
for the “x” in each of the IP addresses.
Note
While there are other TFTP programs available, TFTPd32 is used in
these lab exercises. This is a free TFTP program and can be
downloaded from the website at http://tftpd32.jounin.net.
3. Browse to the directory where the switch software is stored to establish that
directory as the TFTP root directory.
Note
Your instructor will provide a copy of the latest firmware for the
switches and their location on the Windows computers.
4. Using the CLI “copy” command, transfer the latest software image from the
TFTP server to the switch’s secondary flash location.
Edge_1# copy tftp flash 10.x.1.10 <remote file> secondary
Note
With the Primary/Secondary flash option you can test a new image in
your system without having to replace a previously existing image. You
can also use the image options for troubleshooting. For example, you
can copy a problem image into Secondary flash for later analysis and
place another, proven image in Primary flash to run your system. The
switch can use only one image at a time.
6. Use the “boot system flash secondary” command to reboot the switch with
the new software.
Edge_1# boot system flash secondary
Device will be rebooted, do you want to continue [y/n]? y
Switch Filename
Edge_1 lab1.1_edge_1
Edge_2 lab1.1_edge_2
You can view the progress of the transfer on the TFTP application window.
4. After the CLI prompt reappears, verify that the configuration was copied to
your Windows computer by using Windows Explorer.
On Edge_2, type:
HP ProCurve Switch 5304xl# configure
HP ProCurve Switch 5304xl(config)# vlan 1 ip address
10.x.1.3/24
4. Copy the lab1.1 instance of your switch’s configuration file from the TFTP
server on your Windows computer to your switch.
On Edge_1, type:
HP ProCurve Switch 5304xl# copy tftp startup-config 10.x.1.10
lab1.1_edge_1
Device may be rebooted, do you want to continue [y/n]? y
On Edge_2, type:
HP ProCurve Switch 5304xl# copy tftp startup-config 10.x.1.20
lab1.1_edge_2
Device may be rebooted, do you want to continue [y/n]? y
5. After the switch reboots, view the configuration and verify that the
previously configured hostname has been restored.
Verify the hostname has been restored by establishing a console session and
examining the CLI prompt.
Username: manager
Password: <Type password>
Edge_1#
Username: manager
Password: <Type password>
Edge_2#
Configuration files:
Note
If you see additional configuration files other than “oldConfig” or
“workingConfig” they may be from the previous class and will need to
be deleted so that a slot can be freed up.
You can delete a configuration file using the command below.
erase config <filename>
Note
At the first reboot with a software release supporting multiple
configurations, the switch does the following:
Assigns the filename oldConfig to the existing startup-config file
which is stored in memory slot 1.
Saves a copy of the existing startup-config file in memory slot 2
with the filename workingConfig.
Assigns the workingConfig file as the active and default
configuration for all subsequent reboots using either the primary
or secondary flash.
2. Go to the directory where you saved your startup-config and open it using a
text editor such as Notepad or WordPad. Add the text “Secondary” to the
hostname and then save the file as “secondaryconfig” in the same directory.
Note
When copying switch configuration files the filename must be exact.
This includes extensions if the file has one. Since you will have saved
this file using a new name, Notepad or WordPad will append the “.txt”
extension to the filename. Therefore, you will need to either rename the
file and remove the .txt extension or remember to specify the extension
when copying the file.
On Edge_2, type:
Edge_2# copy tftp config secondaryconfig 10.x.1.20
secondaryconfig
4. List and then view the configuration files located on the flash.
Edge_1# show config files
Edge_1# show config workingConfig
Edge_1# show config secondaryconfig
Note
This will assign the configuration file “secondaryconfig” to boot with
the secondary software image.
Configuration files:
Note
Only one of the Windows computers in your group will be running the
SNTP service. Use the Windows Server as the time server.
2. From the switch CLI, view the current time and SNTP settings on the switch.
Edge_1# show time
Edge_1# show sntp
4. From the global context level, enable events to be sent to a Syslog server by
using the “logging” command and specifying the Syslog server’s IP address.
On Edge_1, type:
Edge_1(config)# logging 10.x.1.10
On Edge_2, type:
Edge_2(config)# logging 10.x.1.10
5. Generate one or more events on the switch. You can do this, for example, by
disconnecting and then reconnecting the Ethernet cable between your two
switches.
Other ways to generate an event include starting a Telnet session and
changing the current time on the SNTP server computer.
6. You will be able to view the events as they happen in the “Syslog server” tab
of the TFTP application window. Also, view the text file you specified for the
Syslog server to use and verify that the events appear in that file.
7. From the CLI, type “reload” to reboot one of the switches. When the switch
becomes available, view the event log and verify that the events that occurred
before the reboot are no longer listed.
Edge_1(config)# reload
Device will be rebooted, do you want to continue [y/n]? y
Do you want to save current configuration [y/n]? y
Lists all log messages since the last reboot that have “system” in the text or
module name.
show logging -a system
Lists all log messages since the last reboot in reverse order.
show logging -r
Command
show interface
3. Define a friendly name for the port that connects the two switches together as
well as the port to which the Windows Computer is connected by using the
“interfaces <port-id> name <port-name >” command. Include the identity
of the switch on the other side of the link.
Note
The port identifiers specified in the CLI commands of this lab exercise
solution are examples. Substitute a port identifier of your choice that is
appropriate for the switch model you are using.
On Edge_1, type:
Edge_1(config)# interface 12 name Edge_2
On Edge_2, type:
Edge_2(config)# interface 12 name Edge_1
4. To see a list of ports, including their names, use the “show name” command.
You can also see friendly names per port when you view detailed port
counters.
Edge_1# show name
Edge_2# show name
To connect to Edge_1:
http://10.x.1.3
Note
As you progress through the subsequent labs and you start connecting more
switches, practice the “lldp” commands to view the information as your
network increases in size.
Switch Filename
Edge_1 lab1.2_edge_1
Edge_2 lab1.2_edge_2
Optional tasks
Continue on with these optional tasks if you have completed the required section
of the lab exercise.
On Edge_1, type:
Edge_1# copy command-output 'show run' tftp 10.x.1.10
Edge_1_showrun.txt
On Edge_2, type:
Edge_2# copy command-output 'show run' tftp 10.x.1.20
Edge_2_showrun.txt
Note
The command you specify can be enclosed in single or double quotation
marks.
3. View the file content sent to the TFTP server using Windows Explorer.
3. View the file content sent to the TFTP server using Windows Explorer.
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command Description
Displays version of currently active software
show version
image
show lldp info local-device Displays LLDP information of the local system
Command Description
logging <ip-address> Specifies the IP address of a Syslog server
interfaces <port-id> name <name> Defines a friendly port name for specified port
copy tftp flash <ip-address> <filename> Copies software image file from a TFTP server
secondary to secondary flash slot
copy startup-config tftp <ip-address> Copies the startup configuration file on flash to
<filename> a TFTP server
copy tftp startup-config <ip-address> Copies the named configuration file from a TFTP
<filename> server to startup-config on flash
copy command-output <’cli-command’> tftp Copies the output of the specified command to
<ip-address> <filename> the named file on a TFTP server
Objectives
After completing this activity you will be able to:
Add/Define VLANs
Enable IP routing on the core switch
Tag switch-to-switch links with the appropriate VLANs and verify
connectivity
Configure an IP helper address
Overview
At this point, as the network manager for ProCurve University you have developed
an overall familiarity with the essential tasks of locally and remotely managing a
ProCurve switch. You are now ready to take the next step and introduce an
additional ProCurve switch and deploy user VLANs. This additional switch will
be deployed as a core switch and will support routing between the user VLANs.
The addition of multiple VLANs into the network environment will allow for the
segmentation of traffic types. This segmentation will allow for easier management
as well as configuration of QoS policies in the future. For example, providing a
voice VLAN will provide a more solid foundation with higher call quality and
fewer dropped calls.
VLANs are utilized to create logical networks, maximizing physical connections;
grouping together users by application, geographical location or department
through port specifications. Alternatively, or in addition, protocol VLANs could
also be useful for similar purposes. For instance, one might wish to create a
VLAN to handle IPv4 traffic only, while creating an additional VLAN for IPv6
traffic. This would allow for easier administration, and where IPv6 may be a
phased rollout, this design would also allow for easier reporting, baselining and
capacity planning when adding new devices that will be configured for IPv6 only.
In this lab exercise you will deploy port-based VLANs.
In this hands-on activity you will perform basic configuration of four VLANs,
numbered 1, 10, 20 and 30. VLAN 1, the management VLAN, will be modified
on the Edge 1 and Edge 2 switches and initial configuration will be done on the
Core and Edge_3 switches. VLANs 10, 20 and 30 will serve as user VLANs and
will be added selectively to each of the switches.
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will use two additional switches labeled Core and Edge_3.
Note the following configuration changes:
Default gateway specification has been added to Edge_1, Edge_2, Edge_3,
and the Windows Server computer.
IP address assignment for Windows XP computer set to DHCP.
Ethernet cable between Edge_1 and Edge_2 has been removed. Windows
XP computer Ethernet cable connects to Edge_3.
Substitute your assigned group number for the “x” in each of the IP addresses.
Note
If there are two students in your group, each of you can select one of the
switches labeled Core or Edge_3 and perform the activities of this task
independently.
1. Connect a console cable from one of your Windows computers to the Core or
Edge_3 switch and establish a console session.
2. Since this is the first time you are accessing these switches, use the
“password” command to configure both a username and password for each
of the Operator and Manager privilege levels. Specify the usernames and
passwords from the following table.
Device IP Address
Core 10.X.1.1/24
Edge_3 10.X.1.4/24
Core(config)# vlan 1
Core(vlan-1)# ip address 10.x.1.1/24
Core(vlan-1)# exit
Edge_3(config)# vlan 1
Edge_3(vlan-1)# ip address 10.x.1.4/24
Edge_3(vlan-1)# exit
Note
The port identifiers specified in the CLI commands of this lab exercise
solution are examples. Substitute a port identifier of your choice that is
appropriate for the switch model you are using.
Edge_3(config)# int 9
Edge_3(eth-9)# name Edge_2
Edge_3(eth-9)# int 1
Edge_3(eth-1)# name WinClient
Edge_3(eth-1)# exit
Edge_3(config)# timesync sntp
Edge_3(config)# sntp server 10.x.1.10
Edge_3(config)# sntp unicast
Edge_3(config)# time timezone -<offset>
Edge_3(config)# time daylight-time-rule <location>
Edge_3(config)# logging 10.x.1.10
Note
In the steps that follow, divide the switch management responsibilities
with your partner. Ensure you do not attempt to edit a switch’s
configuration at the same time.
1. From one of the Windows computers, open a Telnet session with the core
switch using Tera Term Pro. Remember only one person in your group will
do this.
C:> telnet 10.x.1.1
Username: manager
Password: <Type password>
2. Access the global configuration level and define VLANs 10, 20, and 30 using
the “vlan <vlan-id>”command.
Core# configure
Core(config)# vlan 10
Core(vlan-10)# vlan 20
Core(vlan-20)# vlan 30
Core(vlan-30)# exit
4. You should see a listing of the newly created VLANs on the Core switch
similar to the following.
Note
Depending on the switch model you are using for the Core switch. The
column labeled Jumbo (indicating whether jumbo frame support is
enabled) may not be listed.
Additional notes:
We have been using the CLI, which is capable of configuring and displaying
both port-based and protocol-based VLANs. The Menu interface can ONLY
be used to configure and display port-based VLANs whereas ProCurve
Manager Plus can be used to configure and display both port-based and
protocol-based VLANs.
For additional information, refer to the ProCurve documentation for the
3500yl, 5400zl, 6200yl, and 8212zl series switches — static VLAN section
of the Advanced Traffic Management Guide and the Management and
Configuration Guide. This can be found at www.procurve.com/manuals.
Note
All remaining ports that are not explicitly referenced retain an
“untagged” status in VLAN 1.
2. Connect to the Core switch and use the “vlan <vid> tagged <port-list>”
command to tag the appropriate switch-to-switch ports.
Note
The port identifiers specified below are examples. Substitute a port
identifier of your choice that is appropriate for the switch model you are
using.
3. Use “show vlan <vid>” to examine the status of each tagged port.
Core(config)# show vlans 10
Core(config)# show vlans 20
Core(config)# show vlans 30
4. Connect to each of the Edge_1, Edge_2, and Edge_3 switches and access the
global configuration context level. Tag the switch-to-switch ports as
necessary, based on the network diagram and the table above.
Edge_1(config)# vlan 10 tagged 14
Edge_1(config)# show vlans 10
The table below summarizes some basic rules of port-based and protocol-based
VLANs in terms of untagged and tagged status. We have created port-based
VLANs in order to allow traffic to pass from one switch to another. A protocol-
based VLAN will generally require more planning due to the number of protocols
on the network and the variety of devices, applications, and end-users that may use
these protocols.
You should see one IP address is currently defined for VLAN 1, 10.x.1.1/24.
2. Define the additional IP addresses that are needed on the Core switch within
the appropriate VLAN context as indicated on the network diagram.
Core(config)# vlan 10 ip address 10.x.10.1/24
Core(config)# vlan 20 ip address 10.x.20.1/24
Core(config)# vlan 30 ip address 10.x.30.1/24
3. Do another “show ip” command to see the IP addresses that are NOW
defined on your Core switch.
Core(config)# show ip
Note
If you were not successful, use the previous steps to verify your
configuration. Also verify the tagged/untagged state of your switch-to-
switch links.
Note
The edge switches will remain configured as layer 2 switches. Do not
enable routing on the edge switches.
Core(config)# ip routing
2. Verify that the Core switch has a local path to the four networks by viewing
the IP route table. Use the “show ip route” command. You should see
information similar to the following where “x” is replaced with your group
number.
IP Route Entries
3. Using “ping”, test connectivity to the other subnets from your Windows
computers and switches.
C:>ping 10.x.1.1
Scope
IP Range Subnet Mask Router
Name
10.x.10.50 to /24 or
VLAN 10 10.x.10.1
10.x.10.150 255.255.255.0
10.X.20.50 to /24 or
VLAN 20 10.x.20.1
10.x.20.150 255.255.255.0
10.x.30.50 to /24 or
VLAN 30 10.x.30.1
10.x.30.150 255.255.255.0
2. Configure an IP helper address for VLAN 30. The IP helper address should
be that of the Windows Server running the DHCP service.
c. On which switch or switches should this task be done?
___________________
Use the command “ip helper-address 10.x.1.10”.
Core(config)# vlan 30 ip helper-address 10.x.1.10
Note
You only need to configure switches to the extent that VLAN 10 traffic
from the Windows XP computer can reach the Core switch. The Core
switch will be sending the DHCP messages to the Windows Server that
is located in VLAN 1.
C:>ping 10.x.10.1
C:>ping 10.x.20.1
C:>ping 10.x.30.1
C:>ping 10.x.1.1
C:>ping 10.x.1.10
Switch Filename
Core lab2_core
Edge_1 lab2_edge_1
Edge_2 lab2_edge_2
Edge_3 lab2_edge_3
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command Description
show vlans Displays list of defined VLANs
password operator user-name operator Defines operator level user name and password
password manager user-name manager Defines manager level user name and password
copy running-config tftp <ip-address> Copies the running configuration file to a TFTP
<filename> server
Note
There is not a step-by-step version of the Using ProCurve Manager Plus
lab exercise. Refer to the main section of the Lab Guide for this lab
exercise.
Objectives
After completing this activity you will be able to:
Configure a port trunk between two switches
Verify operation of the port trunk
Overview
ProCurve University is expecting that the links connecting the core switch to the
edge switches will require additional bandwidth to support increasing use of
convergence technologies, data warehousing, and system backups. In this lab
exercise, you will implement three port trunks to increase the capacity of the links
between the switches. You will configure a port trunk between the Core switch
and Edge_1, one between the Core switch and Edge_2, and one between Edge_2
and Edge_3.
Link aggregation, which is also referred to as “trunking” or “load sharing”, is used
primarily to increase throughput between switches and maximize the efficiency of
available bandwidth. The connected ports forming a trunk can have differing
characteristics such as speed, flow control settings and media type. It is also very
important to remember that the links being added to form a port trunk are
disconnected or disabled while you are carrying out the configuration tasks to
avoid a broadcast storm on the network.
One common example of a trunk is to use multiple ports as a network backbone,
shuttling traffic to and from a building, for instance. Another example might be to
use a trunk to move large data files, such as graphics or video to/from a server
farm. This same scenario might apply to backups or data warehousing. In any case,
trunks provide increased bandwidth while allowing for increased efficiency
throughout the attached networks.
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will be implementing redundant uplinks between your
switches by configuring a port trunk using the switch CLI. You may select any
ports you prefer, but it is recommended that you use gigabit ports when available.
You will require three additional Ethernet cables for the redundant links.
Substitute your assigned group number for the “x” in each of the IP addresses.
Note
Depending on whether you performed the optional tasks in lab exercise
2, you may have previously configured a port on Edge_1 as an untagged
member of VLAN 10.
2. Connect the Windows client computer to the port you configured above.
3. Verify the Windows client computer is assigned an IP address in VLAN 10
using DHCP.
4. Verify you can ping the IP address of the Core switch in VLAN 10,
10.x.10.1, from the Windows client computer.
C:>ping 10.x.10.1
Note
Do not connect the ports representing the second link of a port trunk
with an Ethernet cable until the configuration is complete.
1. Using the CLI on the Core switch, define two ports as members of a static
LACP trunk that will connect to Edge_1. Use the “trunk” command to
create the static trunk. For example, use trk1 as the trunk name.
The network diagram illustrates the use of two gigabit ports as a trunk. If
you choose to aggregate 10/100 ports into a trunk, be sure to use ports that
are untagged members of VLAN 1 on both sides of the trunk and not
members of one of the user VLANs.
Use the CLI help or refer to the switch documentation provided on your
Windows computer for assistance with command syntax.
Core(config)# trunk a13-a14 trk1 lacp
2. Using the CLI on Edge_1, define two ports as members of a static LACP
trunk that will connect to the Core switch. For example, use trk1 as the
trunk name.
Edge_1(config)# trunk 13-14 trk1 lacp
3. From the CLI on Edge_1, verify that the Core switch is reachable.
Edge_1(config)# ping 10.x.1.1
4. Connect the second link of the trunk you defined between the two switches
using an available Ethernet cable.
The ICMP echo request will not be successful because you lost your
connection with the switch after you issued the command to create the trunk.
a. Why was the connection lost? _________________________________
__________________________________________________________
3. From a command prompt on the Windows server computer, “ping” the IP
address of the Core switch in VLAN 10, 10.x.10.1.
C:>ping 10.x.10.1
• Connect the Windows client computer to the port you configured above.
• Verify the Windows client computer is assigned an IP address in VLAN
20 using DHCP
• Verify you can ping the IP address of the Core switch in VLAN 20,
10.x.20.1.
C:> ping 10.x.20.1
2. On the Core switch, define two ports as members of a static LACP trunk that
will connect to Edge_2.
The diagram illustrates the use of two gigabit ports as a trunk. If you choose
to aggregate 10/100 ports into a trunk, be sure to use ports that are untagged
members of VLAN 1 on both sides of the trunk and not members of one of
the user VLANs.
Note
Ensure you use a trunk name that is different than the one used
previously. Otherwise, the ports will be added to the existing trunk. For
example, use trk2 as the trunk name.
3. On Edge_2, define two ports as members of a static LACP trunk that will
connect to the Core switch.
Edge_2(config)# trunk c1-c2 trk2 lacp
4. From the CLI on Edge_2, verify that the Core switch is reachable.
Edge_2(config)# ping 10.x.1.1
5. Connect the second link of the trunk you defined between the two switches
using an available Ethernet cable.
6. Verify that all switches in your group are available using the “show lldp info
remote” and “ping” commands.
Core(config)# show lldp info remote-device
Core(config)# ping 10.x.1.2
Core(config)# ping 10.x.1.3
Core(config)# ping 10.x.1.4
10. Make the appropriate port VLAN assignments on both switches to enable
connectivity for hosts in VLAN 20 and 30.
Core(config)# vlan 20 tagged trk2
Core(config)# vlan 30 tagged trk2
11. From a command prompt on the Windows client computer, “ping” the IP
address of the Core switch in VLAN 20, 10.x.20.1, to verify connectivity has
been restored for VLAN 20.
C:>ping 10.x.20.1
12. From a command prompt on the Windows server computer, “ping” the IP
address of the Windows client computer to verify connectivity has been
restored for VLAN 20.
C:> ping 10.x.20.50
• Connect the Windows client computer to the port you configured above.
• Verify the Windows client computer is assigned an IP address in VLAN
30 using DHCP
• Verify you can “ping” the IP address of the Core switch in VLAN 30,
10.x.30.1.
C:> ping 10.x.30.1
2. On Edge_2, define two ports as members of a static LACP trunk that will
connect to Edge_3.
The diagram illustrates the use of two gigabit ports as a trunk. If you choose
to aggregate 10/100 ports into a trunk, be sure to use ports that are untagged
members of VLAN 1 on both sides of the trunk and not members of one of
the user VLANs.
Note
Ensure you use a trunk name that is different than the one used
previously. Otherwise the ports will be added to the existing trunk. For
example, use trk3 as the trunk name.
3. On Edge_3, define two ports as members of a static LACP trunk that will
connect to Edge_2.
Edge_3(config)# trunk 8-9 trk3 lacp
5. Connect the second link of the trunk you defined between the two switches
using an available Ethernet cable.
6. Verify that all switches in your group are available using the “show lldp info
remote” and “ping” commands.
Edge_2(config)# show lldp info remote-device
Edge_2(config)# ping 10.x.1.1
Edge_2(config)# ping 10.x.1.2
Edge_2(config)# ping 10.x.1.4
10. Make the appropriate port VLAN assignments on both switches to enable
connectivity for hosts in VLAN 20 and 30.
Edge_2(config)# vlan 30 tagged trk3
11. From a command prompt on the Windows client computer, “ping” the IP
address of the Core switch in VLAN 30, 10.x.30.1, to verify connectivity has
been restored for VLAN 30.
C:> ping 10.x.30.1
12. From a command prompt on the Windows server computer, ping the IP
address of the Windows client computer to verify connectivity has been
restored for VLAN 30.
C:> ping 10.x.30.50
Comment/
Switch
Filename
Core lab4.1_core
Edge_1 lab4.1_edge_1
Edge_2 lab4.1_edge_2
Edge_3 lab4.1_edge_3
3. Back up the configuration file of each switch from the CLI by transferring the
configuration file to the Windows client computer using TFTP.
Use the “copy” command and specify a filename for each switch from the
table above.
Optional task
Continue on with this optional task if you have completed the required section of
the lab exercise.
Note
For the IP address you need to specify an IP address of any device that
is on the other side of a trunk relative to the Windows client computer.
Although the TfGen window shows that utilization is expressed in Kbps, this
is not a literal measurement, so don't make the number so high that the links
will be saturated.
2. In the TfGen window, click Start to start the traffic flow.
3. Use the “show interface” command to view a snapshot of the port counters.
Since the CLI does not refresh dynamically, you will need to repeat the
command to see the port counters increment. Traffic is shared by
“conversation”. Because you have started only one conversation, the traffic
is not balanced over the links in the trunk.
4. To view the port counters dynamically, access the web interface and choose
“Port counters” from the “Status and Counters” submenu.
5. Without terminating the first instance of TfGen, start a second instance of
TfGen and specify a different IP address on the other side of the trunk as the
destination.
Because this is a second distinct conversation (source IP address/destination
IP address pair), it may be assigned to a different link in the trunk.
It is important to note that there is no guarantee the second conversation will
be assigned to a different link in the trunk compared to the first conversation.
However, conversations among a larger group of hosts are more likely to
result in evenly distributed traffic.
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command Description
show vlans Displays list of defined VLANs
vlan <vlan-id> tagged <port-list> Defines port list as tagged members of a VLAN
copy running-config tftp <ip-address> Copies the running configuration file to a TFTP
<filename> server
Objectives
After completing this activity you will be able to:
Configure RSTP
Verify operation of RSTP
View RSTP operational status and information
Overview
Now that additional links using port trunking have been put in place to address
bandwidth concerns, ProCurve University would like to have redundant links in
place in the event a trunk fails between a pair of switches. To address this issue,
you will use redundant links and the Rapid Convergence Spanning Tree Protocol
(RSTP).
In this lab exercise, you enable RSTP on your core and edge switches. Additional
links will be implemented to provide the necessary link redundancy. You will
then examine spanning tree detail, record the active path through the network, and
make any necessary configuration changes to enable user VLAN traffic to be
transported in the modified topology.
Note
At the instructor’s discretion, you may be given the option of performing either lab
exercise 4.2 or lab exercise 4.3.
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will be implementing RSTP and additional links for
redundancy. You will need to modify the Ethernet cabling among three of your
switches as indicated in the network diagram. You will be using the CLI to
perform all of the configuration tasks.
Substitute your assigned group number for the “x” in each of the IP addresses.
2. Verify the Windows client computer connected to Edge_3 can “ping” each of
the IP addresses of the user VLANs on the Core switch.
C:> ping 10.1.10.1
C:> ping 10.1.20.1
C:> ping 10.1.30.1
3. Verify the Windows client computer connected to Edge_3 and the Windows
server computer connected to Edge_1 can ping each other.
From the Window Server Computer
C:> ping 10.1.30.50
From the Windwos Client Computer
C:> ping 10.1.1.10
Spanning Tree
Switch
Bridge Priority
Core 1
Edge_1 2
Edge_2 2
Edge_3 3
2. On your four switches, force the version of spanning tree for RSTP operation.
Core(config)# spanning-tree force-version rstp-operation
2. Enable RSTP.
Core(config)# spanning-tree
Task 4. Add a redundant link and verify the state of each port
1. Connect the new link between Edge_1 and Edge_2 shown on the network
diagram below. Select any unused ports to connect the Ethernet cable.
Note
The port identifiers specified in the CLI commands of this lab exercise
solution are examples. Substitute a port identifier of your choice that is
appropriate for the switch model you are using.
3. On each switch, display the spanning tree information for all switch-to-switch
ports.
Core(Config)# show spanning-tree trk1,trk2
4. Record the state of each port on the previous network diagram using “F” to
indicate forwarding or “B” to indicate blocking.
• Repeat the ping tests and modify your switch configurations as needed
until all ping tests are successful.
C:> ping 10.1.10.1
C:> ping 10.1.20.1
C:> ping 10.1.30.1
• Repeat the ping tests and modify your switch configurations as needed
until all ping tests are successful.
C:> ping 10.1.10.1
C:> ping 10.1.20.1
C:> ping 10.1.30.1
Task 6. Add the second redundant link and verify the state of each
port
1. Connect the new link between Edge_1 and Edge_3 shown on the network
diagram below. Select any unused ports to connect the Ethernet cable.
3. On each switch, display the spanning tree information for all switch-to-switch
ports.
Core(config)# show spanning-tree trk1,trk2
Edge_1(config)# show spanning-tree trk1,9,7
Edge_2(config)# show spanning-tree trk2,trk3,9
Edge_3(config)# show spanning-tree trk3,7
4. Record the state of each port on the network diagram above using “F” to
indicate forwarding or “B” to indicate blocking.
• Repeat the ping tests and modify your switch configurations as needed
until all ping tests are successful.
C:> ping 10.1.10.1
C:> ping 10.1.20.1
C:> ping 10.1.30.1
• Repeat the ping tests and modify your switch configurations as needed
until all ping tests are successful.
C:> ping 10.1.10.1
C:> ping 10.1.20.1
C:> ping 10.1.30.1
Comment/
Switch
Filename
Core lab4.2_core
Edge_1 lab4.2_edge_1
Edge_2 lab4.2_edge_2
Edge_3 lab4.2_edge_3
3. Back up the configuration file of each switch from the CLI by transferring the
configuration file to the Windows client computer using TFTP.
Use the “copy” command and specify a filename for each switch from the
table above.
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command Description
show vlans <vlan-id> Displays tagged/untagged VLAN status of ports
vlan <vlan-id> tagged <port-list> Defines port list as tagged members of a VLAN
copy running-config tftp <ip-address> Copies the running configuration file to a TFTP
<filename> server
Objectives
After completing this activity you will be able to:
Configure MSTP
Verify operation of MSTP
View operational status and details of multiple MST instances
View operational status and details of the CST
Overview
Now that additional links using port trunking have been put in place to address
bandwidth concerns, ProCurve University would like to address the need for
redundant links in the event a trunk fails between a pair of switches. To address
this issue, you will use redundant links and the Multiple Spanning Tree Protocol
(MSTP) to improve network availability for the ProCurve University environment.
In contrast to how RSTP operates, ProCurve University management would like to
investigate how MSTP could be used to help distribute user VLAN traffic more
efficiently across the network. Instead of having all user VLAN traffic traverse a
common spanning tree as it does when using RSTP, MSTP will be deployed with
multiple MST instances to distribute traffic load based on VLANs. The switches
will map two of the user VLANs to one MST instance and the remaining VLAN to
the other MST instance.
The tasks you perform include configuring parameters common to the MST
Region and parameters specific to each of two MST instances. After defining MST
parameters, you will examine MST operational status and other detailed
information using CLI commands.
Note
At the instructor’s discretion, you may be given the option of performing either lab
exercise 4.2 or lab exercise 4.3.
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will be implementing MSTP with two MST instances.
You will need to modify the Ethernet cabling among your four switches as
indicated in the network diagram. The Core switch will be configured as the Root
Bridge of MST instance 1 and Edge_2 will be configured as the Root Bridge of
MST instance 2. You will be using the CLI to perform all of the configuration
tasks.
Substitute your assigned group number for the “x” in each of the IP addresses.
Task 1. Tag the currently connected ports to carry all user VLANs
1. Verify each of the user VLANs have all currently connected ports of the
trunks as tagged members. Make any configuration changes that may be
necessary.
Core(config)# show vlans ports trk1
Core(config)# show vlans ports trk2
Core(config)# vlan 10 tagged trk2
Core(config)# vlan 20 tagged trk1
Core(config)# vlan 30 tagged trk1
Spanning Tree
Switch
Bridge Priority
Core 1
Edge_1 2
Edge_2 2
Edge_3 3
2. On each of your four switches, configure spanning tree for MSTP operation.
Core(config)# spanning-tree force-version mstp-operator
3. Save your configuration and reboot each switch for MSTP to become active.
Core(config)# write memory
Core(config)# reload
Parameter Value
config-name procurve
config-revision 1
Note
All switches in your group will be members of the same MSTP Region and
therefore must have the same region configuration parameters.
Instance VLANs
1 10
2 20 and 30
3. Configure Bridge Priorities for each MST instance on the switches that will
function as the Root Bridges using the following settings:
Edge_1 1 1
Edge_1 2 2
Edge_2 1 2
Edge_2 2 1
Task 5. Add a redundant link and verify the state of each port
1. Connect the new link between Edge_1 and Edge_2 shown on the network
diagram at the beginning of the lab. Select any unused ports to connect the
Ethernet cable.
Note
For MSTP, the default setting of each port is “non-edge” port, i.e., the
port is assumed to be used for a switch-to-switch link. In contrast, for
RSTP, the default is “edge” port, i.e., the port is assumed to be used for
connectivity to an end station.
Therefore, you can use the default MSTP setting for the ports of the two
new switch-to-switch links you add in this lab exercise.
2. View the spanning tree details for MST instance 1 on each of your switches.
Core(config)# show spanning-tree instance 1
Edge_1(config)# show spanning-tree instance 1
Edge_2(config)# show spanning-tree instance 1
Edge_3(config)# show spanning-tree instance 1
3. Record the Regional Root MAC Address reported by each of the switches.
Core
Edge_1
Edge_2
Edge_3
4. Verify that all four switches agree that Edge_1 is the Root Bridge of MST
instance 1.
5. Using the output from the “show span instance 1” command, record the state
of each port on the network diagram below using “F” to indicate forwarding
or “B” to indicate blocking
6. View the spanning tree details for MST instance 2 on each of your switches.
Core(config)# show spanning-tree instance 2
Edge_1(config)# show spanning-tree instance 2
Edge_2(config)# show spanning-tree instance 2
Edge_3(config)# show spanning-tree instance 2
7. Verify that all four switches agree that Edge_2 is the Root Bridge of MST
instance 2.
8. Using the output from the “show span instance 2” command, record the state
of each port on the network diagram below using “F” to indicate forwarding
or “B” to indicate blocking.
If a ping fails, then the likely cause is that the ICMP echo request packet can
not traverse the spanning tree path that includes the new switch-to-switch link
because the new ports are not tagged members of VLAN 30.
If a ping is successful, then the ICMP echo request packet traversed a
spanning tree path that includes the previously implemented links of which
the ports are already tagged members of VLAN 30.
3. On Edge_1 and Edge_2, determine the tagged/untagged status of the ports
comprising the new switch-to-switch link.
Use the “show vlan ports <port-list>” command to determine which VLANs
the ports are members. Then use the “show vlans <vlan-id>” command to
determine the tagged/untagged status.
Edge_1(config)# show vlans ports 9
Edge_1(config)# show vlans 1
You should see that, by default, the new ports are not tagged members of any
VLAN, but they are untagged members of VLAN 1.
4. Configure the ports of the new switch-to-switch link on Edge_1 and Edge_2
as tagged members of VLAN 10, 20 and 30.
Edge_1(config)# vlan 10 tagged 9
Edge_1(config)# vlan 20 tagged 9
Edge_1(config)# vlan 30 tagged 9
Task 7. Add the second redundant link and verify the state of each
port
1. Connect the new link between Edge_1 and Edge_3 shown on the network
diagram at the beginning of the lab. Select any unused ports to connect the
Ethernet cable.
2. View the spanning tree details for MST instance 1 on each of your switches.
Core(config)# show spanning-tree instance 1
Edge_1(config)# show spanning-tree instance 1
Edge_2(config)# show spanning-tree instance 1
Edge_3(config)# show spanning-tree instance 1
3. Using the output from the “show span instance 1” command, record the state
of each port on the network diagram below using “F” to indicate forwarding
or “B” to indicate blocking
4. View the spanning tree details for MST instance 2 on each of your switches.
Core(config)# show spanning-tree instance 2
Edge_1(config)# show spanning-tree instance 2
Edge_2(config)# show spanning-tree instance 2
Edge_3(config)# show spanning-tree instance 2
5. Using the output from the “show span instance 2” command, record the state
of each port on the network diagram below using “F” to indicate forwarding
or “B” to indicate blocking.
If a ping fails, then the likely cause is that the ICMP echo request packet can
not traverse the spanning tree path that includes the new switch-to-switch link
because the new ports are not tagged members of VLAN 30.
If a ping is successful, then the ICMP echo request packet traversed a
spanning tree path that includes the previously implemented links of which
the ports are already tagged members of VLAN 30.
2. On Edge_1 and Edge_3, configure the ports of the new switch-to-switch link
as tagged members of VLAN 10, 20 and 30.
Edge_1(config)# vlan 10 tagged 7
Edge_1(config)# vlan 20 tagged 7
Edge_1(config)# vlan 30 tagged 7
Comment/
Switch
Filename
Core lab4.3_core
Edge_1 lab4.3_edge_1
Edge_2 lab4.3_edge_2
Edge_3 lab4.3_edge_3
3. Back up the configuration file of each switch from the CLI by transferring the
configuration file to the Windows client computer using TFTP.
Use the “copy” command and specify a filename for each switch from the
table above.
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command Description
show vlans <vlan-id> Displays tagged/untagged VLAN status of ports
vlan <vlan-id> tagged <port-list> Defines port list as tagged members of a VLAN
spanning-tree config-revision <number> Defines the revision number of the MST region
copy running-config tftp <ip-address> Copies the running configuration file to a TFTP
<filename> server
Objectives
After completing this activity you will be able to:
Enable HP Switch Meshing
Verify operation of HP Switch Meshing
Overview
Up to this point you have investigated how network capacity between switches can
be improved using HP port trunking and multiple links. You have also deployed
either RSTP or MSTP with redundant paths to address network availability.
In this activity, you will examine an alternative approach to Layer 2 redundancy,
HP Switch Meshing, which can also support redundant paths in a network, but
with an important difference. With HP Switch Meshing, the alternative paths can
be used concurrently rather than be blocked by a spanning tree protocol. This
capability will enable ProCurve University to use the available bandwidth more
efficiently.
Before you actually move forward with implementing HP switch meshing, there
are various changes that you will need to make to the lab environment in terms of
the switch configurations and physical connections. These changes are necessary
for this lab scenario, because of two factors. The first factor is IP routing and HP
switch Meshing cannot be enabled concurrently on a ProCurve switch. The second
factor is the switch that you are using as Edge_3 (2610 series) does not support HP
Switch Meshing.
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will be implementing HP Switch Meshing on the Core,
Edge_1, and Edge_2 switches using the CLI. Edge_3, a 2610 series switch, does
not support HP Switch Meshing and so will not participate in the mesh. The IP
routing support will be “moved” from the Core switch to Edge_3 because IP
routing and HP switch Meshing cannot be enabled concurrently on a ProCurve
switch.
Edge_3 will forward IP traffic on behalf of users connected to VLANs 10, 20, and
30. RSTP (if lab 4.2 was completed) or MSTP (if lab 4.3 was completed) will
remain enabled since redundant paths exist between Edge_3 and the other two
edge switches.
Substitute your assigned group number for the “x” in each of the IP addresses.
Note
Due to the various IP addressing and Ethernet cabling changes you will
be making, it is recommended you access the CLI of each switch
directly using the console port instead of a Telnet connection.
1. Remove the IP address assigned to each user VLAN—VLANs 10, 20 and 30.
Core(config)# no vlan 10 ip address 10.x.10.1/24
Core(config)# no vlan 20 ip address 10.x.20.1/24
Core(config)# no vlan 30 ip address 10.x.30.1/24
2. Remove IP routing.
Core(config)# no ip routing
10 10.X.10.1/24 10.X.1.10
20 10.X.20.1/24 10.X.1.10
30 10.X.30.1/24 10.X.1.10
3. Enable IP routing.
Edge_3(config)# ip routing
Note
Any ports configured in previous lab exercises can remain unchanged.
In most cases, you will be disconnecting the Ethernet cables from those
ports and using them to connect the additional ports you configure in
this task.
Note
The port identifiers specified in the CLI commands of this lab exercise
solution are examples. Substitute a port identifier of your choice that is
appropriate for the switch model you are using.
4. Connect the additional ports you just configured for Core, Edge_1, and
Edge_2 by using the Ethernet cables currently used for the port trunks. Refer
to the network diagram for the general layout.
Note
The single link connecting Edge_1 to Edge_3 and the links of the port
trunk connecting Edge_2 to Edge_3 remain in place.
Note
If you show the list of ports in VLAN 1, you will see that the “Mesh”
entry is also tagged in this VLAN.
2. Verify the Windows server and client computers can successfully ping the IP
address of Core, Edge_1 and Edge_2, and the four IP addresses of Edge_3. If
any of the systems are unreachable, resolve the problem before proceeding.
C:> ping 10.1.10.1
C:> ping 10.1.20.1
C:> ping 10.1.30.1
C:> ping 10.1.1.1
C:> ping 10.1.1.2
C:> ping 10.1.1.3
C:> ping 10.1.1.4
5. If you have MSTP running, then display the spanning tree information for
MST instance 1 on all four switches. Otherwise, skip this step.
Core(config)# show spanning-tree instance 1
6. Record the state of each port on the network diagram below using “F” to
indicate forwarding or “B” to indicate blocking.
Note
For the IP address, specify an IP address of any device that is on the
other side of a mesh link relative to the Windows client computer.
Although the TfGen window shows that utilization is expressed in Kbps, this
is not a literal measurement, so don't make the number so high that the links
will be saturated.
4. In the TfGen window, click Start to start the traffic flow.
5. Use the “show interface” command to view a snapshot of the port counters.
Core# show interface
Task 10. Restore your switch configuration files from lab 4.2 or lab
4.3
In preparation for the next lab exercise, you will need to restore the configuration
file you saved at the end of either lab 4.2 or lab 4.3 to each of your switches.
1. Using either the Deploy Configuration tool of ProCurve Manager or the
TFTP server on the Windows client, restore the respective configuration file
to Core, Edge_1, Edge_2, and Edge_3.
Note
To avoid disconnecting your Telnet connection(s), it is recommended
that you perform this step progressing from the farthest switch to the
nearest switch relative to the Windows computer you are using.
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command Description
Displays common spanning tree information for
show spanning-tree <port-list>
a list of ports
vlan <vlan-id> tagged <port-list> Defines port list as tagged members of a VLAN
copy running-config tftp <ip-address> Copies the running configuration file to a TFTP
<filename> server
Objectives
After completing this activity you will be able to:
Perform the initial configuration of a Secure Router 7000dl
Configure passwords for serial console port, Telnet and privilege mode
access
Configure a WAN link that will use T1/E1 facilities and the Point-to-Point
protocol
Configure static routes to enable routing between your network and other
networks
Overview
ProCurve University is in the process of expanding geographically in the local
region by including a campus that has served as a separate community college in
the recent past. This expansion of the university will require deployment of a
Wide Area Network (WAN) link and two ProCurve Secure Router 7000dl series
systems. With the introduction of additional routers in the topology there is also
the need for the exchange of routing information. Initially, this will be
accomplished using static routes.
Deploying the Secure Router 7000dl will involve configuring one of its Ethernet
interfaces for local access and an E1/T1 interface that will support the Point-to-
Point (PPP) protocol for the WAN connection. A T1 connection is used primarily
in North America and Canada, whereas E1 is commonly used in locations. Since,
the ProCurve University main and remote campus locations comprise a routed
environment, either static routes will need to be defined or a dynamic routing
protocol such as Routing Information Protocol (RIP) or Open Shortest Path First
(OSPF) could be used. In this lab exercise, you will implement static routes. In a
later lab exercise you will implement dynamic routing.
Rev. 8.41 L5 – 1
Adaptive EDGE Fundamentals
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will configure a ProCurve Secure Router 7000dl labeled
Router. Router will connect to the instructor’s Secure Router 7000dl using a T1 (or
E1) crossover cable providing WAN connectivity between your network and the
instructor’s network.
Substitute your assigned group number for the “x” in each of the IP addresses.
L5 – 2 Rev. 8.41
Configuring WAN Connectivity
Parameter Setting
Data bits 8
Parity none
Stop bits 1
Note
Only one student will perform the configuration tasks on the Secure
Router 7000dl.
1. Using the console cable, connect your Windows computer to the Secure
Router 7000dl and start the Tera Term Pro or other terminal emulation
application you are using.
2. Press enter a few times and you should see a prompt similar to the following:
ProCurveSR7102dl>
Note
The CLI supports the use of command syntax shortcuts and
tab completion. To display a list of commands type “?”. To
see a list of options for a given command type a space and a
“?” after the command.
Rev. 8.41 L5 – 3
Adaptive EDGE Fundamentals
Note
In cryptography, MD5 (Message-Digest algorithm 5) is a widely-used
cryptographic hash function with a 128-bit hash value. MD5 is
commonly used with such facilities as the Challenge Handshake
Authentication Protocol (CHAP) and IPSec VPN tunnels. MD5 is
defined in RFC 1321.
3. Access the “console line” context level using the “line” command.
The prompt should look like the following:
ProCurveSR7102dl(config-con0)#
5. View the running configuration and verify that your console password has
been set.
ProCurveSR7102dl(config-con0)# show running-config
L5 – 4 Rev. 8.41
Configuring WAN Connectivity
Note
For the 7000dl series, it is necessary to commit password changes to the
startup configuration file stored on the compact flash.
Rev. 8.41 L5 – 5
Adaptive EDGE Fundamentals
L5 – 6 Rev. 8.41
Configuring WAN Connectivity
Note
The Ethernet ports on the 7000dl series must be activated before the
configured IP addresses can be used.
1. Access the Ethernet interface context of the port 1 using the “interface”
command.
Router(config)# interface ethernet 0/1
Note
Like other ProCurve switches, you can use CIDR notation when
assigning an IP address. One difference is that for the Secure Router
7000dl series you must insert a space between the IP address and the “/”
that precedes the number of mask bits.
Example: ip address 10.1.1.5 /24
3. Examine the interface status using the “do show interfaces ethernet
0/1” command.
Router(config-eth 0/1)# do show interfaces ethernet 0/1
Rev. 8.41 L5 – 7
Adaptive EDGE Fundamentals
5. Connect an Ethernet cable to the port labeled Eth 0/1 on the Secure Router
7000dl and the other end to an unused port on the Core switch that is an
untagged member of VLAN 1.
A message should be displayed in the console window indicating the
interface’s state has changed to up “INTERFACE_STATUS.eth 0/1
changed state to up”.
L5 – 8 Rev. 8.41
Configuring WAN Connectivity
Note
You will be assigning a password for all the Telnet sessions (0 to 4), but
you can setup an distinct password for each session. By doing so, you
would need to know the association of a session number to its password.
3. Save your configuration and leave your console port session open for now.
Router(config-telnet0-4)# do write memory
Rev. 8.41 L5 – 9
Adaptive EDGE Fundamentals
Note
At this point, you have configured three passwords. One password to
access the CLI through the console port, a second password to connect
through Telnet, and a third password for accessing the privilege mode
level. Privilege mode access is initiated using the enable command.
4. Save your configuration changes and close your out-of-band console session.
Router(config)# do write memory
Router(config)# do logout
5. Now, you should be able to return to a Telnet session, login, and use the
enable command to access the privilege mode level.
C:> telnet 10.x.1.5
Password: ********
Router> enable
Password: ********
Router#
L5 – 10 Rev. 8.41
Configuring WAN Connectivity
Note
Time Division Multiplexing is assigned by a service provider. TDM
group assigns DS0 channels. A TDM group consists of some number of
DS0 channels from 1 to 24, with anything less than 24 implying
fractional T1 service. 24 channels multiplied by 64 Kbps is equal to 1.5
Mbps for full T1 service.
Rev. 8.41 L5 – 11
Adaptive EDGE Fundamentals
4. Examine the status of the T1 interface using the “do show interface t1
1/1” command.
Router(config-t1 1/1)# do show interface t1 1/1
L5 – 12 Rev. 8.41
Configuring WAN Connectivity
6. Check the status of the T1 interface again to examine the “up” status
information in more detail.
Router(config-t1 1/1)# do show interface t1 1/1
Rev. 8.41 L5 – 13
Adaptive EDGE Fundamentals
Note
Time Division Multiplexing is assigned by a service provider. TDM
group assigns DS0 channels. A TDM group consists of some number of
DS0 channels from 1 to 24, with anything less than 24 implying
fractional T1 service. 24 channels multiplied by 64 Kbps is equal to 1.5
Mbps for full T1 service.
2. View the running configuration and note the PPP interface configuration.
Router(config-ppp 1)# do show run
L5 – 14 Rev. 8.41
Configuring WAN Connectivity
The bind command creates a bind group which, as it sounds, binds the T1
physical interface with the virtual PPP interface and then considers the two as
one unique group.
Command syntax: bind <bind number (1-1024)> <physical interface type (t1
or e1)> <slot number>/<port number> <tdm* group number> <virtual
interface type (ppp or frame relay) > <virtual interface number (1-1024)>
5. Examine the PPP interface status using the “show interfaces” command.
Router(config-ppp 1)# do show interfaces ppp 1
Rev. 8.41 L5 – 15
Adaptive EDGE Fundamentals
L5 – 16 Rev. 8.41
Configuring WAN Connectivity
Note
Use the show ip route command throughout the remaining steps to
verify routing table entries and to help you in troubleshooting. There are
additional options that you can specify with the show ip route
command that you may find useful such as ‘static’, ‘connected’,
‘rip’, ‘summary’ (7000dl) and ‘table’ (7000dl).
The command will specify the instructor’s inside network as the destination
and the instructor’s PPP interface as the next hop.
Note
Remember, you must insert a space between the IP address and the “/”
that precedes the number of mask bits when using CIDR notation.
Rev. 8.41 L5 – 17
Adaptive EDGE Fundamentals
4. Try again to ping a device in the instructor’s inside network from Router.
Router(config)# ping 10.100.1.254
Using this route, you are telling the Core switch that the path to the
10.100.1.0/24 network is reached through the Ethernet interface of Router,
10.x.1.5.
Core(config)# ip route 10.100.1.0/24 10.x.1.5
7. Try again to ping a device in the instructor’s inside network from your
Windows server and client computers.
C:> ping 10.100.1.254
L5 – 18 Rev. 8.41
Configuring WAN Connectivity
8. On Router, add one of the following routes based on the VLAN in which the
Windows client computer is located. Then, verify you can successfully ping
a device in the instructor’s inside network from your Windows client
computer?
Rev. 8.41 L5 – 19
Adaptive EDGE Fundamentals
Task 11. Use summary and default routes to reach other networks
To reach each of the networks of other student groups (10.x.1.0, 10.x.10.0, and so
forth), you could add a route for each network that includes the student group
number in the second octet of the route’s destination network. Alternatively, you
could use a shortcut approach that involves defining a summarized route.
1. On Router, add the following summary route.
a. Are there any potential negative aspects to using the summary route as
opposed to adding individual routes? ___________________________
__________________________________________________________
2. From Router, test connectivity by pinging devices in another student group’s
network.
In general, when the router receives a packet that it does not know how to forward,
it drops it. You can configure a default route, which allows the router to forward
all such packets toward a destination most likely to be able to route them.
To configure a default route, you define a route that has a destination IP address of
all zeros and a subnet mask of all zeros. The subnet of all zeros tells the router that
a packet’s IP address does not have to match any of the destination address bits of
the default route to be valid. Because the router attempts to match a packet’s
destination IP address to the most specific route, it will only use the default route
as the last choice.
Note
The addition of the default route on your router will be performed during the
“Configuring Dynamic Routing” lab. At that time, once all teams have
performed that task, you will be able to ping from your router to another
student group’s network.
3. On your Core switch, add a default route that specifies the IP address of
Router’s Ethernet interface as the gateway.
4. From your Windows server and client computers, test connectivity to the
other student group networks by pinging the IP address of the other student
group’s Core switch.
Write the group number below when you receive a successful ping response,
implying that student group has completed the equivalent configuration tasks
on their side of the network.
10._____.1.1
10._____.1.1
10._____.1.1
10._____.1.1
10._____.1.1
10._____.1.1
5. From your Windows server and client computers, try using the “tracert”
command to follow the path from your source network to any of the other
student group networks.
C:> tracert 10.x.1.1
Rev. 8.41 L5 – 21
Adaptive EDGE Fundamentals
Note
To use PCM to back up your Secure Router’s configuration file, you
must first configure SNMP on the Secure Router 7000dl and then
discover the device using PCM. See the optional task at the end of this
lab for the steps on how to do that.
Comment/
Switch
Filename
Core lab5_core
Router lab5_router
4. Back up the configuration file of the Router from the CLI by transferring the
configuration file to the Windows client computer using TFTP.
Note
The syntax of the “copy” command on the Secure Router 7000dl series
is different from that of the other ProCurve switches you have been
using during this course. Here is an example of the syntax for the
Secure Router 7000dl series:
L5 – 22 Rev. 8.41
Configuring WAN Connectivity
Optional Tasks
Continue on with these optional tasks if you have completed the required section
of the lab exercise.
Optional Task 13. Using the Web interface of the Secure Router
7000dl
In this task you configure the Secure Router 7000dl to allow access to the built-in
web interface and then use a browser to access the web interface.
1. From global configuration context level, enable the HTTP server using the
“ip” command.
Router(config)# ip http server
2. Configure a username and password for the HTTP authentication realm using
the “username” command. Specify “procurve” for the username and
“password” for the password.
Router(config)# username procurve password password
4. On your Windows computer, open a web browser and specify the IP address
of Router for the URL.
http://10.x.1.5.
5. In the authentication realm dialog box, specify the username and password
you configured in the prior step.
Rev. 8.41 L5 – 23
Adaptive EDGE Fundamentals
6. After you acknowledge the registration window prompt, the ProCurve Secure
Router 7000dl main window appears.
7. Examine some of the options listed in the left pane of the main window. For
example, if you click “IP interfaces”, you should see the IP addresses you
defined for the Ethernet 0/1 and the PPP 1 interfaces.
L5 – 24 Rev. 8.41
Configuring WAN Connectivity
8. If you click “Route Table”, you should see the directly connected routes and
the static routes you added.
9. Close your browser window when you are done examining the web interface.
Rev. 8.41 L5 – 25
Adaptive EDGE Fundamentals
Optional Task 14. Using PCM to manage the Secure Router 7000dl
In this task you configure the Secure Router 7000dl to allow SNMP access so it
can be discovered by ProCurve Manager.
1. From global configuration context level, enable the SNMP agent using the
“ip” command.
Router(config)# ip snmp agent
3. Start ProCurve Manager and click Tools > Manual Discovery Wizard.
4. In the “Welcome to the Device Discovery Wizard” window, click Next.
5. In the “SNMP Version Selection” window accept the default of “SNMP
V2” and click Next.
L5 – 26 Rev. 8.41
Configuring WAN Connectivity
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command * Description
show running-config Displays the running configuration
Rev. 8.41 L5 – 27
Adaptive EDGE Fundamentals
Command * Description
ping <ip-address> Pings an IP address
copy running-config tftp <ip-address> Copies the running configuration file of a switch to
<filename> a TFTP server
* All commands are applicable to the secure router and switches unless otherwise noted.
L5 – 28 Rev. 8.41
Configuring Dynamic Routing
Module 6 Lab
Objectives
After completing this activity you will be able to:
Configure routing switches to use RIP
Examine routing tables to determine the active path used to reach destinations
Implement alternate paths to a destination and examine how RIP selects the
preferred route
Modify RIP operation by adjusting the route metric
Overview
The next step for ProCurve University is to migrate from the initial use of static
routes for connectivity to the remote campus to the use of a RIP for their interior
network. RIP is not new technology and has been in fairly widespread use since
the early 1990’s. RIP allows for dynamic changes in network connectivity to occur
and for the network to recover and use alternate paths if they are available.
In this lab exercise, you will be deploying RIP so that your network can
dynamically adjust to topology changes such as a link-down condition where the
primary path to a destination is no longer available. RIP will automatically switch
to another available link, allowing the source and destination to reestablish
network connectivity.
As part of your task, you will be implementing an additional LAN link to the
instructor’s network. This additional link will serve as an alternative path to the
existing one that uses the WAN link to the instructor’s network and which was
implemented in the prior lab exercise.
Rev. 8.41 L6 – 1
Adaptive EDGE Fundamentals
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will be implementing RIP and examining the affects on
route selection when multiple paths exist to the same destination and how RIP
adjusts the route selection when a link in the primary path fails. RIP will be
enabled on the Core and Router routing switches. On Router, you will enable RIP
on the 10.x.1.0/24 network. On Core, you will enable RIP on VLANs 1 and 1x.
Substitute your assigned group number for the “x” in each of the IP addresses.
L6 – 2 Rev. 8.41
Configuring Dynamic Routing
2. Remove the static routes to the 10.0.0.0 network and the 10.100.1.0 subnet
using the “no ip route” command.
Router(config)# no ip route 10.0.0.0 /8 192.168.x.2
Router(config)# no ip route 10.100.1.0 /24 192.168.x.2
3. You may have also added one or more static routes in the prior lab that were
used to reach your Windows client computer in user networks on VLAN’s
10, 20 or 30. If you did, remove those static routes as well.
Router(config)# no ip route 10.x.10.0 /24 10.x.1.1
Router(config)# no ip route 10.x.20.0 /24 10.x.1.1
Router(config)# no ip route 10.x.30.0 /24 10.x.1.1
4. Add a default route that uses the WAN link to the instructor’s network.
Router(config)# ip route 0.0.0.0 /0 192.168.x.2
5. At this point, the routing table on Router should look similar to the following
where “x” will be replaced by your group number.
Router(config)# do show ip route table
Note
Be sure your routing table includes the default route highlighted in bold above.
If the default route is not added, you will not be able to ping across your router
to another student group’s network. As long as that student group has also
added the default route on their router.
Rev. 8.41 L6 – 3
Adaptive EDGE Fundamentals
Note
You must specify the mask using dotted-decimal quad notation, not a
prefix length format, because RIP does not support CIDR.
!
router rip
version 2
redistribute static
network 10.x.1.0 255.255.255.0
!
L6 – 4 Rev. 8.41
Configuring Dynamic Routing
Note
Unplugging a cable connected to a port used by a static route will only
temporarily disable that route. The route will be removed from the
routing table, however, when the port is reconnected, the route will be
inserted back into the routing table.
1. On Core, examine the static routes that are currently configured by listing the
routing table.
Core(config)# show ip route
2. Remove the static routes to the 10.100.1.0 subnet and the default route using
the “no ip route” command.
Core(config)# no ip route 10.100.1.0/24 10.x.1.5
Core(config)# no ip route 0.0.0.0/0 10.x.1.5
3. At this point the routing table on Core should look similar to the following
where “x” will be replaced by your group number.
Core(config)# show ip route
IP Route Entries
Rev. 8.41 L6 – 5
Adaptive EDGE Fundamentals
Note
You can enable RIP on VLAN 1 from within the RIP configuration
context (Core(rip)#) using a single command. Alternatively, you can
first access the VLAN configuration context (Core(vlan-1)#) and
then enable RIP.
router rip
exit
vlan 1
ip rip 10.x.1.1
exit
L6 – 6 Rev. 8.41
Configuring Dynamic Routing
The routing table on Core should look similar to the following where “x” will
be replaced by your group number.
IP Route Entries
The routing table on Router should look similar to the following where “x”
will be replaced by your group number.
Rev. 8.41 L6 – 7
Adaptive EDGE Fundamentals
2. Try using the “connected”, “static”, and “rip” options with the show ip route
command to filter the display of the routing table information.
Core(rip)# show ip route connected
Core(rip)# show ip route static
Core(rip)# show ip route rip
3. From your Windows client computer, test connectivity using ping. Check to
see that devices in the instructor’s network as well as other student networks
are reachable.
For example, you should be able to ping the instructor’s WAN link IP
address (192.168.x.2) corresponding to your group number and those of the
other student groups. You should also be able to ping the VLAN 1, 10, 20,
and 30 IP addresses of the Core, Edge_1, Edge_2, Edge_3, and Router
systems in the networks of other students.
C:> ping 192.168.x.2 (where x =1, 2, …, 6)
C:> ping 10.x.1.1 (where x =1, 2, …, 6)
C:> ping 10.x.10.1 (where x =1, 2, …, 6)
C:> ping 10.x.20.1 (where x =1, 2, …, 6)
C:> ping 10.x.30.1 (where x =1, 2, …, 6)
L6 – 8 Rev. 8.41
Configuring Dynamic Routing
Note
By default, the Secure Router increases the cost of a RIP route that is
learned on an interface. The Secure Router increases the cost by adding
one to the route's metric before storing the route. You can change the
amount that an individual VLAN interface adds to the metric of RIP
routes learned on the interface.
RIP considers a route with a metric of 16 to be unreachable. Use this
metric only if you do not want the route to be used. In fact, you can
prevent the switch from using a specific interface for routes learned
though that interface by setting its metric to 16.
2. On Core, display the routing table. You should see that the metric for the
default route entry has increased by a value of 2. You may have to wait
several seconds for the updated entry to be sent by Router.
Core(rip)# show ip route
Rev. 8.41 L6 – 9
Adaptive EDGE Fundamentals
Note
Substitute your group number for “x” in the VLAN identifier and the IP
address.
Remember, you can create the VLAN and assign the IP address from
within the RIP configuration context using a single command.
Alternatively, you can first access the VLAN configuration context and
then assign the IP address.
L6 – 10 Rev. 8.41
Configuring Dynamic Routing
Note
An additional VLAN is being added and RIP enabled on this VLAN to
expedite the time that RIP takes to send a triggered update when a
routing topology change occurs. The default route entry on Core,
learned via RIP, will be more quickly updated when the LAN link
associated with the new VLAN fails. In contrast, if you had assigned the
new LAN link to VLAN 1, then you would simply have to wait thirty
seconds or more for the switch to learn the new default path.
2. Connect an Ethernet cable from the port you assigned to VLAN 1x on Core
to the instructor’s switch. Ask the instructor which port on the instructor’s
switch you are to use to connect your Core switch.
Rev. 8.41 L6 – 11
Adaptive EDGE Fundamentals
Task 9. Observe updates to the routing tables with the new VLAN
1. Display the RIP routes in the routing table using the “show ip route
rip” command on Core. Indicate below, the differences in the routing table
compared to how the routing table appeared prior to connecting the second
link to the instructor’s network.
Include the default route, routes to destinations in the instructor’s network,
and routes to destinations in the networks of other students. Summarize the
routes to the other students’ networks by substituting the “x” for the second
octet.
Core(rip)# show ip route rip
Note
The number of routes in the instructor’s network may vary depending
on how the instructor has configured the switches.
2. Display the RIP routes in the routing table using the “show ip route
rip” command on Router and indicate the differences below.
Router(config-rip)# do show ip route rip
L6 – 12 Rev. 8.41
Configuring Dynamic Routing
Rev. 8.41 L6 – 13
Adaptive EDGE Fundamentals
Comment/
Switch
Filename
Core lab6_core
Router lab6_router
4. Back up the configuration file of each switch from the CLI by transferring the
configuration file to the Windows client computer using TFTP.
Use the “copy” command and specify a filename for each switch from the
table above.
L6 – 14 Rev. 8.41
Configuring Dynamic Routing
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command * Description
show running-config Displays the running configuration
vlan <vlan-id> tagged <port-list> Defines port list as tagged members of a VLAN
copy running-config tftp <ip-address> Copies the running configuration file of a switch to
<filename> a TFTP server
* All commands are applicable to the secure router and switches unless otherwise noted.
Rev. 8.41 L6 – 15
Adaptive EDGE Fundamentals
L6 – 16 Rev. 8.41
Configuring Traffic Prioritization
Module 7 Lab
Objectives
After completing this activity you will be able to:
Enable simple, non-redundant connectivity and generate delay-sensitive
traffic by playing a video over the network
Simulate network congestion by manually configuring the link speed and
mode to 10 Mbps between your core and edge switches and observe any
impact this action may have on the delay-sensitive traffic
Use a traffic generator to add load to the network and observe any impact this
action might have on the delay-sensitive traffic.
Define policies at the edge of the network that will assign high priority to the
delay-sensitive traffic and observe any impact
Overview
ProCurve University would like to investigate how traffic prioritization can be
implemented on ProCurve switches for its delay-sensitive video conferencing
traffic. In this lab exercise, you will investigate how to configure Quality of
Service prioritization on your switches to ensure video traffic is given high
priority.
Rev. 8.41 L7 – 1
Adaptive EDGE Fundamentals
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
L7 – 2 Rev. 8.41
Configuring Traffic Prioritization
Note
It is recommended that only one student group has the role of the video
playback source while the other student group only has the role of the
video playback destination. Once the lab steps that follow are
completed, the roles can be reversed.
Rev. 8.41 L7 – 3
Adaptive EDGE Fundamentals
Note
After disconnection your links, please keep in mind that the XP client will be
isolated from Core and Edge_1. Therefore, in order to configure either of those
switches it will be necessary to use the serial cable.
L7 – 4 Rev. 8.41
Configuring Traffic Prioritization
Note
You will need to constrain the inter switch link in your lab environment
so that you can introduce a sufficient traffic load and create a queuing
build-up. Then you will be able to actually demonstrate how QoS can
improve the video application performance.
2. On Core and Edge_1, add a new VLAN based on the information in the table
below.
IP Helper
Switch VLAN ID Name IP Address
Address
3. On Core and Edge_1, add the 10 Mbps FDX ports you configured above as
tagged members of VLAN 40.
Core(config)# vlan 40 tagged a3
4. Connect Core and Edge_1 through the 10 Mbps FDX ports you configured
above. Use one of the Ethernet cables that are currently disconnected.
Rev. 8.41 L7 – 5
Adaptive EDGE Fundamentals
Scope
IP Range Subnet Mask Router
Name
10.x.40.50 to /24 or
VLAN 40 10.x.40.1
10.x.40.150 255.255.255.0
3. Connect the Windows client computer to the VLAN 40 port on Edge_1 you
configured above. Verify the Windows client computer is assigned an IP
address in network 10.x.40.0/24.
L7 – 6 Rev. 8.41
Configuring Traffic Prioritization
Note
VLC is a free cross-platform media player available from
www.videolan.org. It also can be used as a server for unicast or
multicast streams in a high-bandwidth IPv4 or IPv6 network.
4. Double click this icon to run the media player application. The following
window appears.
Rev. 8.41 L7 – 7
Adaptive EDGE Fundamentals
6. Click the Browse button. Select the mapped network drive and the media
file.
7. Unless otherwise configured, the media stream will only play once. In the
menubar, click View > Playlist.
L7 – 8 Rev. 8.41
Configuring Traffic Prioritization
1. On the Windows server computer of the student group that is viewing the
video clip, start the TfGen program and configure the following options:
• Utilization rate: 10000
• Destination: 10.x.1.10
This is the IP address of your partner group’s Windows server
computer. Your partner group is the video playback source.
• Traffic pattern: Continuous and constant
2. In the TfGen window, click Start to start the traffic flow.
Note
Start TfGen on only one side initially.
3. Watch the video for a response. You should see the video playback
performance degrade.
Rev. 8.41 L7 – 9
Adaptive EDGE Fundamentals
40 7
40 7
The other student group should see the video playback performance improve.
5. Working with your partner group, take turns disabling and then re-enabling
QoS on the VLAN designated for prioritized traffic and view the results.
Edge_1(config)# vlan 40 no qos
Edge_1(config)# vlan 40 qos priority 7
L7 – 10 Rev. 8.41
Configuring Traffic Prioritization
Rev. 8.41 L7 – 11
Adaptive EDGE Fundamentals
Comment/
Switch
Filename
Core lab7_core
Edge_1 lab7_edge_1
4. Back up the configuration file of each switch from the CLI by transferring the
configuration file to the Windows client computer using TFTP.
Use the “copy” command and specify a filename for each switch from the
table above.
L7 – 12 Rev. 8.41
Configuring Traffic Prioritization
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command Description
Sets the speed and duplex mode of the
interface <port-id> speed-duplex 10-full
specified port
vlan <vlan-id> qos priority <value> Sets the QoS priority value for traffic of a VLAN
copy running-config tftp <ip-address> Copies the running configuration file to a TFTP
<filename> server
Rev. 8.41 L7 – 13
Adaptive EDGE Fundamentals
L7 – 14 Rev. 8.41
Configuring the Access Point 530
Module 8 Lab 1
Objectives
After completing this activity you will be able to:
Access the ProCurve Access Point (AP) 530’s command line interface (CLI)
locally and remotely
Configure the IP address for the AP 530’s Ethernet interface
Secure access to management interfaces
Use the web interface to Configure your AP 530
Save an AP 530 configuration file to a Trivial File Transfer Protocol (TFTP)
server
Overview
ProCurve University is in the process of deploying wireless connectivity
throughout the main and remote campuses. You have been assigned the task of
developing familiarity with the installation and configuration of the ProCurve
Access Point 530.
In order to provide greater access to network resources for administrators, faculty,
and students, ProCurve University has decided to install a campus-wide wireless
network. To test the viability of providing wireless connectivity, they have decided
to set up a prototype wireless network in the student union. Since this network is
intended only for proof-of-concept purposes, the network will be left open to the
public and controlled with ACLs on VLAN 20. To implement this wireless
network you will need to do the following:
Connect the hardware components based on the network topology.
Verify your networks IP addressing and routing configuration and add the
access point to the appropriate VLAN
Set the country code, disable DHCP, assign an IP address, set the SSID,
adjust radio settings, and disable SNTP on the ProCurve Access Point 530
Configure the wireless client
Test wireless network connectivity.
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
In this lab exercise, you will be installing and configuring a ProCurve Access
Point 530. Your Windows client computer will require a wireless 801.11b/g
interface. For the initial setup of the Access Point 530, you connect your Windows
computer to the Access Point 530 using a ProCurve switch console cable.
You will be using the Access Point 530’s CLI and web interface to perform the
configuration tasks.
Substitute your assigned group number for the “x” in each of the IP addresses.
2. With your Access Point 530 powered off, connect the access point to the
VLAN 20 port you configured above. Use the Ethernet cable currently
connecting your Windows client computer to one your switches.
Note
At the factory default settings, the Access Point 530 first tries to obtain
an IP address using DHCP. If the access point is unable to obtain an IP
address using DHCP, the device will use IP address 192.168.1.1.
In this lab, you will disable DHCP and manually assign an IP address.
1. Use a serial cable to connect the COM port on the Windows XP station to the
console port on the back of the AP 530.
2. On the Windows XP station, use Tera Term Pro to open a terminal session
with the AP, using the following settings:
a. Select Serial.
b. Choose COM1 for the port.
c. Click OK.
d. Press Enter.
3. When prompted for your username and password, enter admin for both.
These are the default settings for the AP 530. (If the default password does
not work try password and then ask your instructor for the configured
password.)
Login: admin
Password: admin
ProCurve Access Point 530#
Note
The prompt is displayed as follows:
ProCurve Access Point 530#
For simplicity, the labs will display the AP 530 prompt as:
ProCurve AP 530#
4. To ensure that the AP 530 is using the factory default settings, copy the
factory default file to the startup configuration.
ProCurve AP 530# copy factory-default startup-config
The CLI will notify you that the AP 530 is automatically rebooting.
5. After the AP 530 reboots, re-enter the default username and password to
again access the CLI.
Login: admin
Password: admin
ProCurve AP 530#
6. You are now in the Exec privilege mode of the CLI. To get familiar with the
command structure, type “help”.
ProCurve AP 530# help
Note
The up and down arrow keys allow you to scroll through the history of
previously entered commands from which you can select one to repeat.
e. What differences are there when you are in the global configuration
mode?
__________________________________________________________
__________________________________________________________
Rev. 8.41 L 8.1 – 5
Adaptive EDGE Fundamentals
Note
If the “% Unrecognized Command” response is displayed, then the
country code has already been set or was preset at the time of shipment.
The country code is preset on the North American products and you will
not be able to modify this option on these units. For the worldwide
product, the country code is the first configuration task that must be
completed before any other tasks can be performed. Setting the country
code allows the radio to be enabled. Use the show system command
to verify the country code setting.
Note
If the IP address of the Access Point 530 is 192.168.1.1, then the access
point was unable to obtain an IP address using DHCP. If DHCP is
working properly, you should see an IP address in VLAN20 such as
10.X.20.50, or something similar.
2. Access the global configuration context level and configure the System Name
as Groupx, where x is your group number, using the “Hostname”
command.
ProCurve AP 530# configure
ProCurve AP 530(config)# hostname Group1
The ProCurve AP 530 takes its management address from the address configured
on its Ethernet interface. By default, this interface receives a DHCP address. To
ensure that the AP always has the same IP address, the PCU administrators want to
assign the Ethernet interface a static IP address. Use this table to assign your
AP530 a static address, subnet mask and gateway.
Parameter Value
IP Address 10.x.20.20
Task 6. Using the web interface to configure the Access Point 530
In this task, you will use your Windows server computer to access the web
interface of the Access Point 530, since the Windows client computer will be used
as a wireless client in this lab exercise. For the remainder of this lab, you will use
the Web browser interface to configure the AP 530.
1. Open a Web browser on the Windows Server 2003 and enter the IP address
that you assigned your AP 530 as the URL:
http://10.x.20.20
2. Enter the username (admin) and password (procurve) to access the Web
browser interface.
1. On the AP 530, you will create the WLAN listed in the table below. Replace
x with the group number your instructor assigned you and your partner.
4. Configure the Groupx WLAN using the settings shown in the table at the
beginning of this section.
1. By default, the AP 530’s radios are disabled. To protect your network, you
should not enable the radios until you configure security for the WLANs. To
verify that the radios are disabled, click Network Setup > Radio.
2. As shown above, the Network Setup > Radio window shows the settings for
one radio at a time. To view the status for the other radio, select it from the
Radio drop-down menu.
3. Turn the Radio status to On and click update. Do this for both Radio 1 and
Radio 2.
Whenever you select Update, the AP 530 automatically saves your configurations
to the startup-config file from which it boots. You can also save a configuration in
a custom default file to be used as the baseline configuration for all APs in your
network. You can back up the startup-config or the custom default-config to a
remote server.
1. Open the Tftpd32 program on the Windows XP station.
2. In the Web browser interface for the AP 530, select Management > System
Maintenance.
3. Select the Configuration Files tab.
Command Reference
The following CLI commands are used in this lab exercise. Refer to them as
needed.
Command * Description
help Displays help information
Objectives
After completing this lab, you should be able to:
Access the web browser interface for the ProCurve Wireless Edge Services zl
Module
Ensure that the ProCurve Radio Ports (RPs) are automatically adopted
Configure wireless LANs (WLANs) on the Wireless Module
Overview
The ProCurve University (PCU) network administrators are ready to deploy the
Wireless LAN System into there campus. In this lab, you will explore the Web
browser interface for the Wireless Edge Service zl Module. You will configure a
WLAN for your group:
GroupX—for students and faculty
Network diagram
When this lab activity is complete, your network’s topology and IP addressing
should resemble the diagram below.
Task 1. Access the Web browser interface for the Wireless Edge
Services Module
1. Launch Internet Explorer from either your Windows XP workstation or
Windows Server system.
2. In the Address bar enter http://10.100.1.11 and press enter.
3. For the login enter the username manager and password procurve.then click
login.
4. At this point take some time to become familiar with the available menu items
listed at the left of the window.
3. Under Radio Settings, in the Desired Power field, use the drop-down menu
to select 8 dB. On the Wireless Module, you set the transmit power as an
absolute value, and available settings are determined by both the channel you
select and the country code (which, of course, makes the RPs comply with
regulations in your area).
10. Next click on WLAN Setup and verify you are in the Configuration tab.
11. Click on Global Settings in the lower right hand corner and select or verify
that the Advanced Configuration option is checked, click OK.
1. In this task we will configure our GroupX Core 5400zl switch for our RP:
When you install the Wireless Edge Services Module into the 5400zl Switch, the
switch, by default, automatically creates the Radio Port VLAN (2100). Likewise,
the switch automatically detects RPs when they are connected to the network and
makes each RP’s switch port an untagged member of the Radio Port VLAN.
Note
For each Group’s 5400zl Switch to provide power for the RPs, you must make
sure the port to which you connect the RP are untagged members of VLAN
210x (we will accomplish this by using the auto-provision function of lldp).
You must also make sure the uplink port to the instructor’s 5400 on your
groups 5400zl Switch is a tagged member of VLAN 210x and 2x.
7. In the Web browser interface for the Wireless Module, click Network Setup
> Radio. The Configuration tab should be selected. This window displays
the RPs that the Wireless Module has adopted. If you are the first one to do
this step the window will be empty.
Both LEDs go off for a moment; then both If no error conditions have
illuminate for a few seconds. occurred, RP is communicating
with Wireless Module.
If one of the RPs experiences an error condition, verify that you have set the
country code.
9. Refresh the Network Setup > Radio window in the Wireless Module’s Web
browser interface. The RPs’ radios should be listed.
10. From your 5400zl console connection review the port you plugged your RP
into
Core(config)# show vlans ports a11 detail
Status and Counters – VLAN Information – for ports A11
VLAN ID Name | Status Voice Jumbo Mode
-------- -------------- ---------- ----- ----- ----
210x VLAN210x Port-based No No Untagged
Groupx 1 2x Open
1. Click Network Setup > WLAN Setup. You should be at the Configuration
tab.
d. Next select the box under Encryption for WPA/WPA2-TKIP and then
click on Config…
e. Under the Key Settings verify and select if needed the ASCII
Passphrase button and enter groupXwpa as the passphrase (where X is
your group number).
f. Click OK. You are returned to the Network Setup > WLAN Setup
window.
g. Click OK and you should be returned to the Network Setup > WLAN
Setup window.
By default, the WLANs are disabled. In a production environment, you should not
enable the WLANs until you have configured security for the WLANs.
Remember, however, that enabling a WLAN before you configure the security for
it is not a best practice.
3. Next you need to navigate to Network Setup > Radio and find the MAC
address for your RADIO1.
4. Once you locate your RADIO# MAC address highlight the one with
802.11bg listed under the type filed and click Edit.
5. Under Radio Descr. Enter GroupX and click OK
9. Next navigate to WLAN setup and Select the Groupx SSID and click Enable.
10. Click Save in the upper right corner to save your changes and click Yes and
OK to complete the save function.
3. Select the startup-config file and click View. Although you can view the
settings included in the startup-config, you cannot edit them from here. Click
Close.
Command Reference
The following commands are used in this lab. Refer to them as needed.
Command Description
Configure terminal Enters the global configuration mode
context
Ip address Set IP parameters for communication
within an IP network
Ip helper-address Add or remove a DHCP server IP address
for the VLAN.
Lldp auto-provision Configure various parameters related to
lldp automatic provisioning.
Show vlans Show status information for all VLANs
vlan <number> tagged <port #> Makes a port a tagged member of a VLAN
wireless-services <slot letter> Accesses the CLI for the Wireless Module
20081121