HP 2620 User Manual

HP Switch Software  
Basic Operation Guide  
HP 3500  
HP 3800  
HP 2520  
HP 2520G  
HP 2530  
HP 3500yl  
HP 5400zl  
HP 6200yl  
HP 6600  
HP 2620  
HP 2615  
HP 2910  
HP 2915  
HP 8200zl  
November 2012  
HP Networking  
HP 3500  
HP 3800  
HP 2520  
HP 2520G  
HP 2530  
HP 3500yl  
HP 5400zl  
HP 6200yl  
HP 6600  
HP 2620  
HP 2615  
HP 2910al  
HP 2915  
HP 8200zl  
November 2012  
Basic Operation Guide  
© Copyright 2005–2012 Hewlett-Packard Development Company,  
L.P. The information contained herein is subject to change with-  
out notice. All Rights Reserved.  
Disclaimer  
The information contained in this document is subject to  
change without notice.  
This document contains proprietary information, which is  
protected by copyright. No part of this document may be  
photocopied, reproduced, or translated into another  
language without the prior written consent of Hewlett-  
Packard.  
HEWLETT-PACKARD COMPANY MAKES NO WARRANTY  
OF ANY KIND WITH REGARD TO THIS MATERIAL,  
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED  
WARRANTIES OF MERCHANTABILITY AND FITNESS  
FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not  
be liable for errors contained herein or for incidental or  
consequential damages in connection with the furnishing,  
performance, or use of this material.  
Publication Number  
5998-3892  
November 2012  
The only warranties for HP products and services are set  
forth in the express warranty statements accompanying  
such products and services. Nothing herein should be  
construed as constituting an additional warranty. HP shall  
not be liable for technical or editorial errors or omissions  
contained herein.  
Applicable Products  
HP 3500 Switches  
(J9470A, J9471A, J9472A,  
J9473A)  
Hewlett-Packard assumes no responsibility for the use or  
reliability of its software on equipment that is not furnished  
by Hewlett-Packard.  
HP 3500yl Switches  
HP 5400zl Switches  
(J8692A, J8693A)  
(J8697A, J8698A, J9447A,  
J9448A)  
HP 6200yl Switch  
HP 8200zl Switches  
HP 6600 Switches  
(J8992A)  
(J9475A, J8715A/B)  
(J9263A, J9264A, J9265A,  
J9451A, J9452A)  
(J9573A, J9574A, J9575A,  
Software End User License Agreement and  
Hardware Limited Warranty  
HP 3800 Switches  
J9576A, J9584A, J9585A, J9586A, J9587A, J9588A)  
HP 2620 Switches  
For the software end user license agreement and the  
hardware limited warranty information for HP Networking  
products, visit www.hp.com/networking/support.  
(J9623A, J9624A, J9625A,  
J9626A, J9627A)  
(J9298A, J9299A)  
(J9137A, J9138A)HP  
(J9772A)  
HP 2520G Switches  
HP 2520 Switches  
Switch 2530-48G-PoE+  
HP Switch 2530-24G-PoE+  
HP Switch 2530-48G  
HP Switch 2530-24G  
HP 2615 Switch  
(J9773A)  
(J9775A)  
(J9776A)  
(J9565A)  
HP 2910al Switches  
(J9145A, J9146A, J9147A  
J9148A)  
HP 2915 Switch  
(J9562A)  
Trademark Credits  
Microsoft, Windows, and Microsoft Windows NT are US  
registered trademarks of Microsoft Corporation. Java™ is a  
US trademark of Sun Microsystems, Inc.  
Hewlett-Packard Company  
8000 Foothills Boulevard, m/s 5551  
Roseville, California 95747-5551  
http://www.hp.com/networking/support  
 
Product Documentation  
About Your Switch Manual Set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii  
Electronic Publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii  
List of Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii  
Initial Switch Set-Up . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1  
Recommended Minimal Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1  
Using the Switch Setup Screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2  
Banner Operation with Telnet, Serial, or SSHv2 Access . . . . . . . . 1-4  
Banner Operation with the WebAgent . . . . . . . . . . . . . . . . . . . . . . 1-4  
Configuring and Displaying a Non-Default Banner . . . . . . . . . . . . 1-5  
Example of Configuring and Displaying a Banner . . . . . . . . . . . . . 1-6  
Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8  
Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9  
Banner MOTD Command with  
Non-Interactive Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-10  
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1  
Starting and Ending a Menu Session . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2  
How To Start a Menu Interface Session . . . . . . . . . . . . . . . . . . . . . . . . . 2-3  
How To End a Menu Session and Exit from the Console: . . . . . . . . . . 2-4  
Main Menu Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6  
Screen Structure and Navigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-8  
Rebooting the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-11  
iii  
Menu Features List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-13  
Port-Level Configuration on HP 3800  
Switches with Stacking Enabled . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-13  
Where To Go From Here . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-14  
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1  
Accessing the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1  
Listing Commands and Command Options . . . . . . . . . . . . . . . . . . . . . . 3-7  
Listing Commands Available at Any Privilege Level . . . . . . . . . . . 3-7  
Listing Command Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-9  
Displaying CLI “Help” . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-10  
Configuration Commands and the Context Configuration Modes . . 3-12  
Return Message Types with CLI Commands . . . . . . . . . . . . . . . . . . . . 3-16  
CLI Interactive Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-17  
Interactive Commands Requiring Additional Options . . . . . . . . . . . . 3-18  
Menu Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-19  
SNMPv3 Special Cases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-19  
Banner MOTD Command with Non-Interactive Mode . . . . . . . . . . . . 3-19  
CLI Control and Editing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-22  
Executing a Prior Command—Redo . . . . . . . . . . . . . . . . . . . . . . . . . . 3-22  
Repeating Execution of a Command . . . . . . . . . . . . . . . . . . . . . . . . . . 3-23  
Using a Command Alias . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-24  
CLI Shortcut Keystrokes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-27  
Port-Level Configuration on HP 3800  
Switches with Stacking Enabled . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-28  
iv  
General Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2  
Starting the WebAgent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4  
Using a Standalone Web Browser from a PC or UNIX Workstation . 4-4  
Viewing the “First Time Install” Window . . . . . . . . . . . . . . . . . . . . . . . . 4-5  
Setting a Username and Password . . . . . . . . . . . . . . . . . . . . . . . . . 4-5  
If You Lose the Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6  
Online Help for the WebAgent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-7  
Downloading the WebAgent Help to a Local Server . . . . . . . . . . . 4-7  
Connecting to the WebAgent from HP PCM+ . . . . . . . . . . . . . . . . . . . . 4-7  
Configuration File Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1  
Using USB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-11  
Using SFTP and SCP to Transfer the Custom Configuration . . . . . . 5-12  
Erasing a Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-13  
Displaying the Configuration Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-14  
Troubleshooting Custom Default Configuration Files . . . . . . . . . . . . 5-16  
v
Implement Configuration Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-16  
Menu: Implementing Configuration Changes . . . . . . . . . . . . . . . . . . . 5-17  
Using Save and Cancel in the Menu Interface . . . . . . . . . . . . . . . 5-17  
Rebooting from the Menu Interface . . . . . . . . . . . . . . . . . . . . . . . 5-18  
WebAgent: Implementing Configuration Changes . . . . . . . . . . . . . . . 5-19  
Boot and Reload Command Comparison . . . . . . . . . . . . . . . . . . . 5-28  
Setting the Default Flash . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-29  
Booting from the Default Flash (Primary or Secondary) . . . . . . 5-30  
Booting from a Specified Flash . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-31  
Using Reload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-32  
Multiple Configuration Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-36  
Changing or Overriding the Reboot Configuration Policy . . . . . . . . . 5-41  
Managing Startup-Config Files in the Switch . . . . . . . . . . . . . . . . . . . 5-43  
Erasing a Startup-Config File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-45  
Using the Clear + Reset Button Combination To Reset the  
Switch to Its Default Configuration . . . . . . . . . . . . . . . . . . . . . . . . 5-47  
Transferring Startup-Config Files To or From a Remote Server . . . . 5-48  
TFTP: Copying a Configuration File to a Remote Host . . . . . . . . 5-48  
vi  
Connected Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-50  
Operating Notes for Multiple Configuration Files . . . . . . . . . . . . 5-50  
Display Configuration of Selected Interface . . . . . . . . . . . . . . . . . . . 5-51  
Running Configuration Output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-51  
Startup Configuration Output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-58  
Automatic Configuration Update with DHCP Option 66 . . . . . . . . 5-61  
Possible Scenarios for Updating the Configuration File . . . . . . . . . . 5-62  
Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-62  
Log Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-63  
6 Interface Access and System Information  
Reconfigure Inbound Telnet Access . . . . . . . . . . . . . . . . . . . . . . . . 6-4  
Outbound Telnet to Another Device . . . . . . . . . . . . . . . . . . . . . . . . 6-5  
Making Window Size Negotiation Available for a Telnet Session 6-6  
Reconfigure WebAgent Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-7  
Reconfigure the Console/Serial Link Settings . . . . . . . . . . . . . . . . 6-7  
Sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-9  
System Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-11  
Viewing and Configuring System Information . . . . . . . . . . . . . . . . . . . 6-12  
7 Configuring IP Addressing  
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1  
IP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1  
Just Want a Quick Start with IP Addressing? . . . . . . . . . . . . . . . . . . . . 7-3  
vii  
CLI: Configuring IP Address, Gateway, and Time-To-Live (TTL) . . . . 7-6  
WebAgent: Configuring IP Addressing . . . . . . . . . . . . . . . . . . . . . . . . . 7-11  
How IP Addressing Affects Switch Operation . . . . . . . . . . . . . . . . . . . 7-12  
DHCP/Bootp Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-12  
Network Preparations for Configuring DHCP/Bootp . . . . . . . . . 7-15  
Displaying Loopback Interface Configurations . . . . . . . . . . . . . . . . . . 7-18  
Addressing Across Configuration File Downloads . . . . . . . . . . . . . . 7-21  
Operating Rules for IP Preserve . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-21  
Enabling IP Preserve . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-21  
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-25  
The Source IP Selection Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-26  
Displaying the Source IP Interface Information . . . . . . . . . . . . . . . . . 7-29  
Software Signing and Verification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5  
Using the CLI to Validate or Bypass a Signature Verification . . . 8-6  
Saving Configurations While Using the CLI . . . . . . . . . . . . . . . . . . . . . . 8-7  
Important: Best Practices for Software Updates . . . . . . . . . . . . . . . . . 8-7  
Updating the Switch: Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-8  
viii  
Updating the Switch: Detailed Steps . . . . . . . . . . . . . . . . . . . . . . . . 8-9  
Rolling Back Switch Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-13  
Viewing or Transferring Alternate Configuration Files . . . . . . . . 8-14  
Index  
ix  
x
Product Documentation  
About Your Switch Manual Set  
N o t e  
For the latest versionof allHPswitch documentation, including Release Notes  
covering recently added features, please visit the HP Networking web site at  
www.hp.com/Networking/support.  
Electronic Publications  
The latest version of each of the publications listed below is available in PDF  
format on the HP Networking web site, as described in the Note at the top of  
this page.  
Installation and Getting Started Guide—Explains how to prepare for  
and perform the physical installation and connect the switch to your  
network.  
Basic Operation Guide—Describes how to use the switch interfaces and  
introduces basic operations.  
Management and Configuration Guide—Describes how to configure,  
manage, and monitor basic switch operation.  
AdvancedTrafficManagementGuide—Explainshow toconfigure traffic  
management features such as VLANs, MSTP, QoS, and Meshing.  
Multicast and Routing Guide—Explains how to configure IGMP, PIM, IP  
routing, and VRRP features.  
Access Security Guide—Explains how to configure access security fea-  
tures and user authentication on the switch.  
IPv6 Configuration Guide—Describes the IPv6 protocol operations that  
are supported on the switch.  
Command Line Interface Reference Guide—Provides a comprehensive  
description of CLI commands, syntax, and operations.  
Comware CLI Commands in ProVision Software—Provides the syntax,  
descriptions, and examples of Comware CLI commands that can be  
executed in ProVision software. Includes related ProVision software com-  
mands.  
Event Log Message Reference Guide—Provides a comprehensive descrip-  
tion of event log messages.  
Release Notes—Describe new features, fixes, and enhancements that  
become available between revisions of the main product guide.  
vii  
         
List of Commands  
The following table lists the commands found in the Basic Operation Guide.  
A few commands are not supported on certain switches.  
Command  
Page  
3-24  
alias  
banner exec  
1-9  
banner motd  
1-5  
boot [system flash]  
boot set-default flash  
config  
8-11  
5-30  
5-4  
console  
6-7  
copy config  
5-48  
5-24  
5-49  
8-2  
copy flash  
copy tftp config  
copy tftp flash  
copy usb flash  
copy xmodem flash  
dhcp config-file-update  
enable  
8-4  
8-3  
5-61  
3-4  
end  
3-8  
erase  
5-46  
5-24  
3-5  
erase flash  
exit  
fastboot  
5-32  
6-13  
7-17  
7-7  
hostname  
interface loopback <number>  
ip address <ip-addr> <mask-bits>  
ip address <ip-addr>/<mask-length>  
ip address dhcp-bootp  
ip default-gateway <ip-addr>  
ip preserve  
7-7  
7-8  
7-10  
7-21  
7-26  
7-11  
ip source-interface  
ip ttl  
viii  
 
Command  
Page  
6-9  
kill  
mac-age-time  
6-14  
2-3  
menu  
redo  
3-22  
5-33  
5-33  
5-44  
3-23  
3-17  
3-16  
7-6  
reload after  
reload at  
rename config  
repeat  
session interactive-mode  
session show-message-type  
show <ip | ipv6>  
show banner  
3-20  
5-58  
5-40  
5-58  
5-4  
show config  
show config files  
show config interface  
show config status  
show console  
6-2  
show flash  
8-13  
7-20  
7-30  
5-35  
5-51  
5-51  
3-18  
6-12  
5-20  
6-13  
5-42  
6-5  
show ip route  
show ip source-interface  
show reload  
show running-config  
show running-config interface  
show session  
show system information  
show version  
snmp -server <contact | location>  
startup-default  
telnet  
telnet-server  
6-4  
time  
6-14  
6-14  
6-14  
3-4  
time daylight-time-rule  
time timezone  
vlan  
ix  
Command  
web-management  
Page  
6-7  
write memory  
write terminal  
5-5  
5-4  
x
Getting Started  
Initial Switch Set-Up  
1
Getting Started  
Initial Switch Set-Up  
Initial setup includes:  
setting a Manager password  
assigning an IP (Internet Protocol) address and subnet mask  
configuring optional banners  
Recommended Minimal Configuration  
In the factory default configuration, the switch has no IP (Internet Protocol)  
address and subnet mask, and no passwords. In this state, it can be managed  
only through a direct console connection. To manage the switch through in-  
band (networked) access, you should configure the switch with an IP address  
and subnet mask compatible with your network. Also, you should configure  
a Manager password to control access privileges from the console and web  
browser interface. Other parameters in the Switch Setup screen can be left at  
their default settings or you can configure them with values you enter.  
For more information on IP addressing, see “Configuring IP Addressing” on  
page 7-1.  
N o t e  
By default, the switch is configured to acquire an IPv4 address configuration  
from a DHCP or Bootp server. To use DHCP/Bootp instead of the manual  
method described in this chapter, see DHCP/Bootp Operation in the Manage-  
ment and Configuration Guide for your switch.  
For information on configuring IPv6 addressing, refer to the latest IPv6  
Configuration Guide for you switch.  
1-1  
           
Getting Started  
Initial Switch Set-Up  
Using the Switch Setup Screen  
The quickest and easiest way to minimally configure the switch for manage-  
ment and password protection is to use a direct console connection to the  
switch, start a console session, and access the Switch Setup screen.  
1. Using the method described in the Installation and Getting Started  
Guidefor your switch, connect a terminal device to the switch and display  
the switch console command (CLI) prompt (the default display).  
The CLI prompt appears displaying the switch model number, for  
example:  
HP E8200zl#  
2. screen. The following illustration is an example of a Setup screen with  
default settings. Your screen may vary slightly.  
HP Switch  
==========================- TELNET - MANAGER MODE -============================  
Switch Setup  
System Name : HP Switch  
System Contact :  
Manager Password :  
Confirm Password :  
Logon Default : CLI  
Time Zone [0] : 0  
Community Name : public  
Default Gateway :  
Spanning Tree Enabled [No] : No  
Time Sync Method [None] : TIMEP  
TimeP Mode [Disabled] : Disabled  
IP Config [Manual] : DHCP/Bootp  
IP Address : 127.0.0.1  
Subnet Mask : 255.255.255.255  
Actions-> Cancel  
Edit  
Save  
Help  
Enter System Name - up to 32 characters.  
Use arrow keys to change field selection, <Space> to toggle field choices,  
and <Enter> to go to Actions.  
Figure 1-1. Example Switch Setup Screen  
3. Use the Tab key to select the Manager Password field and enter a manager  
password of up to 16 characters.  
1-2  
     
Getting Started  
Initial Switch Set-Up  
4. Tab to the IP Config (DHCP/Bootp) field and use the Space bar to select the  
Manual option.  
5. Tab to the IP Address field and enter the IP address that is compatible with  
your network.  
6. Tab to the Subnet Mask field and enter the subnet mask used for your  
network.  
7. Press Enter, then S (for Save).  
Table 1-1. Setup Screen Field Descriptions  
Parameter  
Default  
blank  
blank  
blank  
CLI  
System Name  
System Contact  
Manager Password  
Logon Default  
Optional; up to 255 characters, including spaces  
Optional; up to 255 characters, including spaces  
Recommended; up to 16 characters (no blank spaces)  
The default setting selects the command line interface for console access.  
The alternative is the Menu interface.  
Time Zone  
0 (none)  
Optional; 1440 to -1440. The number of minutes your location is to the  
West (-) or East (+) of GMT.  
Community Name  
public  
Default setting recommended.  
Spanning Tree Enabled No  
Default setting recommended unless STP is already running on your network  
or the switch will be used in complex network topologies.  
Default Gateway  
blank  
Recommended; Enter the IP address of the next-hop gateway node if network  
traffic needs to be able to reach off-subnet destinations.  
Time Sync Method  
TimeP  
Optional; The protocol the switch uses to acquire a time signal. The options  
are SNTP and TimeP.  
TimeP Mode  
IP Config  
Disabled  
Synchronizes the time kept on the switch to the TimeP server.  
DHCP/Bootp  
Set to Manual unless a DHCP/Bootp server is used on your network to  
configure IP addressing.  
IP Address  
xxx.xxx.xxx.xxx Recommended; If you set IP Config to Manual, then enter an IP address  
compatible with your network.*  
Subnet Mask  
xxx.xxx.xxx.xxx Recommended; If you entered an IP address, then enter a subnet mask  
compatible with your network.*  
*The IP address and subnet mask assigned for the switchmustbe compatible with the IP addressing used in your network.  
For more on IPv4 addressing, see “Configuring IP Addressing” on page 7-1. For IPv6 addressing topics, refer to the latest  
IPv6 Configuration Guide for your switch.  
1-3  
     
Getting Started  
Login Banners  
Login Banners  
Custom Login Banners  
You can now configure the switch to display a login banner of up to 3070  
characters when an operator initiates a management session with the switch  
through any of the following methods:  
Telnet  
serial connection  
SSHv2  
WebAgent  
The default banner displays product registration information; the copyright  
splash is no longer displayed.  
If a banner is configured, the banner page is displayed when you access the  
WebAgent. The default product registration information is not displayed as  
there is already a product registration prompt displayed in the WebAgent.  
Banner Operation with Telnet, Serial, or SSHv2 Access  
When a system operator begins a login session, the switch displays the banner  
above the prompts for local password and Press any key to continue. Entering  
a correct password or, if no password is configured, pressing any key clears  
the banner from the CLI and displays the CLI prompt. (Refer to Figure 2-5 on  
page 1-6.)  
Banner Operation with the WebAgent  
When a system operator uses the WebAgent to access the switch, the text of  
a non-default banner configured on the switch appears in a dedicated banner  
window with a Continue link to the next page. Clicking on Continue then  
displays either the Registration page or the switch’s home page. If the banner  
feature is disabled or if the switch is using the factory-default banner, then the  
banner page does not appear in the WebAgent screen when an operator  
initiates a login session with the switch.  
1-4  
             
Getting Started  
Login Banners  
Configuring and Displaying a Non-Default Banner  
You can enable or disable banner operation using either the switch’s CLI or  
an SNMP application. The steps include:  
1. Enable non-default banner operation and define the endpoint delimiter  
for the banner.  
2. Enter the desired banner text, including any specific line breaks you  
want.  
3. Enter the endpoint delimiter.  
Use show banner motd to display the current banner status.  
Syntax: banner motd < delimiter >  
no banner motd  
This command defines the single character used to termi-  
nate the banner text and enables banner text input. You  
can use any character except a blank space as a delimiter.  
The no form of the command disables the login banner  
feature.  
< banner-text-string >  
The switch allows up to 3070 banner characters,  
including blank spaces and CR-LF ([Enter]). (The tilde “ ~“  
and the delimiter defined by banner motd <delimiter> are  
not allowed as part of the banner text.) While entering  
banner text, you can backspace to edit the current line  
(that is, a line that has not been terminated by a CR-LF.)  
However, terminating a line in a banner by entering a  
CR-LF prevents any further editing of that line. To edit a  
line in a banner entry after terminating the line with a  
CR-LF requires entering the delimiter described above  
and then re-configuring new banner text.  
The banner text string must terminate with the character  
defined by banner motd < delimiter >.  
Note: In redundant management, the banner is not seen  
on the standby module, only the active module.  
1-5  
       
Getting Started  
Login Banners  
Example of Configuring and Displaying a Banner  
Suppose a system operator wanted to configure the following banner message  
on her company’s switches:  
This is a private system maintained by the  
Allied Widget Corporation.  
Unauthorized use of this system can result in  
civil and criminal penalties!  
In this case, the operator will use the [Enter] key to create line breaks, blank  
spaces for line centering, and the % symbol to terminate the banner message.  
HP Switch(config)# banner motd %  
Enter TEXT message. End with the character'%'  
This is a private system maintained by the  
Allied Widget Corporation.  
Unauthorized use of this system can result in  
civil and criminal penalties!%  
HP Switch(config)# write memory  
Figure 1-2. Example of Configuring a Login Banner  
To view the current banner configuration, use either the show banner motd or  
show running command.  
HP Switch(config)# show banner motd  
Banner Information  
Banner status: Enabled  
Configured Banner:  
This is a private system maintained by the  
Allied Widget Corporation.  
Unauthorized use of this system can result in  
civil and criminal penalties!  
Figure 1-3. Example of show banner motd Output  
1-6  
     
Getting Started  
Login Banners  
HP Switch(config)# show running  
Running configuration:  
; J8697A Configuration Editor; Created on release #K.15.05.0001  
; Ver #01:01:00  
hostname "HP Switch"  
module 1 type J8702A  
vlan 1  
name "DEFAULT_VLAN"  
Shows the current banner  
configuration.  
untagged A1-A24  
ip address dhcp-bootp  
exit  
banner motd "This is a private system maintained by the\n Allied Widget  
Corporation.\nUnauthorized use of this system can result in\n civil and  
criminal penalties!"  
password manager  
HP Switch(config)#  
Figure 1-4. The Current Banner Appears in the Switch’s Running-Config File  
The next time someone logs onto the switch’s management CLI, the following  
appears:  
The login screen displays the  
This is a private system maintained by the  
Allied Widget Corporation.  
Unauthorized use of this system can result in  
configured banner.  
Entering a correct password  
clears the banner and displays  
civil and criminal penalties!  
the CLI prompt.  
Password:  
Figure 1-5. Example of CLI Result of the Login Banner Configuration  
1-7  
Getting Started  
Login Banners  
Operating Notes  
The default banner appears only when the switch is in the factory  
default configuration. Using no banner motd deletes the currently  
configured banner text and blocks display of the default banner. The  
default banner is restored only if the switch is reset to its factory-  
default configuration.  
The switch supports one banner at any time. Configuring a new  
banner replaces any former banner configured on the switch.  
If the switch is configured with ssh version 1 or ssh version 1-or-2,  
configuring the banner sets the SSH configuration to ssh version 2  
and displays the following message in the CLI:  
Warning: SSH version has been set to v2.  
If a banner is configured, the switch does notallow configuration with  
ssh version 1 or ssh version 1-or-2. Attempting to do so produces the  
following error message in the CLI:  
Banner has to be disabled first.  
If a banner is enabled on the switch, the WebAgent displays the  
following link to the banner page:  
Notice to all users  
1-8  
   
Getting Started  
Login Banners  
User-Configurable Banner Message after  
Authentication  
A text message that has been configured with the banner motd command  
displays with the authentication prompt when a user opens a console, telnet,  
SSH, or WebAgent session.  
The exec option of the banner command allows a user-configurable message  
to be displayed after the user has been authenticated. If there is no password  
on the switch, the exec banner message displays immediately.  
Syntax: [no] banner exec <ASCII-string>  
Sets the exec banner text. Text canbe multiple lines up to 3070  
characters, and can consist of any printable character except  
the tilde (~) and the delimiting character.  
<ASCII-string>: The text must end with a delimiting character,  
which can be any single character except the tilde (~)  
character.  
The no version of the command removes the banner exec text.  
HP Switch(config)# banner exec &  
Enter TEXT message. End with the character &  
This is Switch A in the language lab &  
Figure 1-6. Example of the banner exec Command  
To display the status and text for the exec banner configuration, use the show  
banner exec command.  
HP Switch(config)# show banner exec  
Banner Information  
Banner Status: Enabled  
Configured Banner:  
This is Switch A in the language lab  
Figure 1-7. Example Displaying Exec Banner Configuration  
1-9  
     
Getting Started  
Login Banners  
Banner MOTD Command with  
Non-Interactive Mode  
The use of escape characters allows the banner motd command to be used in  
non-interactive mode for multiple message lines. In non-interactive mode, you  
can create a banner message enclosed in double quotes or other delimiter that  
uses escape characters within the delimiters. Other existing CLI commands  
do not support the escape characters. For more information on interactive  
and non-interactive mode, see “CLI Interactive Commands” on page 3-17 in  
this guide.  
The following escape characters are supported:  
\”  
\’  
double q  
single quote  
forward quote  
backslash  
\`  
\\  
\f  
form feed  
\n  
\r  
\t  
newline  
carriage return  
horizontal tab  
vertical tab  
\v  
HP Switch(config)# banner motd "You can use the \’banner motd\’ CLI command in  
non-interactive mode.\n\n\tThe banner motd command will support escape charac-  
ters."  
HP Switch(config)# show banner motd  
Banner Information  
Banner status: Enabled  
Configured Banner:  
You can use the ‘banner motd’ CLI command in non-interactive mode.  
The banner motd command will support escape characters.”  
Figure 1-8. Example of Configuring the Banner Message Using Escape Characters Within Double Quote  
Delimiters  
1-10  
   
Getting Started  
Login Banners  
The running configuration file contains the banner message as entered in the  
command line.  
HP Switch(config)# show running-config  
Running configuration:  
;J8693A Configuration Editor; Created on release #K.15.05.0002  
;Ver #01:01:00  
hostname ‘HP Switch’  
vlan 1  
name “DEFAULT_VLAN”  
untagged 1-48, a1-a4  
ip address dhcp-bootp  
exit  
banner motd “You can use the \’banner motd\’ CLI command in non-interactive  
mode.\n\n\tThe banner motd command will support escape characters."  
Figure 1-9. Example of the Running Config File with Banner MOTD Configured in Non-interactive Mode  
You can use a delimiting character other than quotes as well, as shown in  
Figure 1-10.  
HP Switch(config)# banner motd #  
Ehter TEXT message. End with the character ‘#’  
You can use the \’banner motd\’ CLI command in non-interactive mode.\n\n\tThe  
banner motd command will support escape characters.#  
Figure 1-10. Example of Configuring the Banner Message Using an Alternate Delimiter of ‘#’  
1-11  
Getting Started  
Login Banners  
1-12  
2
Using the Menu Interface  
Overview  
This chapter describes the following features:  
Overview of the Menu Interface (page 2-1)  
Starting and ending a Menu session (page 2-2)  
The Main Menu (page 2-6)  
Screen structure and navigation (page 2-8)  
Rebooting the switch (page 2-11)  
The menu interface operates through the switch console to provide you with  
a subset of switch commands in an easy-to-use menu format enabling you to:  
Perform a “quick configuration” of basic parameters, such as the IP  
addressing needed to provide management access through your network  
Configure these features:  
• Manager and Operator  
passwords  
• A network monitoring port  
• SNMP community names  
• IP authorized managers  
• System parameters  
• IP addressing  
• Time protocol  
• Ports  
• VLANs (Virtual LANs) and GVRP  
• Trunk groups  
View status, counters, and Event Log information  
Update switch software  
Reboot the switch  
For a detailed list of menu features, see the “Menu Features List” on page 2-13.  
Privilege Levels and Password Security. HP strongly recommends that  
you configure a Manager password to help prevent unauthorized access to  
your network. A Manager passwordgrantsfull read-write access to the switch.  
An Operator password, if configured, grants access to status and counter,  
Event Log, and the Operator level in the CLI. After you configure passwords  
on the switch and log off of the interface, access to the menu interface (and  
2-1  
         
Using the Menu Interface  
Starting and Ending a Menu Session  
the CLI and web browser interface) will require entry of either the Manager  
or Operator password. (If the switch has only a Manager password, then  
someone without a password can still gain read-only access.)  
N o t e  
If the switch has neither a Manager nor an Operator password, anyone  
having access to the console interface can operate the console with full  
manager privileges. Also, if you configure only an Operator password,  
entering the Operator password enables full manager privileges.  
For more information on passwords, refer to the Access Security Guide for  
your switch.  
The menu interface displays the current running-config parameter set-  
tings. You can use the menu interface to save configuration changes made  
in the CLI only if the CLI changes are in the running config when you save  
changes made in the menu interface. (For more on how switch memory  
manages configuration changes, see Chapter 5, “Switch Memory and  
Configuration”.)  
A configuration change made through any switch interface overwrites  
earlier changes made through any other interface.  
The Menu Interface and the CLI (Command Line Interface) both use the  
switch console. To enter the menu from the CLI, use the menu command.  
To enter the CLI from the Menu interface, select Command Line (CLI) option.)  
Starting and Ending a Menu Session  
You can access the menu interface using any of the following:  
A direct serial connection to the switch’s console port, as described in the  
installation guide you received with the switch  
A Telnet connection to the switch console from a networked PC or the  
switch’s web browser interface. Telnet requires that an IP address and  
subnet mask compatible with your network have already been configured  
on the switch.  
2-2  
 
Using the Menu Interface  
Starting and Ending a Menu Session  
N o t e  
This section assumes that either a terminal device is already configured and  
connected to the switch (see the Installation and Getting Started Guide  
shipped with your switch) or that you have already configured an IP address  
on the switch (required for Telnet access).  
How To Start a Menu Interface Session  
In its factory default configuration, the switch console starts with the CLI  
prompt. To use the menu interface with Manager privileges, go to the Manager  
level prompt and enter the menu command.  
1. Use one of these methods to connect to the switch:  
A PC terminal emulator or terminal  
Telnet  
2. Do one of the following:  
If you are using Telnet, go to step 3.  
If you are using a PC terminal emulator or a terminal, press [Enter] one  
or more times until a prompt appears.  
3. When the switch screen appears, do one of the following:  
If a password has been configured, the password prompt appears.  
Password: _  
Type the Manager password and press [Enter]. Entering the Manager  
password gives you manager-level access to the switch. (Entering the  
Operator password gives you operator-level access to the switch.  
Refer to the Access Security Guide for your switch.)  
If no password has been configured, the CLI prompt appears. Go to  
the next step.  
4. When the CLI prompt appears, display the Menu interface by entering the  
menu command. For example:  
HP Switch# menu[Enter]  
results in the following display:  
2-3  
       
Using the Menu Interface  
Starting and Ending a Menu Session  
Figure 2-1. Example of the Main Menu with Manager Privileges  
For a description of Main Menu features, see “Main Menu Features” on page  
2-6.  
N o t e  
To configure the switch to start with the menu interface instead of the CLI, go  
to the Manager level prompt in the CLI, enter the setup command, and in the  
resulting display, change the Logon Default parameter to Menu. For more infor-  
mation, see the Installation and Getting Started Guide you received with the  
switch.  
How To End a Menu Session and Exit from the Console:  
The method for ending a menu session and exiting from the console depends  
on whether, during the session, you made any changes to the switch configu-  
ration that require a switch reboot to activate. (Most changes via the menu  
interface need only a Save, and do not require a switch reboot.) Configuration  
changes needing a reboot are marked with an asterisk (*) next to the config-  
ured item in the menu and also next to the Switch Configuration item in the  
Main Menu.  
2-4  
   
Using the Menu Interface  
Starting and Ending a Menu Session  
Asterisk indicates a  
configuration change  
that requires a reboot  
to activate.  
Figure 2-2. Example Indication of a Configuration Change Requiring a Reboot  
1. In the current session, if you have not made configuration changes that  
require a switch reboot to activate, return to the Main Menu and press [0]  
(zero) to log out. Then just exit from the terminal program, turn off the  
terminal, or quit the Telnet session.  
2. If you have made configuration changes that require a switch reboot—  
thatis, if anasterisk(*)appearsnexttoaconfigureditemornexttoSwitch  
Configuration in the Main Menu:  
b. Press [6] to select Reboot Switch and follow the instructions on the  
reboot screen.  
Rebooting the switch terminates the menu session, and, if you are using  
Telnet, disconnects the Telnet session.  
(See “Rebooting To Activate Configuration Changes” on page 2-12.)  
3. Exit from the terminal program, turn off the terminal, or close the Telnet  
application program.  
2-5  
Using the Menu Interface  
Main Menu Features  
Main Menu Features  
Figure 2-3. The Main Menu View with Manager Privileges  
The Main Menu gives you access to these Menu interface features:  
Status and Counters: Provides access to display screens showing  
switch information, port status and counters, and port and VLAN address  
tables. (See Appendix B, “Monitoring and Analyzing Switch Operation” in  
the Management and Configuration Guide for your switch.)  
Switch Configuration: Provides access to configuration screens for  
displaying and changing the current configuration settings. (See the Con-  
tents listing at the front of this manual.) For a listing of features and  
parameters configurable through the menu interface, see the “Menu Fea-  
tures List” on page 2-13. For an index of the features covered in the  
software manuals for your switch, see the “Software Feature Index” in the  
Management and Configuration Guide for your switch.  
Console Passwords: Provides access to the screen used to set or change  
Manager-level and Operator-level passwords, and to delete Manager and  
Operator password protection. (Refer to the chapter on configuring user-  
names and passwords in the Access Security Guide for your switch.)  
2-6  
         
Using the Menu Interface  
Main Menu Features  
Event Log: Enables you to read progress and error messages that are  
useful for checking and troubleshooting switch operation. (See Appendix  
C, “Using the Event Log for Troubleshooting Switch Problems” in the  
Management and Configuration Guide for your switch.)  
Command Line (CLI): Selects the Command Line Interface at the same  
level (Manager or Operator) that you are accessing in the Menu interface.  
(Refer to Chapter 3, “Using the Command Line Interface (CLI)”.)  
Reboot Switch: Performs a “warm” reboot of the switch, which clears  
most temporary error conditions, resets the network activity counters to  
zero, and resets the system up-time to zero. A reboot is required to activate  
a change in the VLAN Support parameter. (See “Rebooting from the Menu  
Interface” on page 5-18.)  
Download OS: Enables you to download a new switch software version  
to the switch. (See Appendix A, “File Transfers” in the Management and  
Configuration Guide for your switch.)  
Run Setup: Displays the Switch Setup screen for quickly configuring  
basic switch parameters such as IP addressing, default gateway, logon  
default interface, and others. (Refer to the Installation and Getting  
Started Guide for your switch.)  
Logout: Closes the Menu interface and console session, and disconnects  
Telnet access to the switch. (See “How to End a Menu Session and Exit  
from the Console” on page 2-4.)  
2-7  
           
Using the Menu Interface  
Screen Structure and Navigation  
Screen Structure and Navigation  
Menu interface screens include these three elements:  
Parameter fields and/or read-only information such as statistics  
Navigation and configuration actions, such as Save, Edit, and Cancel  
Help line to describe navigation options, individual parameters, and read-  
only data  
For example, in the following System Information screen:  
Screentitleidentifies  
the location within the  
menu structure  
Parameter fields  
Help describing each of the  
items in the parameter fields  
Actions line  
Help line  
describing the  
selected action  
or selected  
parameter field  
Navigation instructions  
Figure 2-4. Elements of the Screen Structure  
“Forms” Design. The configuration screens, in particular, operate similarly  
to a number of PC applications that use forms for data entry. When you first  
enter these screens, you see the current configuration for the item you have  
selected. To change the configuration, the basic operation is to:  
1. Press [E] to select the Edit action.  
2. Navigate through the screen making all the necessary configuration  
changes. (See Table 2-1 on page 2-9.)  
3. Press [Enter] to return to the Actions line. From there you can save the  
configuration changes or cancel the changes. Cancel returns the configu-  
ration to the values you saw when you first entered the screen.  
2-8  
           
Using the Menu Interface  
Screen Structure and Navigation  
Table 2-1. How To Navigate in the Menu Interface  
Task:  
Actions:  
Use either of the following methods:  
Execute an action  
from the “Actions –>”  
list at the bottom of  
the screen:  
Use the arrow keys ([<], or [>]) to highlight the action you want  
to execute, then press [Enter].  
Press the key corresponding to the capital letter in the action  
name. For example, in a configuration menu, press [E] to select  
Edit and begin editing parameter values.  
Reconfigure (edit) a  
parameter setting or a  
field:  
1. Select a configuration item, such as System Name. (See figure  
2-4.)  
2. Press [E] (for Edit on the Actions line).  
3. Use [Tab] or the arrow keys ([<], [>], [^], or [v]) to highlight the  
item or field.  
4. Do one of the following:  
If the parameter has preconfigured values, either use the  
Space bar to select a new option or type the first part of your  
selection and the rest of the selection appears automatically.  
(The help line instructs you to “Select” a value.)  
If there are no preconfigured values, type in a value (the Help  
line instructs you to “Enter” a value).  
5. If you want to change another parameter value, return to step 3.  
press [Enter] to return to the Actions line and do one of the  
following:  
To save and activate configuration changes, press [S] (for the  
Save action). This saves the changes in the startup  
configuration and also implements the change in the  
currently running configuration. (See Chapter 5, “Switch  
Memory and Configuration”.)  
To exit from the screen without saving any changes that you  
have made (or if you have not made changes), press [C] (for  
the Cancel action).  
Note: In the menu interface, executing Save activates most  
parameter changes and saves them in the startup configuration  
(or flash) memory, and it is therefore not necessary to reboot the  
switch after making these changes. But if an asterisk appears  
next to any menu item you reconfigure, the switch will not  
activate or save the change for that item until you reboot the  
switch. In this case, rebooting should be done after you have  
made all desired changes and then returned to the Main Menu.  
7. When you finish editing parameters, return to the Main Menu.  
8. If necessary, reboot the switch by highlighting Reboot Switch in  
the Main Menu and pressing [Enter]. (See the Note, above.)  
Exit from a read-only  
screen.  
Press [B] (for the Back action).  
2-9  
             
Using the Menu Interface  
Screen Structure and Navigation  
To get Help on individual parameter descriptions. In most screens  
there is a Help option in the Actions line. Whenever any of the items in the  
Actions line is highlighted, press [H], and a separate help screen is displayed.  
For example:  
Pressing [H] or highlighting Help and  
pressing [Enter] displays Help for the  
parameters listed in the upper part of  
the screen  
Highlightonanyitemin  
the Actions line  
indicates that the  
Actions line is active.  
The Help line provides  
a brief descriptor of  
the highlighted Action  
item or parameter.  
Figure 2-5. Example Showing How To Display Help  
To get Help on the actions or data fields in each screen: Use the arrow  
keys ([<], [>], [^], or [v]) to select an action or data field. The help line under the  
Actions items describes the currently selected action or data field.  
Forguidanceonhowtonavigateinascreen:Seetheinstructionsprovided  
at the bottom of the screen, or refer to “Screen Structure and Navigation” on  
page 2-8.)  
2-10  
   
Using the Menu Interface  
Rebooting the Switch  
Rebooting the Switch  
Rebooting the switch from the menu interface  
Terminates all current sessions and performs a reset of the operating  
system  
Activates any menu interface configuration changes that require a reboot  
Resets statistical counters to zero  
(Note that statistical counters can be reset to zero without rebooting the  
switch.)  
To Reboot the switch, use the Reboot Switch option in the Main Menu. (Note  
that Reboot Switch is not available if you log on in Operator mode; that is, if  
you enter an Operator password instead of a manager password at the  
password prompt.)  
Reboot Switch option  
Figure 2-6. The Reboot Switch Option in the Main Menu  
2-11  
       
Using the Menu Interface  
Rebooting the Switch  
Rebooting To Activate Configuration Changes. Configuration changes  
for most parameters in the menu interface become effective as soon as you  
save them. However, you must reboot the switch in order to implement a  
change in the Maximum VLANs to support parameter. (To access this parameter, go  
to the Main Menu and select:  
2. Switch Configuration  
8. VLAN Menu  
1. VLAN Support.  
If you make configuration changes in the menu interface that require a reboot,  
the switch displays an asterisk (*) next to the menu item in which the change  
has been made. For example, if you change and save the value for the Maximum  
VLANs to support parameter, an asterisk appears next to the VLAN Support entry  
in the VLAN Menu screen, and also next to the Switch Configuration entry in  
the Main Menu.  
Asterisk  
indicates a  
configuration  
change that  
requires a  
reboot in order  
to take effect.  
Reminder to  
reboot the  
switch to  
activate  
configuration  
changes.  
Figure 2-7. Indication of a Configuration Change Requiring a Reboot  
To activate changes indicated by the asterisk, go to the Main Menu and select  
the Reboot Switch option.  
N o t e  
Executing the write memory command in the CLI does not affect pending  
configuration changes indicated by an asterisk in the menu interface. That is,  
only a reboot from the menu interface or a boot or reload command from the  
CLI will activate a pending configuration change indicated by an asterisk.  
2-12  
     
Using the Menu Interface  
Menu Features List  
Menu Features List  
Status and Counters  
General System Information  
Switch Management Address Information  
Port Status  
Port Counters  
Address Table  
Port Address Table  
Switch Configuration  
System Information  
Port/Trunk Settings  
Network Monitoring Port  
IP Configuration  
SNMP Community Names  
IP authorized Managers  
VLAN Menu  
Console Passwords  
Event Log  
Command Line (CLI)  
Reboot Switch  
Download OS (Download Switch Software)  
Run Setup  
Logout  
Port-Level Configuration on HP 3800  
Switches with Stacking Enabled  
When stacking is enabled on an HP 3800 switch, the procedures for configur-  
ingspecificswitchportsarethesameasforHP3800switcheswithoutstacking  
enabled. However, the port designations for the ports in the stack are modi-  
2-13  
     
Using the Menu Interface  
Where To Go From Here  
fied. That is, each port is identified by its switch’s stack member ID followed  
by a slash and then the port number, as it is shown on the switch. For example,  
for a switch with stack member ID 3, port 10 on that switch is identified as  
port 3/10 for CLI command input and output. Entering a CLI command on an  
HP 3800 switch configured for stacking without using the modified port  
designation results in the following message:  
Module not present for port or invalid port  
For more on this topic, see “Interaction with Other Switch Features” in the  
“Stack Management” chapter of the latest Management and Configuration  
Guide for HP 3800 switches.  
Where To Go From Here  
This chapter provides an overview of the menu interface and how to use it.  
The following table indicates where to turn for detailed information on how  
to use the individual features available through the menu interface.  
Option:  
Turn to:  
To use the Run Setup option  
Referto theInstallationandGettingStartedGuide  
shipped with the switch.  
To view and monitor switch status and Appendix B, “Monitoring and Analyzing Switch  
counters  
OperationintheManagementandConfiguration  
Guide for your switch.  
To learn how to configure and use  
passwords and other security features switch.  
To learn how to use the Event Log  
Appendix C, “Using the Event Log for  
Troubleshooting Switch Problems” in the  
Management and Configuration Guide for your  
switch.  
To learn how the CLI operates  
To download switch software  
Chapter 3, “Using the Command Line Interface  
(CLI)”  
Appendix A, “File Transfers” in the Management  
and Configuration Guide for your switch.  
2-14  
   
Using the Menu Interface  
Where To Go From Here  
Option:  
Turn to:  
Chapter 5, “Switch Memory and Configuration”  
For a description of how switch  
memory handles configuration  
changes  
2-15  
Using the Menu Interface  
Where To Go From Here  
2-16  
3
Using the Command Line Interface (CLI)  
Overview  
The CLI is a text-based command interface for configuring and monitoring the  
switch. The CLI gives you access to the switch’s full set of commands while  
providing the same password protection that is used in the web browser  
interface (WebAgent) and the menu interface.  
Accessing the CLI  
Like the menu interface, the CLI is accessed through the switch console, and  
in the switch’s factory default state, is the default interface when you start a  
console session. You can access the console out-of-band by directly connect-  
ing a terminal device to the switch, or in-band by using Telnet either from a  
terminal device or through the WebAgent.  
Also, if you are using the menu interface, you can access the CLI by selecting  
the Command Line (CLI) option in the Main Menu.  
Using the CLI  
The CLI offers these privilege levels to help protect the switch from unauthor-  
ized access:  
1. Operator  
2. Manager  
3. Global Configuration  
4. Context Configuration  
3-1  
               
Using the Command Line Interface (CLI)  
Using the CLI  
N o t e  
CLI commands are not case-sensitive.  
When you use the CLI to make a configuration change, the switch writes the  
change to the Running-Config file in volatile memory. This allows you to test  
your configuration changes before making them permanent. To make changes  
permanent, you must use the write memory command to save them to the  
Startup-Config file in non-volatile memory. If you reboot the switch without  
first using write memory, all changes made since the last reboot or write memory  
(whichever is later) will be lost. For more on switch memory and saving  
configuration changes, see Chapter 5, “Switch Memory and Configuration”.  
Privilege Levels at Logon  
Privilege levels control the type of access to the CLI. To implement this  
control, you must set at least a Manager password. Without a Manager  
password configured, anyone having serial port, Telnet, or web browser  
access to the switch can reach all CLI levels. (For more on setting passwords,  
refertothechapteronusernames andpasswordsinthe AccessSecurityGuide  
for your switch.)  
When you use the CLI to log on to the switch, and passwords are set, you will  
be prompted to enter a password. For example:  
Password Prompt  
Figure 3-1. Example of CLI Log-On Screen with Password(s) Set  
In the above case, you will enter the CLI at the level corresponding to the  
password you provide (operator or manager).  
3-2  
   
Using the Command Line Interface (CLI)  
Using the CLI  
If no passwords are set when you log onto the CLI, you will enter at the  
Manager level. For example:  
HP Switch# _  
C a u t i o n  
HP strongly recommends that you configure a Manager password. If a Man-  
ager password is not configured, then the Manager level is not password-  
protected, and anyone having in-band or out-of-band access to the switch may  
be able to reach the Manager level and compromise switch and network  
security. Note that configuring only an Operator password does not prevent  
access to the Manager level by intruders who have the Operator password.  
Pressing the Clear button on the front of the switch removes password  
protection. For this reason, it is recommended that you protect the switch  
from physical access by unauthorized persons. If you are concerned about  
switch security and operation, you should install the switch in a secure  
location, such as a locked wiring closet.  
Privilege Level Operation  
Operator Privileges  
Manager Privileges  
1. Operator Level  
2. Manager Level  
3. Global Configuration  
4. Context Configuration Level  
Figure 3-2. Access Sequence for Privilege Levels  
Operator Privileges  
At the Operator level you can examine the current configuration and move  
between interfaces without being able to change the configuration. A “>”  
character delimits the Operator-level prompt. For example:  
HP Switch> _  
(Example of the Operator prompt.)  
When using enable to move to the Manager level, the switch prompts you for  
the Manager password if one has already been configured.  
3-3  
       
Using the Command Line Interface (CLI)  
Using the CLI  
Manager Privileges  
Manager privileges give you three additional levels of access: Manager, Global  
Configuration, and Context Configuration. A “#” character delimits any Man-  
ager prompt. For example:  
HP Switch#_  
Example of the Manager prompt.  
Manager level: Provides all Operator level privileges plus the ability to  
perform system-level actions that do not require saving changes to the  
system configuration file. The prompt for the Manager level contains only  
the system name and the “#” delimiter, as shown above. To select this  
level, enter the enable command at the Operator prompt and enter the  
Manager password, when prompted. For example:  
HP Switch> enable  
Password:  
HP Switch# _  
Enter enable at the Operator prompt.  
CLI prompt for the Manager password.  
The Manager prompt appears after the  
correct Manager password is entered.  
Global Configuration level: Provides all Operator and Manager level  
privileges, and enables you to make configuration changes to any of the  
switch’s software features. The prompt for the Global Configuration level  
includes the system name and “(config)”. To select this level, enter the  
config command at the Manager prompt. For example:  
HP Switch# config  
Enter config at the Manager prompt.  
HP Switch(config)#_The Global Config prompt.  
Context Configuration level: Provides all Operator and Manager priv-  
ileges, and enables you to make configuration changes in a specific  
context, such as one or more ports or a VLAN. The prompt for the Context  
Configuration level includes the system name and the selected context.  
For example:  
HP Switch(eth-1)#  
HP Switch(vlan-10)#  
The Context level is useful, for example, for executing several commands  
directed at the same port or VLAN, or if you want to shorten the command  
strings for a specific context area. To select this level, enter the specific  
context at the Global Configuration level prompt. For example, to select  
the context level for an existing VLAN with the VLAN ID of 10, you would  
enter the following command and see the indicated result:  
HP Switch(config)# vlan 10  
HP Switch(vlan-10)#  
3-4  
           
Using the Command Line Interface (CLI)  
Using the CLI  
Table 3-1. Privilege Level Hierarchy  
Privilege  
Level  
Example of Prompt and Permitted Operations  
Operator Privilege  
Operator Level HP Switch>  
show < command >  
View status and configuration information.  
Perform connectivity tests.  
setup  
ping < argument >  
link-test < argument >  
enable  
Move from the Operator level to the  
Manager level.  
menu  
logout  
exit  
Move from the CLI interface to the menu  
interface.  
Exit from the CLI interface and terminate the  
console session.  
Terminate the current session (same as  
logout).  
Manager Privilege  
Manager Level HP Switch#  
Perform system-level actions such as  
system control, monitoring, and diagnostic  
commands, plus any of the Operator-level  
commands. Foralistofavailablecommands,  
enter ? at the prompt.  
Global  
Configuration  
Level  
HP Switch(config)#  
Execute configuration commands, plus all  
Operator and Manager commands. For a list  
of available commands, enter ? at the  
prompt.  
Context  
HP Switch(eth-5)#  
Configuration HP Switch(vlan-100)#  
Execute context-specific configuration  
commands, such as a particular VLAN or  
switch port. This is useful for shortening the  
command strings you type, and for entering  
a series of commands for the same context.  
For a list of available commands, enter ? at  
the prompt.  
Level  
3-5  
     
Using the Command Line Interface (CLI)  
Using the CLI  
How To Move Between Levels  
Change in Levels  
Example of Prompt, Command, and Result  
Operator level  
to  
Manager level  
HP Switch> enable  
Password:_  
After you enter enable, the Password  
prompt appears. After you enter the  
Manager password, the system prompt  
appears with the # symbol:  
HP Switch#_  
Manager level  
HP Switch# config  
HP Switch(config)#  
to  
Global configuration  
level  
Global configuration  
HP Switch(config)# vlan 10  
HP Switch(vlan-10)#  
level  
to a  
Context configuration  
level  
Context configuration  
level  
HP Switch(vlan-10)# interface e 3  
HP Switch(int-3)#  
to another  
Context configuration  
level  
The CLI accepts “e” as the abbreviated  
form of “ethernet”.  
Move from any level  
to the preceding level  
HP Switch(int-3)# exit  
HP Switch(config)# exit  
HP Switch# exit  
HP Switch>  
Move from any level HP Switch(int-3)# end  
to the Manager level HP Switch#  
—or—  
HP Switch(config)# end  
HP Switch#  
Moving Between the CLI and the Menu Interface. When moving  
between interfaces, the switch retains the current privilege level (Manager or  
Operator). That is, if you are at the Operator level in the menu and select the  
Command Line Interface (CLI) option from the Main Menu, the CLI prompt  
appears at the Operator level.  
Changing Parameter Settings. Regardless of which interface is used (CLI,  
menu interface, or WebAgent), the most recently configured version of a  
parameter setting overrides any earlier settings for that parameter. For exam-  
3-6  
   
Using the Command Line Interface (CLI)  
Using the CLI  
ple, if you use the menu interface to configure an IP address of “X” for VLAN  
1 and later use the CLI to configure a different IP address of “Y” for VLAN 1,  
then “Y” replaces “X” as the IP address for VLAN 1 in the running-config file.  
If you subsequently execute write memory in the CLI, then the switch also  
stores “Y” as the IP address for VLAN 1 in the startup-config file. (For more  
on the startup-config and running config files, see Chapter 5, “Switch Memory  
and Configuration”.)  
Listing Commands and Command Options  
At any privilege level you can:  
List all of the commands available at that level  
List the options for a specific command  
Listing Commands Available at Any Privilege Level  
At a given privilege level you can list and execute the commands that level  
offers, plus all of the commands available at preceding levels. For example,  
at the Operator level, you can list and execute only the Operator level com-  
mands. However, at the Manager level, you can list and execute the commands  
available at both the Operator and Manager levels.  
Type “?” To List Available Commands. 1.Typing the ? symbol lists the  
commands you can execute at the current privilege level. For example,  
typing ? at the Operator level produces this listing:  
HP Switch> ?  
enable  
exit  
link-test  
logout  
menu  
ping  
show  
traceroute  
HP Switch>  
Figure 3-3. Example of the Operator Level Command Listing  
3-7  
     
Using the Command Line Interface (CLI)  
Using the CLI  
Typing ? at the Manager level produces this listing:  
HP Switch# ?  
boot  
clear  
Reboot the device.  
Clear table/statistics or authorized client public  
keys.  
configure  
copy  
debug  
end  
erase  
getMIB  
Enter the Configuration context.  
Copy datafiles to/from the switch.  
Enable/disable debug logging.  
Return to the Manager Exec context.  
Erase stored data files.  
Retrieve and display the value of the MIB objects  
specified.  
kill  
licenses  
log  
Kill other active console, telnet, or ssh sessions.  
Manage premium features.  
Display log events.  
print  
Execute a command and redirect its output to the device  
channel for current session.  
redo  
Re-execute a command from history.  
Redundancy configuration for management modules.  
Warm reboot of the switch.  
Change the name of the configuration OLDNAME to  
NEWNAME.  
redundancy  
reload  
rename  
repeat  
services  
Repeat execution of a previous command.  
Display parameters for the services module or change  
--MORE -- next page: Space, next line: Enter, quit: Control-C  
When - - MORE - - appears, use the Space  
bar or [Return] to list additional commands.  
Figure 3-4. Example of the Manager-Level Command Listing  
When - - MORE - - appears, there are more commands in the listing. To list the  
next screenfull of commands, press the Space bar. To list the remaining  
commands one-by-one, repeatedly press [Enter].  
Typing ? at the Global Configuration level or the Context Configuration level  
produces similar results.  
Use [Tab] To Search for or Complete a Command Word. You can use  
[Tab] to help you find CLI commands or to quickly complete the current word  
in a command. To do so, type one or more consecutive characters in a  
command and then press [Tab] (with no spaces allowed). For example, at the  
Global Configuration level, if you press [Tab] immediately after typing “t”, the  
CLI displays the available command options that begin with “t”. For example:  
HP Switch(config)# t [Tab]  
tacacs-server  
telnet-server  
3-8  
 
Using the Command Line Interface (CLI)  
Using the CLI  
time  
timesync  
trunk  
telnet  
terminal  
traceroute  
HP Switch(config)# t  
As mentioned above, if you type part of a command word and press [Tab], the  
CLI completes the current word (if you have typed enough of the word for the  
CLI to distinguish it from other possibilities), including hyphenated exten-  
sions. For example:  
HP Switch(config)# port-[Tab]  
HP Switch(config)# port-security _  
Pressing [Tab] after a completed command word lists the further options for  
that command.  
HP Switch(config)# qos [Tab]  
udp-portSet UDP port based priority.  
tcp-portSet TCP port based priority.  
device-priorityConfigure device-based priority.  
dscp-mapDefine mapping between a DSCP  
(Differentiated-Services Codepoint)  
value and 802.1p priority.  
type-of-serviceConfigure the Type-of-Service  
method the device uses to  
prioritize IP traffic.  
Listing Command Options  
You can use the CLI to remind you of the options available for a command by  
entering command keywords followed by ?. For example, suppose you want  
to see the command options for configuring the console settings:  
3-9  
 
Using the Command Line Interface (CLI)  
Using the CLI  
This example displays the command options  
for configuring the switch’s console settings.  
HP Switch(config)# console  
baud-rate  
Set the data transmission speed for the device connect  
sessions initiated through the Console port.  
Set level of the events displayed in the device's Events  
Log.  
events  
flow-control  
inactivity-timer  
Set the Flow Control Method; default is xon-xoff.  
Set the number of minutes of no activity detected on the  
Console port before the switch terminates a  
communication session.  
local-terminal  
screen-refresh  
terminal  
Set type of terminal being used for the current console  
or telnet session (default is vt100).  
Set refresh time for menu status and counters in  
seconds.  
Set type of terminal being used for all console and  
telnet sessions (default is vt100).  
Figure 3-5. Example of How To List the Options for a Specific Command  
Displaying CLI “Help”  
CLI Help provides two types of context-sensitive information:  
Command list with a brief summary of each command’s purpose  
Detailed information on how to use individual commands  
Displaying Command-List Help.  
Syntax: help  
Displays a listing of command Help summaries for all  
commands available at the current privilege level. That is, at  
theOperatorlevel,executinghelp displaystheHelpsummaries  
only for Operator-Level commands. At the Manager level,  
executing help displays the Help summaries for both the  
Operator and Manager levels, and so on.  
For example, to list the Operator-Level commands with their purposes:  
3-10  
   
Using the Command Line Interface (CLI)  
Using the CLI  
HP Switch> help  
enable  
exit  
Enter the Manager Exec context.  
Return to the previous context or terminate current  
console/telnet session if you are in the Operator  
context level.  
link-test  
logout  
Test the connection to a MAC address on the LAN  
Terminate this console/telnet session.  
.
.
.
Figure 3-6. Example of Context-Sensitive Command-List Help  
Displaying Help for an Individual Command.  
Syntax: < command-string > help  
This option displays Help for any command available at the  
current context level.  
For example, to list the Help for the interface command in the Global Config-  
uration privilege level:  
HP Switch(config)# interface help  
Usage: [no] interface < [ethernet] PORT-LIST [...] | loopback <num> >  
Description: Enter the Interface Configuration Level, or execute one  
command for that level. Without optional parameters  
specified, the 'interface' command changes the context to  
the Interface Configuration Context Level for execution of  
configuration changes to the port or ports in the PORT-LIST  
or with loopback keywork it will change context to loopback  
mode. Use 'interface ?' to get a list of all valid commands.  
Figure 3-7. Example of How To Display Help for a Specific Command  
Note that trying to list the help for an individual command from a privilege  
level that does not include that command results in an error message. For  
example, trying to list the help for the interface command while at the global  
configuration level produces this result:  
HP Switch# speed-duplex help  
Invalid input: speed-duplex  
3-11  
Using the Command Line Interface (CLI)  
Using the CLI  
Configuration Commands and the Context  
Configuration Modes  
You can execute any configuration command in the global configuration mode  
or in selected context modes. However, using a context mode enables you to  
execute context-specific commands faster, with shorter command strings.  
The switch offers interface (port or trunk group) and VLAN context configu-  
ration modes:  
Port or Trunk-Group Context. Includesport-ortrunk-specificcommands  
that apply only to the selected port(s) or trunk group, plus the global config-  
uration, Manager, and Operator commands. The prompt for this mode  
includes the identity of the selected port(s):  
HP Switch(config)# interface c3-c6  
HP Switch(eth-C5-C8)#  
HP Switch(config)# interface trk1  
HP Switch(eth-Trk1)#  
Commands executed at configuration level for entering port and  
trk1 static trunk-group contexts, and resulting prompts showing  
port or static trunk contexts..  
HP Switch(eth-C5-C8)#  
HP Switch(eth-Trk1)#  
HP Switch(eth-C5-C8)# ?  
HP Switch(eth-C5-C8)# ?  
Lists the commands you can use in the port or static trunk context,  
plus the Manager, Operator, and context commands you can exe-  
cute at this level.  
3-12  
   
Using the Command Line Interface (CLI)  
Using the CLI  
In the port context, the first block of commands in the “?”  
listing show the context-specific commands that will affect  
only ports C3-C6.  
HP-Switch(eth-C3-C6)# ?  
arp-protect  
bandwidth-min  
Configure the port as trusted or untrusted.  
Enable/disable and configure guaranteed minimum  
bandwidth settings for outgoing traffic on the port(s).  
Set a broadcast traffic percentage limit.  
Configure the port as trusted or untrusted.  
Disable port(s).  
broadcast-limit  
dhcp-snooping  
disable  
enable  
Enable port(s).  
energy-efficient-e... Enables or disables EEE on each port in the port list.  
flow-control  
Enable/disable flow control negotiation on the port(s)  
during link establishment.  
gvrp  
ip  
Set the GVRP timers on the port (hundredths of a  
second).  
Apply the specified access control list to inbound  
packets on this INTERFACE list.  
ipv6  
lacp  
Configure various IPv6 parameters for the VLAN.  
Define whether LACP is enabled on the port, and whether  
it is in active or passive mode when enabled.  
...  
class  
interface  
Create a classifier class and enter the class context.  
Enter the Interface Configuration Level, or execute one  
command for that level.  
policy  
...  
Create a classifier policy and enter the policy  
context.  
The remaining commands in the listing are Manager,  
Operator, and context commands.  
Figure 3-8. Context-Specific Commands Affecting Port Context  
3-13  
Using the Command Line Interface (CLI)  
Using the CLI  
VLAN Context . Includes VLAN-specific commands that apply only to the  
selected VLAN, plus Manager and Operator commands. The prompt for this  
mode includes the VLAN ID of the selected VLAN. For example, if you had  
already configured a VLAN with an ID of 100 in the switch:  
HP Switch(config)# vlan 100  
Command executed at configuration level to enter VLAN 100 context.  
HP Switch(vlan-100)#  
Resulting prompt showing VLAN 100 context.  
HP Switch(vlan-100)# ?  
Lists commands you can use in the VLAN context, plus Manager,  
Operator, and context commands you can execute at this level.  
3-14  
   
Using the Command Line Interface (CLI)  
Using the CLI  
In the VLAN context, the first block of commands in the “?” listing show the  
commands that will affect only vlan-100.  
HP Switch(vlan-100)#  
connection-rate-fi... Re-enables access to a host or set of hosts that has  
been previously blocked by the connection rate filter.  
dhcp-snooping  
disable  
forbid  
Enable/Disable various features on the switch.  
Prevent ports from becoming a member of the current  
VLAN.  
igmp-proxy  
ip  
Associate an IGMP proxy domain with a VLAN.  
Configure various IP parameters for the VLAN.  
ip-recv-mac-address Associates a L3-mac-address with a VLAN.  
ipv6  
jumbo  
Configure various IPv6 parameters for the VLAN.  
Labels this VLAN as a Jumbo VLAN, allowing you to pass  
packets up to 9216 bytes in size.  
monitor  
name  
protocol  
qos  
Define either the VLAN is to be monitored or not.  
Set the VLAN's name.  
Set a predefined protocol for the current VLAN.  
Set VLAN-based priority.  
service-policy  
tagged  
untagged  
voice  
Apply the QoS/Mirror policy on the vlan.  
Assign ports to current VLAN as tagged.  
Assign ports to current VLAN as untagged.  
Labels this VLAN as a Voice VLAN, allowing you to  
separate, prioritize, and authenticate voice traffic  
moving through your network.  
vrrp  
Enable/disable/configure VRRP operation on the VLAN.  
class  
interface  
Create a classifier class and enter the class context.  
Enter the Interface Configuration Level, or execute one  
command for that level.  
policy  
...  
Create a classifier policy and enter the policy  
context.  
The remaining commands in the listing are Manager, Operator, and  
context commands.  
Figure 3-9. Context-Specific Commands Affecting VLAN Context  
3-15  
Using the Command Line Interface (CLI)  
Return Message Types with CLI Commands  
Return Message Types with CLI  
Commands  
When a CLI command returns a message, that message is now prefixed with  
a category describing the type, as follows:  
Error  
Warning  
Information  
Syntax: session show-message-type [enable | disable]  
When enabled, the CLI return messages are prefixed with  
string that indicates the type of message. Entered at the  
manager level.  
The disable option disables prefixing returned messages for  
the session for which this command is executed.  
Note: This setting is not saved when the switch is rebooted.  
Default: Disabled on all CLI sessions  
HP Switch(config)# router rip  
Error: IP Routing support must be enabled first.  
HP Switch(config)# qinq mixed vlan  
Warning: This command will reboot the device. Any prior configuration on this  
configfilewillbeerasedandthedevicewillbootupwithadefaultconfiguration  
for the new qinq mode.  
Do you want to continue [y/n]? n  
HP Switch(config)# snmp-server mib hpSwitchAuthMIB included  
Information: For security reasons, network administrators are encouraged to  
disable SNMPv2 before using the MIB.  
Figure 3-10. Examples of Message Prefixes  
To determine if message labeling is enabled, enter the show session command.  
3-16  
     
Using the Command Line Interface (CLI)  
CLI Interactive Commands  
HP Switch(config)# show session  
Show Message Type: Enabled  
CLI Interactive Mode: Enabled  
Figure 3-11. Example Showing the label cli-return-message Command is Enabled  
CLI Interactive Commands  
When the CLI interactive command mode is enabled, you must explicitly enter  
the choice of yes (y) or no (n) for interactive commands. When interactive  
command mode is disabled, the default choice for all command is yes, except  
as noted below. The CLI interactive mode command enables or disables  
interactive mode for the CLI session.  
Syntax: session interactive-mode [enable | disable]  
Enables or disables interactive mode for the CLI session.  
The disable option disables interactive mode. The default  
choice for yes/no interactive commands will be yes except for  
commands when there is a prompt to save the config. The  
default for that is no.  
The default choice for rebooting the switch is yes.  
Note: This setting is not saved when the switch is rebooted.  
Default: Enabled on all sessions.  
HP Switch(config)# no password all  
Password protection for all will be deleted, continue [y/n]? y  
Default choice is yes.  
HP Switch(config)# boot system flash secondary  
System will be rebooted from secondary image. Do you want to continue [y/n]? y  
Do you want to save current configuration [y/n]? n  
Default choice for reboot is yes. Default choice for saving the current configuration is no.  
Figure 3-12. Example of CLI Interactive Mode When Disabled  
3-17  
       
Using the Command Line Interface (CLI)  
CLI Interactive Commands  
To determine if the CLI interactive mode is enabled or disabled, enter the show  
session command.  
HP Switch(config)# show session  
Show Message Type: Enabled  
CLI Interactive Mode: Enabled  
Figure 3-13. Example Showing CLI Interactive Mode is Enabled  
Interactive Commands Requiring Additional Options  
Interactive commands that require input other than yes or no are not affected  
when CLI interactive mode is disabled. A warning message is displayed when  
these commands are executed, for example:  
Interactive mode is disabled; This command will be  
ignored. Enable cli-interactive-mode to use this  
command.  
The following commands will issue this warning when interactive mode is  
disabled. An alternate way to enter the command (when one is available) is  
shown.  
Command  
Non-Interactive Alternate Command  
setup mgmt-interfaces  
No equivalent non-interactive command  
aaa port-access supplicant <port-list> secret  
password manager  
aaa port-access supplicant <port-list> secret <secret-string>  
password manager plaintext <password-string>  
password operator  
password operator plaintext <password-string>  
aaa port-access supplicant <port-list> secret  
crypto host-cert generate self-signed  
aaa port-access supplicant <port-list> secret <secret-string>  
crypto host-cert generate self-signed <start-date> <end-date>  
<CNAME-STR> <ORG-UNIT-STR> <ORGANIZATION-STR>  
<CITY-STR> <STATE-STR> <code>  
3-18  
   
Using the Command Line Interface (CLI)  
CLI Interactive Commands  
Menu Commands  
When CLI interactive mode is disabled, all CLI commands that launch the  
menu interface will not be affected by the interactive mode. A warning  
message is displayed, for example:  
HP Switch(config)# menu  
Interactive mode is disabled; This command will be  
ignored. Enable cli-interactive-mode to use this  
command.  
Other menu-based commands that will not be affected are:  
setup  
show interfaces display  
SNMPv3 Special Cases  
The following are special cases when using SNMPv3 with interactive mode.  
snmpv3 user: In interactive mode, the command snmpv3 user will create  
snmpv3 users, even if snmpv3 has not been enabled.  
snmpv3 enable: When interactive mode is disabled, this command only  
enablessnmpv3. Itdoesnotpromptforanauthenticationpassword. When  
the command is first executed, a default initial user is created. A message  
displays:  
User ‘initial’ has been created.  
Banner MOTD Command with Non-Interactive Mode  
The use of escape characters allows the banner motd command to be used in  
non-interactive mode for multiple message lines. In non-interactive mode, you  
can create a banner message enclosed in double quotes or other delimiter that  
uses escape characters within the delimiters. Other existing CLI commands  
do not support the escape characters.  
The following escape characters are supported:  
\”  
\’  
double q  
single quote  
forward quote  
\`  
3-19  
         
Using the Command Line Interface (CLI)  
CLI Interactive Commands  
\\  
backslash  
\f  
form feed  
\n  
\r  
\t  
newline  
carriage return  
horizontal tab  
vertical tab  
\v  
HP Switch(config)# banner motd "You can use the \’banner motd\’ CLI command in  
non-interactive mode.\n\n\tThe banner motd command will support escape charac-  
ters."  
HP Switch(config)# show banner motd  
Banner Information  
Banner status: Enabled  
Configured Banner:  
You can use the ‘banner motd’ CLI command in non-interactive mode.  
The banner motd command will support escape characters.”  
Figure 3-14. Example of Configuring the Banner Message Using Escape Characters Within Double Quote  
Delimiters  
The running configuration file contains the banner message as entered in the  
command line.  
3-20  
 
Using the Command Line Interface (CLI)  
CLI Interactive Commands  
HP Switch(config)# show running-config  
Running configuration:  
;J8693A Configuration Editor; Created on release #K.15.02.xxxx  
hostname “HP Switch”  
vlan 1  
name “DEFAULT_VLAN”  
untagged 1-48, a1-a4  
ip address dhcp-bootp  
exit  
banner motd “You can use the \’banner motd\’ CLI command in non-interactive  
mode.\n\n\tThe banner motd command will support escape characters."  
Figure 3-15. Example of the Running Config File with Banner MOTD Configured in Non-interactive Mode  
You can use a delimiting character other than quotes as well, as shown in  
Figure 3-16.  
HP Switch(config)# banner motd #  
Enter TEXT message. End with the character ‘#’  
You can use the \’banner motd\’ CLI command in non-interactive mode.\n\n\tThe  
banner motd command will support escape characters.#  
Figure 3-16. Example of Configuring the Banner Message Using an Alternate Delimiter of ‘#’  
3-21  
Using the Command Line Interface (CLI)  
CLI Control and Editing  
CLI Control and Editing  
Executing a Prior Command—Redo  
The redo command executes a prior command in the history list.  
Syntax: redo [number | command-str]  
Re-executes a command from history. Executes the last  
command by default.  
number: The position of the command to execute in the history  
th  
list. When number is specified, the n command starting from  
the most recent command in the history is executed.  
command-str: When command-str is specified, the most recent  
command whose name matches the specified string is  
executed.  
HP Switch(config)# show history  
2
1
show arp  
show flash  
Executes the show arp command again.  
HP Switch(config)# redo 2  
IP ARP table  
IP Address  
--------------- ----------------- ------- ----  
15.255.128.1 00000c-07ac00 dynamic A11  
MAC Address  
Type  
Port  
Figure 3-17. Example of the redo Command  
3-22  
         
Using the Command Line Interface (CLI)  
CLI Control and Editing  
Repeating Execution of a Command  
The repeat command executes a previous command in the history list.  
Syntax: repeat [cmdlist] [count] [delay]  
Repeats execution of a previous command. Repeats the last  
command by default until a key is pressed.  
cmdlist: If a number or range of numbers is specified, the  
th  
command repeats the n most recent commands (where “n”  
is the position in the history list).  
count: Repeats the command for the number of times specified.  
delay: The command repeats execution after a delay for the  
number of seconds specified.  
For example:  
HP Switch(config)# repeat 1-4,7-8,10 count 2 delay 3  
3-23  
     
Using the Command Line Interface (CLI)  
CLI Control and Editing  
HP Switch(config)# show history  
3
2
1
show ver  
show ip  
show arp  
HP Switch(config)# repeat 1-2  
IP ARP table  
Repeats the show arp and show ip commands.  
IP Address  
MAC Address  
Type  
Port  
--------------- ----------------- ------- ----  
15.255.128.1  
000000-000000  
dynamic  
Internet (IP) Service  
IP Routing : Disabled  
Default Gateway :  
Default TTL  
Arp Age  
: 64  
: 20  
Domain Suffix :  
DNS server  
:
VLAN  
| IP Config IP Address  
Subnet Mask  
Proxy ARP  
-------------------- + ---------- --------------- --------------- ---------  
DEFAULT_VLAN  
| DHCP/Bootp 15.255.131.90 255.255.248.0 No No  
Figure 3-18. Example of repeat Command Using a Range  
Using a Command Alias  
You can create a simple command alias to use in place of a command name  
and its options. Choose an alias name that is not an existing CLI command  
already. Existing CLI commands are searched before looking for an alias  
command; an alias that is identical to an existing command will not be  
executed.  
The alias command is executed from the current configuration context (oper-  
ator, manager, or global). If the command that is aliased has to be executed in  
the global configuration context, you must execute the alias for that command  
in the global configuration context as well. This prevents bypassing the  
security in place for a particular context.  
3-24  
     
Using the Command Line Interface (CLI)  
CLI Control and Editing  
HP recommends that you configure no more than 128 aliases.  
Syntax: [no] alias <name> <command>  
Creates a shortcut alias name to use in place of a commonly  
used command. The alias command is executed from the  
current config context.  
name: Specifies the new command name to use to simplify  
keystrokes and aid memory.  
command: Specifies an existing command to be aliased. The  
command must be enclosed in quotes.  
Use the no form of the command to remove the alias.  
For example, if you use the show interface custom command to specify the  
output, you can configure an alias for the command to simplify execution. It  
is recommended that you use an alias that does not have an existing tab  
completion in the CLI. For example, using an alias that starts with “show” or  
“int” would complete to “show” and “interface” respectively when you use the  
tab completion function.  
3-25  
Using the Command Line Interface (CLI)  
CLI Control and Editing  
HP Switch(config)# show int custom 1-4 port name:4 type vlan intrusion speed  
enabled mdi  
Status and Counters - Custom Port Status  
Intrusion  
Port Name  
Type  
VLAN Alert  
Speed Enabled MDI-mode  
---- ---------- ---------- ----- --------- ------- ------- --------  
1
2
3
4
Acco  
Huma  
Deve  
Lab1  
100/1000T 1  
100/1000T 1  
100/1000T 1  
100/1000T 1  
No  
No  
No  
No  
1000FDx Yes  
1000FDx Yes  
1000FDx Yes  
1000FDx Yes  
Auto  
Auto  
Auto  
Auto  
HP Switch(config)# alias sic “show int custom 1-4 port name:4 type vlan intrusion  
speed enabled mdi”  
HP Switch(config)#  
HP Switch(config)# sic  
Status and Counters - Custom Port Status  
Intrusion  
Port Name  
Type  
VLAN Alert  
Speed Enabled MDI-mode  
---- ---------- ---------- ----- --------- ------- ------- --------  
1
2
3
4
Acco  
Huma  
Deve  
Lab1  
100/1000T 1  
100/1000T 1  
100/1000T 1  
100/1000T 1  
No  
No  
No  
No  
1000FDx Yes  
1000FDx Yes  
1000FDx Yes  
1000FDx Yes  
Auto  
Auto  
Auto  
Auto  
Figure 3-19. Example of Using the Alias Command with show int custom  
N o t e  
Remember to enclose the command being aliased in quotes.  
Command parameters for the aliased command can be added at the end of the  
alias command string. For example:  
HP Switch(config)# alias sc “show config”  
HP Switch(config)# sc status  
To change the command that is aliased, re-execute the alias name with new  
command options. The new options are used when the alias is executed.  
To display the alias commands that have been configured, enter the show alias  
command.  
3-26  
Using the Command Line Interface (CLI)  
CLI Control and Editing  
HP Switch(config)# show alias  
Name  
Command  
-------------------- ------------------------------  
sc  
sic  
show config  
show int custom 1-4 port name:4 type vlan intrusion  
speed enabled mdi  
Figure 3-20. Example of Alias Commands and Their Configurations  
CLI Shortcut Keystrokes  
Keystrokes  
[Ctrl] [A]  
Function  
Jumps to the first character of the command line.  
Moves the cursor back one character.  
[Ctrl] [B] or [<]  
[Ctrl] [C]  
Terminates a task and displays the command prompt.  
Deletes the character at the cursor.  
[Ctrl] [D]  
[Ctrl] [E]  
Jumps to the end of the current command line.  
Moves the cursor forward one character.  
Deletes from the cursor to the end of the command line.  
Repeats current command line on a new line.  
Enters the next command line in the history buffer.  
Enters the previous command line in the history buffer.  
Deletes from the cursor to the beginning of the command line.  
Deletes the last word typed.  
[Ctrl] [F] or [>]  
[Ctrl] [K]  
[Ctrl] [L] or [Ctrl] [R]  
[Ctrl] [N] or [v]  
[Ctrl] [P] or [^]  
[Ctrl] [U] or [Ctrl] [X]  
[Ctrl] [W]  
[Esc] [B]  
Moves the cursor backward one word.  
[Esc] [D]  
Deletes from the cursor to the end of the word.  
Moves the cursor forward one word.  
[Esc] [F]  
Deletes the first character to the left of the cursor in the command  
line.  
[Backspace]  
Moves the cursor forward one character.  
[Spacebar]  
3-27  
   
Using the Command Line Interface (CLI)  
Port-Level Configuration on HP 3800 Switches with Stacking Enabled  
Port-Level Configuration on HP 3800  
Switches with Stacking Enabled  
When stacking is enabled on an HP 3800 switch, the procedures for configur-  
ingspecificswitchportsarethesameasforHP3800switcheswithoutstacking  
enabled. However, the port designations for the ports in the stack are modi-  
fied. That is, each port is identified by its switch’s stack member ID followed  
by a slash and then the port number, as it is shown on the switch. For example,  
for a switch with stack member ID 3, port 10 on that switch is identified as  
port 3/10 for CLI command input and output. Entering a CLI command on an  
HP 3800 switch configured for stacking without using the modified port  
designation results in the following message:  
Module not present for port or invalid port  
For more on this topic, see “Interaction with Other Switch Features” in the  
“Stack Management” chapter of the latest Management and Configuration  
Guide for HP 3800 switches.  
3-28  
     
4
Using the HP WebAgent  
Overview  
The HP web browser interface (WebAgent) built into the switch lets you easily  
access the switch from a web browser. You can do the following:  
Optimize your network uptime by using the Alert Log and other diagnostic  
tools  
Make configuration changes to the switch  
Maintain security by configuring usernames and passwords  
Monitor the status of system configurations, power management, and  
traffic management  
This chapter covers the following:  
General features (page 4-2)  
Starting the WebAgent (page 4-4)  
Tasks for your first WebAgent session (page 4-5)  
Accessing Online Help (page 4-7)  
Connecting to the WebAgent from HP PCM+ (page 4-7)  
N o t e  
You can disable access to the WebAgent by either executing no web-manage-  
ment at the CLI prompt or changing the Web Agent Enabled parameter setting  
to No in the menu interface (page 4-4).  
For information on operating system, browser, and Java versions for the  
switches covered in this guide, go to the HP Networking web site at  
www.hp.com/faqs, select your switch (for example, HP Switch 8212zl), and then  
scroll to General Product Information.  
For users who do not have internet access, you can download and install help  
files on the PCM+ server or Web server. For ore information, go to the  
Download device help web site at www.hp.com/rnd/device_help/download.htm.  
4-1  
       
Using the HP WebAgent  
General Features  
General Features  
The WebAgent includes this information:  
Home  
Quick Setup—Name, contact, IP, and VLAN information  
Status—Information about system uptime, switch addresses and  
serial number, VLANs, power, redundancy status, alert log, and utili-  
zation statistics  
System  
Logging—Fault detection, alert log  
SNMP—Community name and access, trap receivers, link status  
change  
Updates/Downloads—Configuration files, software images  
Redundancy—Management module status, fabric module status,  
failovers  
Interface  
Port Info/Config—Port table, port properties, port statistics  
PoE—System power status, port table show power usage and LLDP  
information, PoE statistics by port  
VLAN  
VLAN Management—Primary and management VLAN, VLAN table,  
VLAN properties  
Traffic Management  
QoS—Type of service, Quality of service, DSCP policies, DSCP  
priority  
Spanning Tree  
Tree Management—Enabled or disabled  
Multicast  
IGMP—VLAN information  
Security  
Device Passwords—Authorized usernames and passwords  
Security Wizard—Set up switch to prevent unauthorized access  
IP Authorization—IP authorized manager addresses, methods, and  
levels, IP authorization details  
Port Security—Port security table, security policy information  
4-2  
 
Using the HP WebAgent  
General Features  
Intrusion Log—Details about intrusion events  
SSL—Enabled/disabled for web management; SSL certificate status  
Troubleshooting  
Ping/Link Test—Ping test details, link test details  
Configuration Report—Running config file information  
Core dump—Management/Interface modules enabled/disabled, list  
of core dump files for downloading  
Port Mirroring—Enabled/disabled  
Figure 4-1. Example of Status Screen for the WebAgent  
4-3  
Using the HP WebAgent  
Starting the WebAgent  
Starting the WebAgent  
You can start the WebAgent in the following ways:  
Using a standalone web browser on a network connection from a PC or  
UNIX workstation that is directly connected to your network or  
connected through remote access to your network  
Using a network management station running PCM+ on your network  
Using a Standalone Web Browser from a PC or UNIX  
Workstation  
This procedure assumes that you are using a compatible web browser and that  
the switch is configured with an IP address accessible from your PC or  
workstation. (For more on assigning an IP address, refer to “IP Configuration”  
on page 7-1.)  
TM  
1. Ensure that the Java applets are enabled for your browser. For more  
information on this topic, refer to your browser’s online Help.  
2. Use the web browser to access the switch. If your network includes a  
Domain Name Server (DNS), your switch’s IP address may have a name  
associated with it (for example, switch8212) that you can type in the URL  
field instead of the IP address. Using DNS names typically improves  
browser performance. Contact your network administrator to enquire  
about DNS names associated with your HP switch.  
Type the IP address (or DNS name) of the switch in the browser’s URL  
field and press [Enter]. (It is not necessary to include http://.)  
switch5308 [Enter] (example of a DNS-type name)  
10.11.12.195 [Enter] (example of an IP address)  
The Home page of the WebAgent displays in the right pane and a navigation  
tree displays in the left pane. You can access all the WebAgent features from  
the navigation tree.  
4-4  
             
Using the HP WebAgent  
Tasks for Your First WebAgent Session  
Tasks for Your First WebAgent Session  
Viewing the “First Time Install” Window  
When you access the WebAgent for the first time, the Alert log contains a “First  
Time Install” alert. This gives you information about first time installations  
and provides an immediate opportunity to set passwords for security. You can  
also specify a fault detection policy, which determines the types of messages  
that will be displayed in the Alert Log.  
To view the Alert Log, click on System in the navigation tree, then click on  
Logging. Double click on First Time Install in the Alert log. The WebAgent  
displays the “First Time Install” window. This window is the launching point  
for setting WebAgent passwords for maintaining security, and also setting a  
fault detection policy.  
You can also use the navigation tree to access these screens:  
To set WebAgent passwords, select Security > Device Passwords in the  
navigation tree.  
To set the fault detection policy, select Security > Intrusion Log in the  
navigation tree.  
Setting a Username and Password  
You can set a username in the Username field of the password pane. If you do  
not want to set a username, then leave the Username field in the password  
pane blank.  
The manager and operator passwords are used to control access to all switch  
interfaces. The password you enter determines the capability you have during  
that session:  
Entering the manager password gives you full read/write/troubleshooting  
capabilities  
Entering the operator password gives you read and limited trouble-  
shooting capabilities.  
Note that the command prompt and switch console interface use only the  
password; you are not prompted for the username.  
4-5  
               
Using the HP WebAgent  
Tasks for Your First WebAgent Session  
Change button  
Figure 4-2. Example of the Device Passwords Screen  
To set the username and password:  
1. In the navigation tree, select Security > Device Passwords. The Device  
Passwords screen displays.  
2. Click on Change on the right side of the screen. The pane expands to allow  
you to enter information.  
3. Enter a username, password, and access level.  
4. Click on Save to save your entries.  
N o t e  
Passwords assigned in the WebAgent will overwrite previous passwords  
assigned in either the WebAgent, the CLI, or the menu interface. The most  
recently assigned passwords are the switch’s passwords, regardless of which  
interface was used to assign them.  
If You Lose the Password  
If you lose the passwords, you can clear them by pressing the Clear button  
on the front of the switch. This action deletes all password and user name  
protection from all of the switch’s interfaces.  
4-6  
           
Using the HP WebAgent  
Connecting to the WebAgent from HP PCM+  
The Clear button is provided for your convenience, but its presence means  
that if you are concerned with the security of the switch configuration and  
operation, you should make sure the switch is installed in a secure location,  
such as a locked wiring closet. (For more information, refer to “Front Panel  
Security” in the chapter titled “Configuring Username and Password Security”  
in the Access Security Guide for your switch.)  
Online Help for the WebAgent  
Online Help is available for the WebAgent. You can use it by clicking on the  
?” in the upper right corner in any of the WebAgent panes. Context-sensitive  
help is provided for the pane you are on.  
You can access the WebAgent online help at www.hp.com/device_help.  
Downloading the WebAgent Help to a Local Server  
To download the WebAgent help files to a local server, go to:  
www.hp.com/rnd/device_help/download.htm  
Follow the directions on the web page to download the WebAgent help for  
your device.  
Connecting to the WebAgent from HP  
PCM+  
To access the WebAgent with HP PCM+:  
1. Select the device in the PCM+ navigation tree.  
2. Right-click on Device in the navigation tree and select Device Access >  
Connect to WebAgent.  
4-7  
       
Using the HP WebAgent  
Connecting to the WebAgent from HP PCM+  
Figure 4-3. Example of WebAgent Access from PCM+  
4-8  
5
Switch Memory and Configuration  
Overview  
This chapter describes:  
How switch memory manages configuration changes  
How the CLI implements configuration changes  
How the menu interface and WebAgent implement configuration changes  
How the switch provides software options through primary/secondary  
flash images  
How to use the switch’s primary and secondary flash options, including  
displaying flash information, booting or restarting the switch, and other  
topics  
Configuration File Management  
The switch maintains two configuration files, the running-config file and the  
startup-config file.  
CLI configuration  
Volatile Memory  
changes are written to  
this file. To use the CLI to  
save the latest version of  
this file to the startup-  
config file, you must  
execute the write  
Running-Config File  
(Controls switch operation. When the switch boots, the  
contents of this file are erased and replaced by the  
contents of the startup-config file.)  
memory command.  
Flash (Non-Volatile) Memory  
Menu interface configu-  
ration changes are simul-  
taneously written to both  
of these files.  
Startup-Config File  
(Preserves the most recently saved configuration  
through any subsequent reboot.)  
Figure 5-1. Conceptual Illustration of Switch Memory Operation  
5-1  
           
Switch Memory and Configuration  
Configuration File Management  
Running Config File: Exists in volatile memory and controls switch  
operation. If no configuration changes have been made in the CLI since  
the switch was last booted, the running-config file is identical to the  
startup-config file.  
Startup-config File: Exists in flash (non-volatile) memory and is used  
to preserve the most recently-saved configuration as the “permanent”  
configuration.  
Booting the switch replaces the current running-config file with a new run-  
ning-config file that is an exact copy of the current startup-config file.  
N o t e  
Any of the following actions boots the switch:  
Executing the boot or the reload command in the CLI  
Executing the boot command in the menu interface  
Pressing the Reset button on the front of the switch  
Removing, then restoring power to the switch  
For more on reboots and the switch’s dual-flash images, refer to “Using  
Primary and Secondary Flash Image Options” on page 5-20.  
Options for Saving a New Configuration. Making one or more changes  
to the running-config file creates a new operating configuration. Saving a new  
configurationmeans tooverwrite (replace) thecurrentstartup-config file with  
the current running-config file. This means that if the switch subsequently  
reboots for any reason, it will resume operation using the new configuration  
instead of the configurationpreviously defined in the startup-config file. There  
are three ways to save a new configuration:  
In the CLI: Use the write memory command. This overwrites the current  
startup-config file with the contents of the current running-config file.  
In the menu interface: Use the Save command. This overwrites both the  
running-config file and the startup-config file with the changes you have  
specified in the menu interface screen.  
In the WebAgent: Click on Save. This overwrites both the running-config  
file and the startup-config file with the changes you have specified in the  
WebAgent screen.  
Note that using the CLI instead of the menu or WebAgent gives you the option  
of changing the running configuration without affecting the startup configu-  
ration. This allows you to test the change without making it “permanent”.  
When you are satisfied that the change is satisfactory, you can make it  
permanent by executing the write memory command. For example, suppose you  
use the following command to disable port 5:  
5-2  
         
Switch Memory and Configuration  
Configuration File Management  
HP Switch(config)# interface ethernet 5 disable  
The above command disables port 5 in the running-config file, but not in the  
startup-config file. Port 5 remains disabled only until the switch reboots. If  
you want port 5 to remain disabled through the next reboot, use write memory  
to save the current running-config file to the startup-config file in flash  
memory.  
HP Switch(config)# write memory  
If you use the CLI to make a configuration change and then change from the  
CLI to the Menu interface without first using write memory to save the change  
to the startup-config file, then the switch prompts you to save the change. For  
example, if you use the CLI to create VLAN 20, and then select the menu  
interface, VLAN 20 is configured in the running-config file, but not in the  
startup-config file. In this case you will see:  
HP Switch(config)# vlan 20  
HP Switch(config)# menu  
Do you want to save current configuration [y/n]?  
If you type [Y], the switch overwrites the startup-config file with the running-  
config file, and your configuration change(s) will be preserved across reboots.  
If you type [N], your configuration change(s) will remain only in the running-  
config file. In this case, if you do not subsequently save the running-config file,  
your unsaved configuration changes will be lost if the switch reboots for any  
reason.  
Storing and Retrieving Configuration Files. You can store or retrieve a  
backup copy of the startup-config file on another device. For more  
information, see “Transferring Switch Configurations” in Appendix A of the  
Management and Configuration Guide for your switch.  
USB Autorun. This feature supports the ability to auto execute CLI com-  
mands stored on a USB flash drive (for example, to configure the switch,  
update software, retrieve diagnostics, etc.). For more information, see “Using  
USB to Download Switch Software” in the Management and Configuration  
Guide for your switch.  
5-3  
Switch Memory and Configuration  
Using the CLI To Implement Configuration Changes  
Using the CLI To Implement  
Configuration Changes  
The CLI offers these capabilities:  
Access to the full set of switch configuration features  
The option of testing configuration changes before making them perma-  
nent  
How To Use the CLI To View the Current Configuration Files. Use  
show commands to view the configuration for individual features, such as port  
status or Spanning Tree Protocol. However, to view either the entire startup-  
config file or the entire running-config file, use the following commands:  
show config — Displays a listing of the current startup-config file.  
show running-config — Displays a listing of the current running-config file.  
write terminal — Displays a listing of the current running-config file.  
show default-config—Displays a listing of a custom default config file.  
show config status — Compares the startup-config file to the running-  
config file and lists one of the following results:  
If the two configurations are the same you will see:  
Running configuration is the same as the startup  
configuration.  
If the two configurations are different, you will see:  
– Running configuration has been changed and needs  
to be saved.  
N o t e  
Show config, show running-config, and write terminal commands display the  
configuration settings that differ from the switch’s factory-default configura-  
tion.  
How To Use the CLI To Reconfigure Switch Features. Use this proce-  
duretopermanentlychangetheswitchconfiguration(thatis, toenterachange  
in the startup-config file).  
1. Use the appropriate CLI commands to reconfigure the desired switch  
parameters. This updates the selected parameters in the running-config  
file.  
2. Use the appropriate show commands to verify that you have correctly  
made the desired changes.  
5-4  
               
Switch Memory and Configuration  
Using the CLI To Implement Configuration Changes  
3. Observe the switch’s performance with the new parameter settings to  
verify the effect of your changes.  
4. When you are satisfied that you have the correct parameter settings, use  
the write memory command to copy the changes to the startup-config file.  
Syntax: write memory  
Saves the running configuration file to the startup-config.  
The saved configuration becomes the boot-up configuration  
of the switch on the next boot.  
When using redundant management, saves the running  
configuration of the switch to flash on the active management  
module. The saved configuration becomes the boot-up  
configuration of the switch the next time it is booted. The  
saved configuration file is sync’d to the standby management  
module.  
Note: If the active management module and the standby  
management module are running on different operating  
systems because the boot set-default command was executed  
and then the standby module was rebooted, the write memory  
command displays this warning: “Warning: The next reboot  
orfailoverissettobootfromadifferentsoftwareimage. These  
config changes may be incompatible or not used after a reboot  
or failover.”  
For example, the default port mode setting is auto. Suppose that your network  
uses Cat 3 wiring and you want to connect the switch to another autosensing  
device capable of 100 Mbps operation. Because 100 Mbps over Cat 3 wiring  
can introduce transmission problems, the recommended port mode is auto-10,  
which allows the port to negotiate full- or half-duplex, but restricts speed to  
10 Mbps. The following command configures port A5 to auto-10 mode in the  
running-config file, allowing you to observe performance on the link without  
making the mode change permanent.  
HP Switch(config)# interface e a5 speed-duplex auto-10  
After you are satisfied that the link is operating properly, you can save the  
change to the switch’s permanent configuration (the startup-config file) by  
executing the following command:  
HP Switch(config)# write memory  
The new mode (auto-10) on port A5 is now saved in the startup-config file, and  
the startup-config and running-config files are identical. If you subsequently  
reboot the switch, the auto-10 mode configuration on port A5 will remain  
because it is included in the startup-config file.  
5-5  
     
Switch Memory and Configuration  
Using the CLI To Implement Configuration Changes  
N o t e  
Beginning with K.15.01.0031, configuration changes to ports may require up  
to 10 seconds to take effect, especially on switches with high CPU utilization.  
After a configuration command, perform an appropriate show or show running-  
config command to confirm the configuration change. If configuration scripts  
are used, the script should be modified either to check for successful comple-  
tion of the previous command before executing the next command, or to sleep  
for 10 seconds after the configuration command is executed.  
How To Cancel Changes You Have Made to the Running-Config File.  
If you use the CLI to change parameter settings in the running-config file, and  
then decide that you don’t want those changes to remain, you can use either  
of the following methods to remove them:  
Manually enter the earlier values you had for the changed settings. (This  
is recommended if you want to restore a small number of parameter  
settings to their previous boot-up values.)  
Update the running-config file to match the startup-config file by reboot-  
ing the switch. (This is recommended if you want to restore a larger  
number of parameter settings to their previous boot-up values.)  
If you use the CLI to change a parameter setting, and then execute the boot  
command without first executing the write memory command to save the  
change, the switch prompts you to specify whether to save the changes in the  
current running-config file. For example:  
Disables port 1 intherunningconfiguration, whichcauses port 1toblockalltraffic.  
HP Switch(config)# interface e 1 disable  
HP Switch(config)# boot  
Device will be rebooted, do you want to continue [y/n]? y  
Press [Y] to continue the rebooting process.  
You will then see this prompt.  
Do you want to save current configuration [y/n]?  
Figure 5-2. Boot Prompt for an Unsaved Configuration  
The above prompt means that one or more parameter settings in the running-  
config file differ from their counterparts in the startup-config file and you need  
to choose which config file to retain and which to discard.  
5-6  
 
Switch Memory and Configuration  
Using the CLI To Implement Configuration Changes  
If you want to update the startup-config file to match the running-config  
file, press [Y] for “yes”. (This means that the changes you entered in the  
running-config file will be saved in the startup-config file.)  
If you want to discard the changes you made to the running-config file so  
that it will match the startup-config file, then press [N] for “no”. (This  
means that the switch will discard the changes you entered in the running-  
config file and will update the running-config file to match the startup-  
config file.)  
N o t e  
If you use the CLI to make a change to the running-config file, you should  
either use the write memory command or select the save option allowed during  
a reboot (figure 5-5-2, above) to save the change to the startup-config file. That  
is, if you use the CLI to change a parameter setting, but then reboot the switch  
from either the CLI or the menu interface without first executing the write  
memory command in the CLI, the current startup-config file will replace the  
running-config file, and any changes in the running-config file will be lost.  
Using the Save command in the menu interface does not save a change made  
to the running config by the CLI unless you have also made a configuration  
change in the menu interface. Also, the menu interface displays the current  
running-configvalues. Thus, whereaparametersettingisaccessiblefromboth  
the CLI and the menu interface, if you change the setting in the CLI, the new  
value will appear in the menu interface display for that parameter. However,  
as indicated above, unless you also make a configuration change in the  
menu interface, only the write memory command in the CLI will actually save  
the change to the startup-config file.  
How To Reset the startup-config and running-config Files to the  
Factory Default Configuration. This command reboots the switch,  
replacing the contents of the current startup-config and running-config files  
with the factory-default startup configuration.  
Syntax:  
erase startup-config  
For example:  
HP Switch(config)# erase startup-config  
Configuration will be deleted and device rebooted, continue [y/n]?  
Figure 5-3. Example of erase startup-config Command  
Press [y] to replace the current configuration with the factory default config-  
uration and reboot the switch. Press [n] to retain the current configuration and  
prevent a reboot.  
5-7  
 
Switch Memory and Configuration  
Creating a Custom Default Configuration  
In a redundant management system, this command erases the startup config  
file on both the active and the standby management modules as long as  
redundancy has not been disabled. If the standby management module is not  
in standby mode or has failed selftest, the startup config file is not erased.  
Creating a Custom Default Configuration  
N o t e  
This feature is not supported on the HP 3800 switches.  
The custom default configuration feature provides the ability to initialize a  
switch to a different state from the factory default state when you delete the  
active configuration file. The factory default configuration is not changed. If  
a custom configuration file has been created and the active configuration file  
is deleted, the switch will boot up using the custom configuration file.  
The feature provides the ability to:  
Use a customized configuration file as a default configuration file  
Enable the switch to start up with the specified default configuration  
The existence of a custom default configuration file does not affect the results  
of loading a remotely stored configuration file onto the switch.  
Using a custom default configuration, you can configure the features you want  
to be in the default configuration. When the active configuration is deleted  
using the erase startup command, the active configuration is removed and the  
custom default configuration file will be used upon bootup. The standard  
default configuration file remains and is used if there is no custom default  
configuration.  
N o t e  
This feature does not change the system defaults. The custom default config-  
uration file is automatically used when the startup configuration file is erased.  
It has no effect on what is loaded onto the switch when a remotely stored  
configuration file is restored.  
5-8  
   
Switch Memory and Configuration  
Creating a Custom Default Configuration  
The default configuration file can be customized using commands at the CLI  
prompt or by copying a configuration file with the desired configuration using  
TFTP, USB, or XMODEM copy commands. The existing default configuration  
file also can be transferred from the switch using these commands.  
To start creating the configuration file to be used as the custom default  
configuration file, enter the commands that configure the features desired and  
then save the configuration file using the write memory command. An example  
is shown in Figure 5-4.  
HP Switch(config)# spanning-tree  
HP Switch(config)# interface 4 flow-control  
HP Switch(config)# write memory  
Figure 5-4. Example of Creating a Config File with the Desired Features  
This configuration, which enables flow control on interface 4, and also span-  
ning-tree on the switch, is stored in the startup configuration file.  
To save this configuration as the custom default configuration, the startup  
configuration file is copied to the default configuration file, as shown in Figure  
5-5.  
HP Switch(config)# copy startup-config default-config  
Figure 5-5. Example of Copying the Startup Configuration File to the Custom  
Default Configuration File  
Copying an Existing Configuration File to the Custom  
Default Configuration File  
The switch can have up to 3 different configuration files stored in flash  
memory. (For more information about multiple configuration files, see “Mul-  
tiple Configuration Files” in the Management and Configuration Guide for  
your switch.) To copy a configuration file that exists in flash memory to the  
custom default configuration file, use this command.  
Syntax: copy config < source-filename > default-config  
Copies the configuration file specified in <source-filename>  
to the custom default configuration file.  
5-9  
 
Switch Memory and Configuration  
Creating a Custom Default Configuration  
HP Switch(config)# copy abc.cfg default-config  
Figure 5-6. Copying the abc.cfg Config File to the Custom Default Config File  
Copying the Custom Default Config File onto the  
Switch  
Using TFTP  
To copy a configuration file stored on a TFTP server to the custom default  
configuration file, use the copy tftp default-config command.  
Syntax: copy tftp default-config <ip-addr> <stored config file name>  
Copies the stored configuration file on the TFTP server  
specified by <ip-addr> to the custom default configuration  
file.  
HP Switch(config)# copy tftp default-config 10.10.10.1 stored_config.cfg  
Figure 5-7. Copying a Stored Config File to the Default Config File Using TFTP  
Using XMODEM  
To copy a configuration file to the custom default configuration file using  
XMODEM, use the copy xmodem default-config command.  
Syntax: copy xmodem default-config  
Copies the configuration file specified by the XMODEM  
server device to the custom default configuration file.  
HP Switch(config)# copy xmodem default-config  
Figure 5-8. Copying a Stored Config File to the Custom Default Config File Using  
XMODEM  
5-10  
     
Switch Memory and Configuration  
Creating a Custom Default Configuration  
Using USB  
To copy a configuration file to the custom default configuration file using USB,  
use the copy usb default-config command.  
copy usb default-config <stored config file name>  
Syntax:  
Copies the stored configuration file on the USB stick to the  
custom default configuration file.  
HP Switch# copy usb default-config stored_config.cfg  
Figure 5-9. Copying a Stored Config File to the Custom Default Config File Using  
USB  
Copying the Custom Default Config File Off the Switch  
Using TFTP  
To transfer a custom default configuration file off the switch using TFTP, enter  
the following command.  
copy default-config tftp <server ip-address> stored_config.cfg  
Syntax:  
Copies the custom default configuration file to the  
stored_config.cfg file on the TFTP server.  
Using XMODEM  
To transfer a custom default config file off the switch using XMODEM, enter  
the following command.  
copy default-config xmodem  
Syntax:  
Copies the custom default configuration file to the  
configuration file specified by the XMODEM server device.  
Using USB  
To transfer a custom default configuration file off the switch using USB, enter  
the following command.  
copy default-config usb stored_config.cfg  
Syntax:  
5-11  
         
Switch Memory and Configuration  
Creating a Custom Default Configuration  
Copies the custom default configuration file to the  
stored_config.cfg file on the USB device.  
Using SFTP and SCP to Transfer the Custom  
Configuration  
While the switch supports an SSH server with SCP and/or SFTP running on it,  
the switch is not an SCP or SFTP client. To transfer the default custom  
configuration file to or from the switch, you must connect to the switch’s SSH  
server using any SCP or SFTP client. Instead of the actual name of the custom  
default configuration file, an alias name of “default-config” is displayed in the  
file listings and for get/store functions.  
When you use an SCP client to connect to the switch, you must know the name  
of the file you wish to get or store. When you use SFTP client to connect to  
the switch, you are provided with a list of filenames that can be accessed by  
the switch.  
N o t e  
You must have an SCP/SFTP client implemented in order to execute copy scp  
or copy sftp commands on the switch.  
The following example shows the output from running puTTY psftp on a remote  
PC.  
5-12  
 
Switch Memory and Configuration  
Creating a Custom Default Configuration  
C:\PuTTY> psftp 10.1.243.209  
We'd like to keep you up to date about:  
* Software feature updates  
* New product announcements  
* Special events  
Please register your product at: www.hp.com  
Remote working directory is /  
psftp> ls  
Listing directory /  
drwxr-xr-x  
drwxr-xr-x  
drwxr-xr-x  
drwxrwxrwx  
drwxrwxrwx  
2 J9145A J9145A  
2 J9145A J9145A  
2 J9145A J9145A  
2 J9145A J9145A  
3 J9145A J9145A  
0 Jan 01 00:01 cfg  
0 Jan 01 00:01 core  
0 Jan 01 00:01 log  
0 Jan 01 00:01 os  
0 Jan 01 00:01 ssh  
psftp> ls /cfg  
Listing directory /cfg  
This is the custom default config.  
-rwxrw-r--  
-rw-r--r--  
-rwxrw-r--  
1 J9145A J9145A  
1 J9145A J9145A  
1 J9145A J9145A  
1749 Jan 01 00:01 default-config  
745 Jan 01 01:19 running-config  
360 Jan 01 01:19 startup-config  
psftp>  
Figure 5-10. Example of Using SFTP  
Erasing a Configuration File  
If a custom default configuration file exists and the erase startup-config com-  
mand is executed, the current active configuration is erased and the switch is  
booted with the custom default configuration.  
HP Switch(config)# erase startup-config  
Configuration will be deleted, and existing login passwords removed, and device  
rebooted (using the custom default configuration), continue [y/n]?  
Figure 5-11. Example of Erasing the Startup Config File When a Default Custom Config File Exists  
If a custom default configuration file does not exist and the erase startup-  
config command is executed, the current active configuration is erased and  
the switch is booted with the system default configuration.  
5-13  
 
Switch Memory and Configuration  
Creating a Custom Default Configuration  
HP Switch(config)# erase startup-config  
Configuration will be deleted, and existing login passwords removed, and device  
rebooted, continue [y/n]?  
Figure 5-12. Example of Erasing the Startup Config File When a Default Custom Config File Does Not Exist  
To erase the custom default configuration file, execute the erase default-config  
command.  
HP Switch(config)# erase default-config  
The custom default configuration will be erased. The “erase startup-config”  
command will now use system generated default configuration. Continue [y/n]?  
Figure 5-13. Example of Erasing the Custom Default Config File  
Displaying the Configuration Files  
The show config files command displays the existing configuration files and  
indicates that a custom default configuration file exists.  
HP Switch(config)# show config files  
Configuration files:  
id | act pri sec | name  
---+-------------+-------------------------------  
1
2
3
* *  
| config  
| secondaryconfig  
* | Kconfig  
==================  
A Custom default configuration file exists.  
A custom default configuration file exists.  
Figure 5-14. Example Output Displaying 3 Configuration Files  
Enter the command show default-config to display the custom default config-  
uration.  
N o t e  
For the 5400zl, 3800, and 8200zl switches, when the show default-config  
command is executed in enhanced secure mode the following prompt dis-  
plays:  
5-14  
   
Switch Memory and Configuration  
Creating a Custom Default Configuration  
Do you want to show sensitive information (y/n)?  
If “Y/y” is entered, the normal command output is displayed on the console.  
If “N/n” is entered, all the sensitive information is hidden and will be  
displayedasasterisks(“*****”). ThedefaultoptionisN/nwheninteractive  
mode is disabled. For more information, see the chapter “Secure Mode  
(5400zl, 3800, and 8200zl)” in the Access Security Guide for your switch.  
HP Switch(config)# show default-config  
Custom default configuration:  
; J8693A Configuration Editor; Created on release #K.15.XX  
; Ver #02:0b:ef:e6  
hostname “HP Switch”  
module 1 type J86xxA  
module 2 type J86xxA  
vlan 1  
name “DEFAULT-VLAN”  
untagged 1-24  
ip address dhcp-bootp  
exit  
interface 4  
flow-control  
exit  
These parameters were configured in  
the custom default configuration file.  
snmp-server community “public” unrestricted  
spanning-tree  
Figure 5-15. Example of Output for Custom Default Configuration File  
If a custom default configuration file exists and you erase the current active  
config file (using the erase startup-config command), then issue the show  
running-config command, the output will display the contents of the custom  
default configuration file. The custom default configuration file is loaded upon  
bootup. See Figure 5-16.  
5-15  
Switch Memory and Configuration  
Using the Menu and WebAgent To Implement Configuration Changes  
HP Switch(config)# show running-config  
Custom default configuration:  
; J8693A Configuration Editor; Created on release #K.15.XX  
; Ver #02:0b:ef:e6  
hostname “HP Switch”  
module 1 type J86xxA  
module 2 type J86xxA  
vlan 1  
name “DEFAULT-VLAN”  
untagged 1-24  
ip address dhcp-bootp  
exit  
interface 4  
flow-control  
exit  
snmp-server community “public” unrestricted  
spanning-tree  
Figure 5-16. Example of Output of Custom Default Config File When Current Active Config File Erased  
Troubleshooting Custom Default Configuration Files  
If the switch won’t boot because of a problem with the custom default  
configuration file, the file can be removed using the ROM mode interface.  
The custom default configuration file cannot be erased using the front  
panel buttons on the switch. If the switch can be booted, use the erase  
default-config command to remove the custom default configuration file.  
Using the Menu and WebAgent To  
Implement Configuration Changes  
The menu and WebAgent offer these advantages:  
Quick, easy menu or window access to a subset of switch configuration  
features  
5-16  
   
Switch Memory and Configuration  
Using the Menu and WebAgent To Implement Configuration Changes  
Viewing several related configuration parameters in the same screen, with  
their default and current settings  
Immediately changing both the running-config file and the startup-config  
file with a single command  
Menu: Implementing Configuration Changes  
Youcanusethemenuinterfacetosimultaneouslysaveandimplementasubset  
of switch configuration changes without having to reboot the switch. That is,  
when you save a configuration change in the menu interface, you simultane-  
ously change both the running-config file and the startup-config file.  
N o t e  
The only exception to this operation are two VLAN-related parameter changes  
that require a reboot—described under “Rebooting To Activate Configuration  
Changes” on page 5-19.  
Using Save and Cancel in the Menu Interface  
For any configuration screen in the menu interface, the Save command:  
1. Implements the changes in the running-config file  
2. Saves your changes to the startup-config file  
If you decide not to save and implement the changes in the screen, select  
Cancel to discard them and continue switch operation with the current oper-  
ation. For example, suppose you have made the changes shown below in the  
System Information screen:  
To save and  
implement the  
changes for all  
parameters in this  
screen, press the  
[Enter] key, then  
press [S] (for Save).  
To cancel all  
changes, press the  
[Enter] key, then  
press [C](for Cancel)  
Figure 5-17. Example of Pending Configuration Changes You Can Save or Cancel  
5-17  
   
Switch Memory and Configuration  
Using the Menu and WebAgent To Implement Configuration Changes  
N o t e  
If you reconfigure a parameter in the CLI and then go to the menu interface  
without executing a write memory command, those changes are stored only in  
the running configuration (even if you execute a Save operation in the menu  
interface). If you then execute a switch boot command in the menu interface,  
the switch discards the configuration changes made while using the CLI. To  
ensure that changes made while using the CLI are saved, execute write memory  
in the CLI before rebooting the switch.  
Rebooting from the Menu Interface  
Terminates the current session and performs a reset of the operating  
system  
Activates any configuration changes that require a reboot  
Resets statistical counters to zero  
To Reboot the switch, use the Reboot Switch option in the Main Menu. (Note  
that the Reboot Switch option is not available if you log on in Operator mode;  
that is, if you enter an Operator password instead of a manager password at  
the password prompt.)  
Optional Reboot  
Switch Command  
Figure 5-18. The Reboot Switch Option in the Main Menu  
5-18  
     
Switch Memory and Configuration  
Using the Menu and WebAgent To Implement Configuration Changes  
Rebooting To Activate Configuration Changes. Configuration changes  
for most parameters become effective as soon as you save them. However,  
you must reboot the switch in order to implement a change in the Maximum  
VLANs to support parameter.  
(To access these parameters, go to the Main menu and select 2. Switch  
Configuration, then 8. VLAN Menu, then 1. VLAN Support.)  
If configuration changes requiring a reboot have been made, the switch  
displays an asterisk (*) next to the menu item in which the change has been  
made. For example, if you change and save parameter values for the Maximum  
VLANs to support parameter, an asterisk appears next to the VLAN Support entry in  
the VLAN Menu screen, and also next to the Switch Configuration entry in the  
Main menu, as shown in Figure 5-19:  
Asterisk indicates  
a configuration  
change that  
requires a reboot  
in order to take  
effect.  
Reminder to  
reboot the switch  
to activate  
configuration  
changes.  
Figure 5-19. Indication of a Configuration Change Requiring a Reboot  
WebAgent: Implementing Configuration Changes  
You can use the WebAgent to simultaneously save and implement a subset of  
switch configuration changes without having to reboot the switch. That is,  
when you save a configuration change, you simultaneously change both the  
running-config file and the startup-config file. For online help with configuring  
changes in the WebAgent, click on the “?” in the WebAgent screen.  
N o t e  
If you reconfigure a parameter in the CLI and then go to the WebAgent without  
executing a write memory command, those changes will be saved to the startup-  
config file if you click on Save in the WebAgent.  
5-19  
     
Switch Memory and Configuration  
Using Primary and Secondary Flash Image Options  
Using Primary and Secondary Flash  
Image Options  
The switches covered in this guide feature two flash memory locations for  
storing switch software image files:  
Primary Flash: The default storage for a switch software image.  
Secondary Flash: The additional storage for either a redundant or an  
alternate switch software image.  
With the Primary/Secondary flash option you can test a new image in your  
system without having to replace a previously existing image. You can also  
use the image options for troubleshooting. For example, you can copy a  
problem image into Secondary flash for later analysis and place another,  
proven image in Primary flash to run your system. The switch can use only  
one image at a time.  
The following tasks involve primary/secondary flash options:  
Displaying the current flash image data and determining which switch  
software versions are available  
Switch software downloads  
Replacing and removing (erasing) a local switch software version  
System booting  
Displaying the Current Flash Image Data  
Use the commands in this section to:  
Determine whether there are flash images in both primary and secondary  
flash  
Determine whether the images in primary and secondary flash are the  
same  
Identify which switch software version is currently running  
Viewing the Currently Active Flash Image Version. This command  
identifies the software version on which the switch is currently running, and  
whether the active version was booted from the primary or secondary flash  
image.  
Syntax: show version  
5-20  
     
Switch Memory and Configuration  
Using Primary and Secondary Flash Image Options  
For example, if the switch is using a software version of K.12.XX stored in  
Primary flash, show version produces the following:  
HP Switch(config)# show version  
Image stamp: /su/code/build/info(s01)  
Dec 01 2006 10:50:26  
K.12.XX  
1223  
Primary  
Boot Image:  
Figure 5-20. Example Showing the Identity of the Current Flash Image  
Determining Whether the Flash Images Are Different Versions. If the  
flash image sizes in primary and secondary are the same, then in almost every  
case, the primary and secondary images are identical. This command provides  
a comparison of flash image sizes, plus the boot ROM version and from which  
flash image the switch booted. For example, in the following case, the images  
are different versions of the switch software, and the switch is running on the  
version stored in the secondary flash image:  
HP Switch(config)# show flash  
Image  
-----  
Size(Bytes) Date Version  
---------- -------- -------------  
Primary Image : 7493854 03/21/10 K.15.01.0001  
Secondary Image : 7463821 03/23/10 K.15.01.0001  
Boot Rom Version: K.15.08  
Default Boot  
: Primary  
Will boot from primary flash  
on the next boot.  
Figure 5-21. Example Showing Different Flash Image Versions  
Determining Which Flash Image Versions Are Installed. The show ver-  
sion command displays which software version the switch is currently running  
and whether that version booted from primary or secondary flash. Thus, if the  
switch booted from primary flash, you will see the version number of the  
software version stored in primary flash, and if the switch booted from  
secondary flash, you will see the version number of the software version  
stored in secondary flash. Thus, by using show version, then rebooting the  
switch from the opposite flash image and using show version again, you can  
determine the version(s) of switch software in both flash sources. For exam-  
ple:  
5-21  
 
Switch Memory and Configuration  
Using Primary and Secondary Flash Image Options  
HP Switch(config)# show version  
Management Module 1: Active  
Image stamp:  
/sw/code/build/btm(ec_K_15)  
Aug 2 2011 09:06:58  
K.15.06.00002  
152  
1. In this example show  
version indicates the  
switch has version  
K.15.06.00002 in primary  
flash.  
Boot Image:  
Primary  
HP Switch(config)# boot system flash secondary  
Device will be rebooted, do you want to continue [y/n]? y  
.
.
.
2. After the boot system  
command, show version  
indicates that version  
K.15.06.00001 is in  
HP Switch(config)# show version  
Management Module 1: Active  
Image stamp:  
/sw/code/build/btm(ec_K_15)  
Aug 2 2011 09:06:58  
K.15.06.00001  
secondary flash.  
1753  
Secondary  
Boot Image:  
Figure 5-22. Determining the Software Version in Primary and Secondary Flash  
Switch Software Downloads  
The following table shows the switch’s options for downloading a software  
version to flash and booting the switch from flash  
Table 5-1. Primary/Secondary Memory Access  
Action  
Menu  
Yes  
No  
CLI  
Yes  
Web Agent  
SNMP  
Yes  
Download to Primary  
Download to Secondary  
Boot from Primary  
Boot from Secondary  
Yes  
No  
Yes  
No  
Yes  
Yes  
Yes  
Yes  
Yes  
No  
Yes  
Yes  
The different software download options involve different copy commands,  
plus xmodem, usb, and tftp. These topics are covered in Appendix A, “File  
Transfers”.  
Download Interruptions. In most cases, if a power failure or other cause  
interrupts a flash image download, the switch reboots with the image previ-  
ously stored in primary flash. In the unlikely event that the primary image is  
5-22  
 
Switch Memory and Configuration  
Using Primary and Secondary Flash Image Options  
corrupted, as a result ofan interruption, the switchwillrebootfrom secondary  
flash and you can either copy the secondary image into primary or download  
another image to primary from an external source.  
Local Switch Software Replacement and Removal  
This section describes commands for erasing a software version and copying  
an existing software version between primary and secondary flash.  
N o t e  
another software file. The process automatically overwrites the previous file  
with the new file. If you want to remove an unwanted software version from  
flash, HP recommends that you do so by overwriting it with the same software  
version that you are using to operate the switch, or with another acceptable  
software version. To copy a software file between the primary and secondary  
flash locations, refer to “Copying a Switch Software Image from One Flash  
Location to Another”, below.  
The local commands described here are for flash image management within  
the switch. To download a software image file from an external source, see  
“File Transfers” in the Management and Configuration Guide for your  
switch.  
Copying a Switch Software Image from One Flash Location to  
Another. When you copy the flash image from primary to secondary or the  
of the file from the source location. This means you do not have to erase the  
current image at the destination location before copying in a new image.  
C a u t i o n  
Verify that there is an acceptable software version in the source flash location  
fromwhichyouaregoingtocopy. Usetheshowflash commandor, ifnecessary,  
the procedure under “Determining Which Flash Image Versions Are Installed”  
onpage 5-21toverifyanacceptablesoftwareversion. Attemptingtocopyfrom  
a source image location that has a corrupted flash image overwrites the image  
in the destination flash location. In this case, the switch will not have a valid  
flash image in either flash location, but will continue running on a temporary  
flash image in RAM. Do not reboot the switch. Instead, immediately download  
another valid flash image to primary or secondary flash. Otherwise, if the  
switch is rebooted without a software image in either primary or secondary  
flash, the temporary flash image in RAM will be cleared and the switch will go  
down. To recover, see “Restoring a Flash Image” in Appendix C of the Man-  
agement and Configuration Guide for your switch.  
5-23  
   
Switch Memory and Configuration  
Using Primary and Secondary Flash Image Options  
Syntax:  
copy flash flash <destination flash>  
where: destination flash = primary or secondary:  
For example, to copy the image in secondary flash to primary flash:  
1. Verify that there is a valid flash image in the secondary flash location. The  
following figure indicates that a software image is present in secondary  
flash. (If you are unsure whether the image is secondary flash is valid, try  
booting from it before you proceed, by using boot system flash secondary.)  
HP Switch(config)# show flash  
Image Size (bytes) Date  
The unequal code  
size, differing dates,  
and differing  
version numbers  
indicates two  
Version  
----------------- ------------ -------- --------------------  
Primary Image  
:
9798890 08/27/09 K.14.41  
14829211 08/02/11 K.15.06.0000x  
Secondary Image :  
different versions of  
the software.  
Boot ROM Version : K.15.19  
Default Boot : Primary  
Figure 5-23. Example Indicating Two Different Software Versions in Primary and Secondary Flash  
Execute the copy command as follows:  
HP Switch(config)# copy flash flash primary  
Erasing the Contents of Primary or Secondary Flash. This command  
deletes the software image file from the specified flash location.  
Caution:  
Before using this command in one flash image location (primary or second-  
ary), ensure that you have a valid software file in the other flash image location  
(secondary orprimary). Iftheswitchhas only one flash image loaded(ineither  
primary or secondary flash) and you erase that image, then the switch does  
not have a software image stored in flash. In this case, if you do not reboot or  
power cycle the switch, you can recover by using xmodem or tftp to download  
another software image.  
No Undo!  
Syntax:  
erase flash < primary | secondary >  
For example, to erase the software image in primary flash, do the following:  
1. First verify that a usable flash image exists in secondary flash. The most  
reliable way to ensure this is to reboot the switch from the flash image  
you want to retain. For example, if you are planning to erase the primary  
image, then first reboot from the secondary image to verify that the  
secondary image is present and acceptable for your system:  
5-24  
   
Switch Memory and Configuration  
Using Primary and Secondary Flash Image Options  
HP Switch# boot system flash secondary  
2. Then erase the software image in the selected flash (in this case, primary):  
HP Switch# erase flash primary  
The Primary OS Image will be deleted, continue [y/n]?  
Figure 5-24. Example of Erase Flash Prompt  
3. Type y at the prompt to complete the flash erase.  
4. Use show flash to verify erasure of the selected software flash image.  
HP Switch# show flash  
The “0” here  
shows that  
Compressed Primary Code size = 0  
Compressed Secondary code size = 2555802  
Boot ROM Version : K.15.19  
primary flash has  
been erased.  
Default Boot  
: Secondary  
Figure 5-25. Example of Show Flash Listing After Erasing Primary Flash  
Inredundantmanagementsystems, this commandwill erase theselectedflash  
in both the active and the standby management modules. If redundancy has  
been disabled or the standby module has failed selftest, this command only  
affects the active management module.  
Zeroizing the File Storage of the Management Module  
Sometimes it is desirable to completely remove the information stored in user  
files from flash storage. The zeroization feature will remove and “zeroize” all  
the files from flash storage except software images. Information removed  
includes the following:  
switch configurations  
system generated private keys  
user installed private keys  
legacy manager/operator password files  
crypto-key files  
fdr logs  
core dumps  
5-25  
   
Switch Memory and Configuration  
Using Primary and Secondary Flash Image Options  
Zeroization can be initiated in these ways:  
CLI command  
During Secure Mode transition, initiated through the secure-mode CLI  
command executed in a serial session  
ROM console command  
The zeroization process takes some time, so it is performed during the init  
process of a switch reboot. After zeroization, the configuration file is rebuilt  
from the default config file, which is similar to the config rebuilding process  
performed by the erase startup-config command.  
Syntax: erase all [zeroize]  
Erasesallmanagementmodulefiles,includingconfiguration  
files, core dumps, password files, crypto-key files, etc.  
Software images are not erased.  
When executed without the zeroize option, files are removed,  
but the flash storage is not zeroized. The data is still  
physically present in the flash. The flash can be removed from  
the switch and the data recovered with file recovery tools.  
[zeroize]: Zeroizes the file storage of the management modules.  
N o t e  
It is recommended that zeroization be performed from the serial console so  
that the status information can be viewed during the zeroization process.  
HP Switch(config)# erase all zeroize  
The system will be rebooted and all management module files  
except software images will be erased and zeroized. This will  
take up to 60 minutes and the switch will not be usable dur-  
ing that time. Continue (y/n)? y  
Figure 5-26. Zeroizing the Management Module Files  
Zeroizing from the ROM Console  
It is also possible to zeroize the file storage from the ROM console of the  
switch, using the erase-all zeroize command at the prompt. This most likely  
occurs during a switch recovery process. The warning messages are the same  
as for the CLI command.  
5-26  
     
Switch Memory and Configuration  
Using Primary and Secondary Flash Image Options  
=> erase-all zeroize  
The system will be rebooted and all management module files  
except software images will be erased and zeroized. This will  
take up to 60 minutes and the switch will not be usable dur-  
ing that time. Continue (y/n)? y  
Figure 5-27. Zeroizing the Management Module Files from the ROM Console  
Zeroizing with HA  
When zeroization is triggered by a secure mode transition, HA handles zeroiza-  
tion on the AMM and SMM automatically.  
When the CLI command (eraseall zeroize) is used to start zeroization, the AMM  
syncs with the SMM and ensures that the SMM performs the same level of  
zeroization before the AMM starts the zeroization process on itself. The AMM  
before the zeroization process occurs remains the AMM, unless it takes over  
a minute for the AMM to boot up, in which case the prior SMM becomes the  
AMM.  
When zeroization is started fromtheROM console, there isnosynchronization  
performed between the AMM and SMM, as zeroization from the ROM console  
is treated as a recovery facility. Each MM has to be zeroized individually.  
For information about Secure Mode and zeroization, see the chapter “Secure  
Mode (5400zl, 3800, and 8200zl)” in the Access Security Guide for your switch.  
Rebooting the Switch  
Operating Notes about Booting  
Default Boot Source. The switch reboots from primary flash by default  
unless you specify the secondary flash by entering either the boot system flash  
[primary | secondary] or boot set-default flash [primary | secondary] command.  
Both the boot command and the reload command will reboot based on how  
these options have been selected.  
Boot Attempts from an Empty Flash Location. In this case, the switch  
aborts the attempt and displays  
Image does not exist  
Operation aborted.  
5-27  
           
Switch Memory and Configuration  
Using Primary and Secondary Flash Image Options  
Interaction of Primary and Secondary Flash Images with the Current  
Configuration. The switch has one startup-config file (page 5-1), which it  
always uses for reboots, regardless of whether the reboot is from primary or  
secondary flash. Also, for rebooting purposes, it is not necessary for the  
software image and the startup-config file to support identical software fea-  
tures. For example, suppose you have just downloaded a software upgrade  
that includes new features that are not supported in the software you used to  
create the current startup-config file. In this case, the software simply assigns  
factory-default values to the parameters controlling the new features. Simi-  
larly, If you create a startup-config file while using a version “Y” of the switch  
software, and then reboot the switch with an earlier software version “X” that  
does not include all of the features found in “Y”, the software simply ignores  
the parameters for any features that it does not support.  
Scheduled Reload. If no parameters are entered after the reload command,  
an immediate reboot is executed. The reload at and reload after command  
information is not saved across reboots. If the switch is rebooted before a  
scheduledreloadcommand isexecuted, the commandiseffectivelycancelled.  
When entering a reload at or reload after command, a prompt will appear to  
confirm the command before it can be processed by the switch. For the reload  
at command, if mm/dd/yy are left blank, the current day is assumed.  
The scheduled reload feature removes the requirement to physically reboot  
the switch at inconvenient times (for example, at 1:00 inthe morning). Instead,  
a reload at 1:00 mm/dd command can be executed (where mm/dd is the date  
the switch is scheduled to reboot).  
Boot and Reload Command Comparison  
The switch offers reboot options through the boot and reload commands, plus  
the options inherent in a dual-flash image system. Generally, using boot  
provides more comprehensive self-testing; using reload gives you a faster  
reboot time.  
5-28  
       
Switch Memory and Configuration  
Using Primary and Secondary Flash Image Options  
Table 5-2. Comparing the Boot and Reload Commands  
Actions  
Included In Included In Reload  
Boot?  
Note  
Save all  
Optional,  
with prompt <cr>, when prompt  
displays.  
Optional with reload  
Config changes saved to  
the startup-config file if  
“y” is selected (reload  
command).  
configuration  
changes since the  
last boot or reload  
Not saved with reload  
at/after commands;  
No prompt is displayed.  
Perform all system  
self-tests  
Yes  
No  
The reload command  
provides a faster system  
reboot.  
Choice of primary or Yes  
secondary flash  
image  
No—Uses the current  
flash image.  
Performascheduled No  
reboot  
Yes  
Use the reloadcommand  
with after/at parameters  
(see page 5-33 for details).  
Setting the Default Flash  
You can specify the default flash to boot from on the next boot by entering the  
boot set-default flash command.  
Syntax: boot set-default flash [primary |secondary]  
Upon booting, set the default flash for the next boot to primary  
or secondary.  
HP Switch(config)# boot set-default flash secondary  
HP Switch(config)# show flash  
Image  
-----  
Size(Bytes) Date Version  
---------- -------- --------------  
Primary Image : 7476770 03/15/10 K.15.01.0001  
Secondary Image : 7476770 03/15/10 K.15.01.0001  
Boot Rom Version: K.15.08  
Default Boot  
: Secondary  
HP Switch(config)# boot  
This management module will now reboot from secondary and will become  
the standby module! You will need to use the other management module's  
console interface. Do you want to continue [y/n]?  
Figure 5-28.Example of boot set-default Command with Default Flash Set to Secondary (with a  
Redundant Management Module Present)  
5-29  
   
Switch Memory and Configuration  
Using Primary and Secondary Flash Image Options  
Booting from the Default Flash (Primary or Secondary)  
The boot command boots the switch from the flash image that you are  
currently booted on, or the flash image that was set either by the boot set-  
default command or by the last executed boot system flash <primary | secondary>  
command. This command also executes the complete set of subsystem self-  
tests. You have the option of specifying a configuration file.  
Syntax: boot [system [flash <primary | secondary>] [config FILENAME]  
Rebootstheswitchfromtheflashthatyouarecurrentlybooted  
on (primary or secondary). You can select which image to  
boot from during the boot process itself. When using  
redundant management, the switch will failover to the  
standby management module.  
Note: This is changed from always booting from primary  
flash. You are prompted with a message which will indicate  
the flash being booted from.  
system: Boots the switch. You can specify the flash image to  
boot from. When using redundant management, boots both  
the active and standby management modules.  
config: You can optionally select a configuration file from  
which to boot.  
HP Switch(config)# boot  
This management module will now reboot from primary image and will become  
the standby module! You will need to use the other management module's  
console interface. Do you want to continue [y/n]? y  
Do you want to save current configuration [y/n]? n  
Figure 5-29. Example of Boot Command (Default Primary Flash) with Redundant Management  
In the above example, typing either a y or n at the second prompt initiates the  
reboot operation. (Entering y saves any configuration changes from the  
running-config file to the startup-config file; entering n discards them.)  
5-30  
   
Switch Memory and Configuration  
Using Primary and Secondary Flash Image Options  
HP Switch(config)# show flash  
Image  
-----  
Size(Bytes) Date Version  
---------- -------- --------------  
Primary Image : 7497114 03/29/10 K.15.01.0001  
Secondary Image : 7497114 03/29/10 K.15.01.0001  
Boot Rom Version: K.15.08  
Default Boot  
: Primary  
The next boot is from primary  
Set to secondary flash  
HP Switch(config)# boot set-default flash secondary  
This command changes the location of the default boot. This command will  
change the default flash image to boot from secondary. Hereafter, 'reload'  
'boot' commands will boot from secondary. Do you want to continue [y/n]? y  
HP Switch(config)# boot  
This management module will now reboot from secondary image and will become  
the standby module! You will need to use the other management module's  
console interface. Do you want to continue [y/n]? n  
Figure 5-30. Example of Boot Command Booting from a Different Flash than the Current Flash (with  
Redundant Management Module Present)  
Booting from a Specified Flash  
This version of the boot command gives you the option of specifying whether  
to reboot from primary or secondary flash, and is the required command for  
rebooting from secondary flash. This option also executes the complete set  
of subsystem self-tests.  
Syntax: boot system flash < primary | secondary >  
For example, to reboot the switch from secondary flash when there are no  
pending configuration changes in the running-config file:  
HP Switch(config)# boot system flash secondary  
System will be rebooted from secondary image. Do you want to continue [y/n]?  
Figure 5-31. Example of Boot Command with Secondary Flash Option  
In the above example, typing either a y or n at the second prompt initiates the  
reboot operation.  
5-31  
   
Switch Memory and Configuration  
Using Primary and Secondary Flash Image Options  
Using the Fastboot feature. The fastboot command allows a boot  
sequence that skips the internal power-on self-tests, resulting in a faster boot  
time. When using redundant management and fastboot is enabled, it is saved  
to the standby management module when the config files are synchronized.  
Fastboot is used during the next bootup on either management module.  
Syntax: [no] fastboot  
Enables the fastboot option  
The no option disables the feature.  
Syntax: show fastboot  
Shows the status of the fastboot feature, either enabled or  
disabled.  
The fastboot command is shown below.  
HP Switch(config)# fastboot  
Using Reload  
The Reload command reboots the switch from the flash image that you are  
currently booted on (primary or secondary) or the flash image that was set  
either by the boot set-default command or by the last executed boot system flash  
<primary | secondary> command. Because reload bypasses some subsystem  
self-tests, the switch reboots faster than if you use either of the boot command  
options. If you are using redundant management and redundancy is enabled,  
the switch will failover to the other management module.  
Syntax: reload  
For example, if you change the number of VLANs the switch supports, you  
mustreboottheswitchinordertoimplementthechange. The reload command  
prompts you to save or discard the configuration changes.  
HP Switch(config)# max-vlans 12  
Command will take effect after saving configuration and reboot.  
HP Switch(config)# reload  
This command will cause a switchover to the other management module  
which may not be running the same software image and configurations.  
Do you want to continue [y/n]? y  
Figure 5-32. Using Reload with Redundant Management and Pending Configuration Changes  
5-32  
     
Switch Memory and Configuration  
Using Primary and Secondary Flash Image Options  
Scheduled Reload. Beginning with software release K.11.34, additional  
parameters have been added to the reload command to allow for a scheduled  
reboot of the switch via the CLI.  
Syntax: [no] reload [after <[dd:]hh:]mm> | at <hh:mm[:ss]> [<mm/dd[/[yy]yy]>]]  
Enables a scheduled warm reboot of the switch. The switch boots  
up with the same startup config file and using the same flash  
image as before the reload.  
Caution: When using redundant management, the reload at/after  
command causes a switchover at the scheduled time to the other  
management module, which may not be running the same soft-  
ware image or have the same configurations.  
Parameters include:  
after: Schedules a warm reboot of the switch after a given  
amount of time has passed.  
at: Schedules a warm reboot of the switch at a given time.  
The no form of the command removes a pending reboot request.  
For more details and examples, see below.  
The scheduled reload feature removes the requirement to physically reboot  
the switch at inconvenient times (for example, at 1:00 inthe morning). Instead,  
a reload at 1:00 mm/dd command can be executed (where mm/dd is the date  
the switch is scheduled to reboot).  
N o t e  
Configuration changes are not saved with reload at or reload after commands.  
No prompt to save configuration file changes is displayed. See Table 5-2 on  
page 5-29.  
Examples of scheduled reload commands:  
To schedule a reload in 15 minutes:  
HP Switch# reload after 15  
To schedule a reload in 3 hours:  
HP Switch# reload after 03:00  
To schedule a reload for the same time the following day:  
HP Switch# reload after 01:00:00  
To schedule a reload for the same day at 12:05:  
HP Switch# reload at 12:05  
To schedule a reload on some future date:  
HP Switch# reload at 12:05 01/01/2008  
5-33  
   
Switch Memory and Configuration  
Using Primary and Secondary Flash Image Options  
HP Switch(config)# reload after 04:14:00  
Reload scheduled in 4 days, 14 hours, 0 minutes  
This command will cause a switchover at the scheduled time to the  
other management module which may not be running the same software  
image and configurations. Do you want to continue [y/n]?  
Figure 5-33. An Example of the reload Command with a Redundant Management System  
Module Reload.  
The module reload feature allows you to reset a module by initiating a warm  
reboot of a specified module or modules. This saves time over rebooting the  
entire switch, which can take several minutes to complete and disrupts all  
users on the switch. The specified module has its power turned off, and then  
turned on again. This causes the module to reset to a known good state and  
reload its software.  
Syntax: [no] reload [ [after < [[DD:] HH:] MM>] | [at HH:MM [:SS]  
[MM/DD[/[YY]YY]] ] | [module <slot-id range>]]  
When specified with the module parameter, initiates a reload  
of the module in the specified slot or slots by turning the slot  
power off, then on again. A valid slot or range of slots must  
be specified. The at and after parameters are not allowed with  
the module option. The no version of the command is not valid  
with the module option.  
When the reload command is executed without any  
parameters, an immediate switch reload occurs.  
Note: This feature is not supported for HP One modules.  
module: Powers the module on or off, forcing a software reload  
of the specified module or modules.  
HP Switch(config)# reload module C  
The ‘reload module’ command will shutdown the specified modules. Ports on  
specified modules will no longer pass traffic. Any management traffic to the  
switch which passes through the affected modules will be interrupted (e.g. ssh,  
telnet, snmp). This command may take up to 2 minutes to power down all specified  
modules. Please check the event log for current status of module power down,  
power up cycle. Continue [y/n]?  
Figure 5-34. Example of Reloading a Specified Module  
5-34  
 
Switch Memory and Configuration  
Using Primary and Secondary Flash Image Options  
Displaying Reload Information.  
Use the show reload command to display the reload information. This can  
include:  
A scheduled, pending reload of the entire switch  
A statement that no reload is scheduled  
The time of the last reload of each module on the system  
HP Switch(config)# reload at 23:45  
Reload scheduled at 23:45:47 6/16/2010  
(in 0 days, 1 hours, 41 minutes)  
HP Switch(config)# show reload at  
Reload scheduled for 23:45:47 06/16/2010  
(in 0 days, 1 hours, 40 minutes)  
HP Switch(config)# show reload after  
Reload scheduled for 23:45:47 6/16/2010  
(in 0 days, 1 hours, 40 minutes)  
Figure 5-35. Example of the Scheduled Reload At Information  
HP Switch(config)# reload after 35  
Reload scheduled in 0 days, 0 hours, 35 minutes  
HP Switch(config)# show reload at  
Reload scheduled in 0 days, 0 hours, 34 minutes  
HP Switch(config)# show reload after  
Reload scheduled in 0 days, 0 hours, 34 minutes  
Figure 5-36. Example of the Scheduled Reload After Information  
HP Switch(config)# show reload module  
Module Reload information:  
Module | Last reload date  
-------+----------------------  
C
10:50:51 01/13/2010  
Figure 5-37. Example of the Module Reload Information  
5-35  
 
Switch Memory and Configuration  
Multiple Configuration Files  
Multiple Configuration Files  
Action  
Page  
5-40  
5-41  
Listing and Displaying Startup-Config Files  
Changing or Overriding the Reboot Configuration Policy  
Managing Startup-Config Files  
Renaming Startup-Config Files  
5-44  
5-44  
5-45  
5-47  
5-48  
Copying Startup-Config Files  
Erasing Startup-Config Files  
Effect of Using the Clear + Reset Buttons  
Copying Startup-Config Files to or from a Remote Server  
This method of operation means that you cannot preserve different startup-  
config files across a reboot without using remote storage.  
The switch allows up to three startup-config files with options for selecting  
which startup-config file to use for:  
A fixed reboot policy using a specific startup-config file for a specific boot  
path (primary or secondary flash)  
Overriding the current reboot policy on a per-instance basis  
Startup-Config  
Options:  
File 1  
Primary Boot Path  
Boot Command  
Running-Config  
File 2  
Secondary Boot Path  
File 3  
Figure 5-38. Optional Reboot Process  
While you can still use remote storage for startup-config files, you can now  
maintain multiple startup-config files on the switch and choose which version  
to use for a reboot policy or an individual reboot.  
This choice of which configuration file to use for the startup-config at reboot  
provides the following new options:  
Theswitchcanrebootwithdifferentconfigurationoptionswithouthaving  
to exchange one configuration file for another from a remote storage  
location.  
5-36  
     
Switch Memory and Configuration  
Multiple Configuration Files  
Transitions from one software release to another can be performed while  
maintaining a separate configuration for the different software release  
versions.  
By setting a reboot policy using a known good configuration and then  
overriding the policy on a per-instance basis, you can test a new configu-  
ration with the provision that if an unattended reboot occurs, the switch  
will come up with the known, good configuration instead of repeating a  
reboot with a misconfiguration.  
General Operation  
Multiple Configuration Storage in the Switch. The switch uses three  
memory “slots”, with identity (id) numbers of 1, 2, and 3.  
HP Switch(config)# show config files  
Configuration files:  
Memory Slots  
for Different  
Startup-Config  
Files  
id | act pri sec | name  
---+-------------+------------------------------------------------  
1 |  
| oldConfig  
2 | * * * | workingConfig  
3 |  
|
Figure 5-39. Example of Output for show config files Command  
A startup-config file stored in a memory slot has a unique, changeable file  
name. The switches covered in this guide can use the startup-config in any of  
the memory slots (if the software version supports the configured features).  
Boot Options. With multiple startup-config files in the switch you can spec-  
ify a policy for the switch to use upon reboot. The options include:  
Use the designated startup-config file with either or both reboot paths  
(primary or secondary flash)  
Override the current reboot policy for one reboot instance by specifying  
a boot path (primary or secondary flash) and the startup-config file to use.  
Changing the Startup-Config File. When the switch reboots, the startup-  
configfilesuppliestheconfigurationfortherunning-configfiletheswitchuses  
to operate. Making changes to the running-config file and then executing a  
write-mem command (or, in the Menu interface, the Save command) are  
written back to the startup-config file used at the last reboot. For example,  
suppose that a system administrator performs the following on a switch that  
has two startup-config files (workingConfig and backupConfig):  
5-37  
         
Switch Memory and Configuration  
Multiple Configuration Files  
1. Reboot the switch through the Primary boot path using the startup-config  
file named backupConfig.  
2. Use the CLI to make configuration changes in the running-config file, and  
then execute write mem.  
The result is that the startup-config file used to reboot the switch is modified  
by the actions in step 2.  
Boot Command  
Primary Boot Path  
ActiveStartup-ConfigFile:  
Idle Startup-Config File:  
backupConfig  
workingConfig  
Generated Running-Config File  
Use CLI To Change Running-Config  
Execute write mem To Save Changes to  
Source Startup-Config File  
Figure 5-40. Example of Reboot Process and Making Changes to the Startup-  
Config File  
Creating an Alternate Startup-Config File. There are two methods for  
creating a new configuration file:  
Copy an existing startup-config file to a new filename, then reboot the  
switch, make the desired changes to the running-config file, then execute  
write memory. (Refer to figure 5-5-40, above.)  
Erase the active startup-config file. This generates a new, default startup-  
config file that always results when the switch automatically reboots after  
deletion of the currently active startup-config file. (Refer to “Erasing a  
Startup-Config File” on page 5-45.)  
5-38  
       
Switch Memory and Configuration  
Multiple Configuration Files  
Transitioning to Multiple Configuration Files  
At the first reboot with a software release supporting multiple configuration,  
the switch:  
Assigns the filename oldConfig to the existing startup-config file (which is  
stored in memory slot 1).  
Saves a copy of the existing startup-config file in memory slot 2 with the  
filename workingConfig.  
Assigns the workingConfig file as the active configuration and the default  
configuration for all subsequent reboots using either primary or second-  
ary flash.  
HP Switch(config)# show config files  
Configuration files:  
id | act pri sec | name  
---+-------------+----------------------------------------  
1 |  
| oldConfig  
2 | * * * | workingConfig  
3 |  
|
Figure 5-41. Switch Memory Assignments After the First Reboot from Software  
Supporting Multiple Configuration  
In the above state, the switch always:  
Uses the workingConfig file to reboot  
The commands described later in this section enable you to view the current  
multiple configuration status, manage multiple startup-config files, configure  
reboot policies, and override reboot policies on a per-instance basis.  
5-39  
       
Switch Memory and Configuration  
Multiple Configuration Files  
Listing and Displaying Startup-Config Files  
Command  
Page  
Below  
5-41  
show config files  
show config < filename >  
Viewing the Startup-Config File Status with Multiple  
Configuration Enabled  
Rebooting the switch automatically enables the multiple configuration fea-  
ture.  
Syntax: show config files  
This command displays the available startup-config files on  
the switch and the current use of each file.  
id: Identifies the memory slot for each startup-config file  
available on the switch.  
act: An asterisk ( * ) in this column indicates that the  
corresponding startup-config file is currently in use.  
pri: An asterisk ( * ) in this column indicates that the  
sec: An asterisk ( * ) in this column indicates that the  
corresponding startup-config file is currently assigned to the  
secondary boot path.  
name: Shows the filename for each listed startup-config file in  
the switch. Refer to “Renaming an Existing Startup-Config  
File” on page 5-44 for the command you can use to change  
existing startup-config filenames.  
In the default configuration, if the switch was shipped from  
the factory with software installed in both the primary and  
secondary boot paths, then one startup-config file named  
config1 is used for both paths and is stored in memory slot 1.  
Memory slots 2 and 3 are empty in this default configuration.  
5-40  
             
Switch Memory and Configuration  
Multiple Configuration Files  
Displaying the Content of A Specific Startup-Config File  
With Multiple Configuration enabled, the switch can have up to three startup-  
config files. Because the show config command always displays the content of  
the currently active startup-config file, the command extension shown below  
is needed to allow viewing the contents of any other startup-config files stored  
in the switch.  
Syntax: show config < filename >  
This command displays the content of the specified startup-  
config file in the same way that the show config command  
displays the content of the default (currently active) startup-  
config file.  
Changing or Overriding the Reboot Configuration  
Policy  
Command  
Page  
Below  
5-43  
startup-default [ primary | secondary ] config < filename >  
boot system flash < primary | secondary > config < filename >  
You can boot the switch using any available startup-config file.  
Changing the Reboot Configuration Policy. For a given reboot, the  
switch automatically reboots from the startup-config file assigned to the flash  
location (primary or secondary) being used for the current reboot. For exam-  
ple, when you first download a software version that supports multiple  
configuration files and boot from the flash location of this version, the switch  
copies the existing startup-config file (named oldConfig) into memory slot 2,  
renames this file to workingConfig, and assigns workingConfig as:  
The active configuration file  
The configuration file to use when booting from either primary or second-  
ary flash.  
In this case, the switch is configured to automatically use the workingConfig  
file in memory slot 2 for all reboots.  
You can use the following command to change the current policy so that the  
switch automatically boots using a different startup-config file.  
5-41  
         
Switch Memory and Configuration  
Multiple Configuration Files  
Syntax: startup-default [ primary | secondary ] config < filename >  
Specifies a boot configuration policy option:  
[ primary | secondary ] config < filename >: Designates the  
startup-config file to use in a reboot with the software  
version stored in a specific flash location. Use this option  
to change the reboot policy for either primary or  
secondary flash, or both.  
config < filename >: Designates the startup-config file to use  
for all reboots, regardless of the flash version used. Use  
this option when you want to automatically use the same  
startup-config file for all reboots, regardless of the flash  
source used.  
For redundant management systems, this command affects  
both the active management module and the standby manage-  
ment module. The config file is copied immediately to the  
standby management module and becomes the default on that  
disabled or the standby module has failed selftest.  
Note: To override the current reboot configuration policy for  
a single reboot instance, use the boot system flash command  
with the options described under “Overriding the Default  
Reboot Configuration Policy” on page 5-43.  
For example, suppose:  
Software release “A” is stored in primary flash and a later software release  
is stored in secondary flash.  
The system operator is using memory slot 1 for a reliable, minimal  
configuration (named minconfig) for the software version in the primary  
flash, and slot 2 for a modified startup-config file (named newconfig) that  
includes untested changes for improved network operation with the  
software version in secondary flash.  
The operator wants to ensure that in case of a need to reboot by pressing the  
Reset button, or if a power failure occurs, the switch will automatically reboot  
with the minimal startup-config file in memory slot 1. Since a reboot due to  
pressing the Reset button or to a power cycle always uses the software version  
in primary flash, the operator needs to configure the switch to always boot  
from primary flash with the startup-config file named minconfig (in memory  
slot 1). Also, whenever the switch boots from secondary flash, the operator  
also wants the startup-config named newconfig to be used. The following two  
commands configure the desired behavior.  
5-42  
         
Switch Memory and Configuration  
Multiple Configuration Files  
HP Switch(config)# startup-default pri config minconfig  
HP Switch(config) # startup-default sec config newconfig.  
Overriding the Default Reboot Configuration Policy. This command  
provides a method for manually rebooting with a specific startup-config file  
other than the file specified in the default reboot configuration policy.  
Syntax: boot system flash < primary | secondary > config < filename >  
Specifies the name of the startup-config file to apply for the  
immediate boot instance only. This command overrides the  
current reboot policy.  
Using Reload To Reboot From the Current Flash Image and Startup-  
Config File.  
Syntax: reload  
Thiscommandbootstheswitchfromthecurrentlyactiveflash  
image and startup-config file. Because reload bypasses some  
subsystem self-tests, the switch boots faster than if you use a  
boot command.  
Note: To identify the currently active startup-config file, use  
the show config files command.  
Managing Startup-Config Files in the Switch  
Command  
Page  
5-44  
5-44  
5-45  
5-47  
rename config < current-filename > < newname-str >  
copy config < source-filename > config < dest-filename >  
erase config < filename > | startup-config  
Erase startup-config using the front-panel Clear + Reset Buttons  
5-43  
       
Switch Memory and Configuration  
Multiple Configuration Files  
Renaming an Existing Startup-Config File  
Syntax: rename config < current-filename > < newname-str >  
This command changes the name of an existing startup-  
config file. A file name can include up to 63, alphanumeric  
characters. Blanks are allowed in a file name enclosed in  
quotes (“ “ or ‘ ‘). (File names are not case-sensitive.)  
For redundant management systems, renaming a config file  
affects both the active management module and the standby  
management module, unless redundancy is disabled or the  
standby module failed selftest.  
Creating a New Startup-Config File  
The switch allows up to three startup-config files. You can create a new  
startup-config file if there is an empty memory slot or if you want to replace  
one startup-config file with another.  
Syntax: copy config < source-filename > config < target-filename >  
This command makes a local copy of an existing startup-  
config file by copying the contents of an existing startup-  
config file in one memory slot to a new startup-config file in  
another, empty memory slot. This enables you to use a sepa-  
rate configuration file to experiment with configuration  
changes, while preserving the source file unchanged. It also  
simplifies a transition from one software version to another  
by enabling you to preserve the startup-config file for the  
earlier software version while creating a separate startup-  
config file for the later software version. With two such  
versions in place, you can easily reboot the switch with the  
correct startup-config file for either software version.  
• If the destination startup-config file already exists, it is  
overwritten by the content of the source startup-config file.  
• If the destination startup-config file does not already exist,  
it will be created in the first empty configuration memory  
slot on the switch.  
• If the destination startup-config file does not already exist,  
but there are no empty configuration memory slots on the  
switch, then a new startup-config file is not created and  
instead, the CLI displays the following error message:  
Unable to copy configuration to “< target-filename >”.  
5-44  
           
Switch Memory and Configuration  
Multiple Configuration Files  
For example, suppose both primary and secondary flash memory contain  
software release “A” and use a startup-config file named config1:  
HP Switch(config)# show config files  
Configuration files:  
id | act pri sec | name  
---+-------------+-----------------------------------------  
1 | * * * | config1  
2 |  
3 |  
|
|
Figure 5-42. Example of Using One Startup-Config File for Both Primary and  
Secondary Flash  
If you wanted to experiment with configuration changes to the software  
version in secondary flash, you could create and assign a separate startup-  
config file for this purpose.  
HP Switch(config)# copy config config1 config config2  
HP Switch(config)# startup-default secondary config config2  
HP Switch(config)# show config files  
Configuration files:  
id | act pri sec | name  
---+-------------+-------------------------------
The first two commands copy the config1  
startup-config file to config2, and then  
make config2 the default startup-config  
file for booting from secondary flash.  
1 | * *  
2 |  
| config1  
* | config2  
|
3 |  
Figure 5-43. Example of Creating and Assigning a New Startup-Config File  
You can also generate a new startup-config file by booting the switch from a  
N o t e  
flash memory location from which you have erased the currently assigned  
startup-config file. Refer to “Erasing a Startup-Config File” in the next section.  
Erasing a Startup-Config File  
You can erase any of the startup-config files in the switch’s memory slots. In  
some cases, erasing a file causes the switch to generate a new, default-  
configuration file for the affected memory slot.  
5-45  
     
Switch Memory and Configuration  
Multiple Configuration Files  
Inaredundantmanagementsystem,thiscommanderasestheconfigorstartup  
config file on both the active and the standby management modules as long  
as redundancy has not been disabled. If the standby management module is  
not in standby mode or has failed selftest, the config or startup config file is  
not erased.  
Syntax: erase < config < filename >> | startup-config >  
config < filename >: This option erases the specified startup-  
config file. If the specified file is not the currently active  
startup-config file, then the file is simply deleted from the  
memory slot it occupies. If the specified file is the currently  
active startup-config file, then the switch creates a new,  
defaultstartup-configfilewiththesamenameastheerased  
file, and boots using this file. (This new startup-config file  
contains only the default configuration for the software  
version used in the reboot.)  
Note: Where a file is assigned to either the primary or the  
secondary flash, but is not the currently active startup-  
config file, erasing the file does not remove the flash  
assignment from the memory slot for that file. Thus, if the  
switch boots using a flash location that does not have an  
assigned startup-config, then the switch creates a new,  
default startup-config file and uses this file in the reboot.  
(This new startup-config file contains only the default  
configuration for the software version used in the reboot.)  
Executing write memory after the reboot causes a switch-  
generated filename of configx to appear in the show config  
files display for the new file, where x corresponds to the  
memory slot number.  
startup-config: This option erases the currently active startup-  
config file and reboots the switch from the currently active  
flash memory location. The erased startup-config file is  
replaced with a new startup-config file. The new file has  
the same filename as the erased file, but contains only the  
default configuration for the software version in the flash  
location (primary or secondary) used for the reboot. For  
example, suppose the last reboot was from primary flash  
using a configuration file named minconfig. Executing  
erase startup-config replaces the current content of minconfig  
with a default configuration and reboots the switch from  
primary flash.  
Figure 5-44 illustrates using erase config < filename > to remove a startup-config  
file.  
5-46  
   
Switch Memory and Configuration  
Multiple Configuration Files  
HP Switch(config)# show config files  
Configuration files:  
id | act pri sec | name  
---+-------------+-----------------------------------------  
1 | * *  
2 |  
3 |  
| minconfig  
* | config2  
| config3  
HP Switch(config)# erase config config3  
HP Switch(config)# show config files  
Configuration files:  
id | act pri sec | name  
---+-------------+-----------------------------------------  
1 | * *  
2 |  
3 |  
| minconfig  
* | config2  
|
Figure 5-44. Example of Erasing a Non-Active Startup-Config File  
With the same memory configuration as is shown in the bottom portion of  
figure 5-44, executing erase startup-config boots the switch from primary flash,  
resulting in a new file named minconfig in the same memory slot. The new file  
contains the default configuration for the software version currently in pri-  
mary flash.  
Using the Clear + Reset Button Combination To Reset the  
Switch to Its Default Configuration  
The Clear + Reset button combination described in the Installation and  
Getting Started Guide produces these results. That is, when you press the  
Clear + Reset button combination, the switch:  
Overwrites the content of the startup-config file currently in memory  
slot 1 with the default configuration for the software version in  
primary flash, and renames this file to config1.  
Erases any other startup-config files currently in memory.  
Configures the new file in memory slot 1 as the default for both  
primary and secondary flash locations (regardless of the software  
version currently in secondary flash).  
Boots the switch from primary flash using the new startup-config file.  
5-47  
     
Switch Memory and Configuration  
Multiple Configuration Files  
HP Switch(config)# show config files  
Configuration files:  
Pressing Clear + Reset:  
Replaces all startup-config files with a single  
file named config1 that contains the default  
configuration for the software version in  
id | act pri sec | name  
---+-------------+--------------------
primary flash.  
1 | * * * | config1  
Resets the Active, Primary, and Secondary  
2 |  
3 |  
|
|
assignments as shown here.  
Figure 5-45. Example of Clear + Reset Result  
Transferring Startup-Config Files To or From a Remote  
Server  
Command  
Page  
below  
copy config < src-file > tftp < ip-addr > < remote-file > < pc | unix > [oobm]  
copy tftp config < dest-file > < ip-addr > < remote-file > < pc | unix > [oobm]  
copy config < src-file > xmodem < pc | unix >  
below  
5-50  
copy xmodem config < dest-file > < pc | unix >  
5-50  
TFTP: Copying a Configuration File to a Remote Host  
Syntax: copy config < src-file > tftp < ip-addr > < remote-file > < pc | unix > [oobm]  
This is an addition to the copy tftp command options. Use  
this command to upload a configuration file from the switch  
to a TFTP server.  
For switches that have a separate out-of-band management  
port, the oobm parameter specifies that the TFTP traffic will  
go out through the out-of-band management interface. If this  
parameter is not specified, the TFTP traffic goes out through  
the data interface. The oobm parameter is not available on  
switches that do not have a separate out-of-bandmanagement  
port.  
For more on using TFTP to copy a file to a remote server, see  
“TFTP: Copying a Configuration File to a Remote Host” in  
Appendix A of the Management and Configuration Guide for  
your switch.  
5-48  
             
Switch Memory and Configuration  
Multiple Configuration Files  
For example, the following command copies a startup-config file named test-  
01 from the switch to a (UNIX) TFTP server at IP address 10.10.28.14:  
HP Switch(config)# copy config test-01 tftp 10.10.28.14  
test-01.txt unix  
TFTP: Copying a Configuration File from a Remote Host  
Syntax: copy tftp config < dest-file > < ip-addr > < remote-file > < pc | unix >[oobm]  
This is an addition to the copy tftp command options. Use  
this command to download a configuration file from a TFTP  
server to the switch.  
For switches that have a separate out-of-band management  
port, the oobm parameter specifies that the TFTP traffic must  
come in through the out-of-band management interface. If  
this parameter is not specified, the TFTP traffic comes in  
through the data interface. The oobm parameter is not  
available on switches that do not have a separate out-of-band  
management port.  
Note: This command requires an empty memory slot in the  
switch. If there are no empty memory slots, the CLI displays  
the following message:  
Unable to copy configuration to "< filename >".  
You can erase one or more configuration files using the erase  
config <filename> command.  
For more on using TFTP to copy a file from a remote host, see  
“TFTP: Copying a Configuration File from a Remote Host” in  
Appendix A of the Management and Configuration Guide for  
your switch.  
For example, the following command copies a startup-config file named test-  
01.txt from a (UNIX) TFTP server at IP address 10.10.28.14 to the first empty  
memory slot in the switch:  
HP Switch(config)# copy tftp config test-01 10.10.28.14  
test-01.txt unix  
5-49  
         
Switch Memory and Configuration  
Multiple Configuration Files  
Xmodem: Copying a Configuration File to a Serially  
Connected Host  
Syntax: copy config < filename > xmodem < pc | unix >  
This is an addition to the copy < config > xmodem command  
options. Use this command to upload a configuration file  
from the switch to an Xmodem host.  
For more on using Xmodem to copy a file to a serially  
connected host, see “Xmodem: Copying a Configuration File  
toaSerially ConnectedPC or UNIXWorkstationinAppendix  
A of the Management and Configuration Guide for your  
switch.  
Xmodem: Copying a Configuration from a Serially  
Connected Host  
Syntax: copy xmodem config < dest-file > < pc | unix >  
This is an addition to the copy xmodem command options. Use  
this command to download a configuration file from an  
Xmodem host to the switch.  
For more on using Xmodem to copy a file from a serially  
connected host, see “Xmodem: Copying a Configuration File  
from a Serially Connected PC or UNIX Workstation” in  
Appendix A of the Management and Configuration Guide for  
your switch.  
Operating Notes for Multiple Configuration Files  
SFTP/SCP: The configuration files are available for sftp/scp transfer as  
/cfg/< filename >.  
5-50  
           
Switch Memory and Configuration  
Display Configuration of Selected Interface  
Display Configuration of Selected  
Interface  
The options provided in this feature allow you to display all the configurations  
on a specified interface or VLAN with a single command. You can use the  
options with the startup config command, show config, and the running config  
command, show running-config.  
Running Configuration Output  
You can display the running configuration using this command. An example  
of the output is shown in Figure 5-46.  
Syntax: show running-config [interface <port-list | loopback <0-7> | vlan <vlan-  
id-list>][structured]  
Displays running configuration information about the  
selected interface when one is specified. The interfaces can  
be ports, VLANs, or SVLANs.  
Note: For the 5400zl, 3800, and 8200zl switches, when the  
command is executed in enhanced secure mode the following  
prompt displays:  
Do you want to show sensitive information  
(y/n)?  
If “Y/y” is entered, the normal command output is displayed  
on the console. If “N/n” is entered, all the sensitive  
information is hidden and will be displayed as asterisks  
(“*****”). The default option is “N/n” when interactive mode  
is disabled. For more information, see the chapter “Secure  
Mode (5400zl, 3800, and 8200zl)” in the Access Security  
Guide for your switch.  
5-51  
         
Switch Memory and Configuration  
Display Configuration of Selected Interface  
structured: Groups the config command information output  
in a logical manner. When the structured option is entered,  
the output displays the configuration settings, such as  
spanning-tree, followed by a list of all the switch interfaces  
showing any configured settings for each interface. The  
VLAN configuration information is displayed after the  
interface information.  
When the structured option is not entered, the output first  
displays only the interfaces that have configuration settings.  
The other settings, such as spanning-tree, are displayed after  
the interfaces, and then the VLAN configuration information  
is displayed.  
N o t e  
The show running config interface/vlan/svlan command output cannot be down-  
loaded to the switch; it will not download correctly. Copying and pasting the  
displayed configuration information into the switch configuration is not sup-  
ported. This feature only provides a display of all the configuration informa-  
tion for a selected interface or range of interfaces in a single view.  
5-52  
Switch Memory and Configuration  
Display Configuration of Selected Interface  
HP Switch(eth-A2-A4)# show running-config  
Running configuration:  
; J8698A Configuration Editor; Created on release #K.14.54C  
; Ver #02:0b:ef:e6  
hostname "HP Switch"  
interface A2  
disable  
name "test1"  
flow-control  
broadcast-limit 80  
Configuration information for interfaces A2 and A3 is  
shown in two different places in the config file.  
speed-duplex 100-full  
unknown-vlans Block  
qos priority 4  
lacp Passive  
gvrp join-timer 30  
gvrp leave-timer 60  
gvrp leaveall-timer 700  
exit  
interface A3  
disable  
name "test1"  
flow-control  
broadcast-limit 80  
speed-duplex 100-full  
unknown-vlans Block  
qos priority 4  
lacp Passive  
gvrp join-timer 30  
gvrp leave-timer 60  
gvrp leaveall-timer 700  
exit  
vlan 1  
name "DEFAULT_VLAN"  
untagged A1-A4,C1-C24,F1-F24  
ip address dhcp-bootp  
exit  
interface A2  
dhcp-snooping trust  
bandwidth-min output 20 10 10 10 20 10 10 10  
rate-limit bcast in percent 75  
ipv6 access-group "check" in  
exit  
interface A3  
dhcp-snooping trust  
bandwidth-min output 20 10 10 10 20 10 10 10  
rate-limit bcast in percent 75  
ipv6 access-group "check" in  
exit  
Figure 5-46. Example of Running Configuration Output for Interfaces A2 - A4  
Figure 5-47 shows an example of the running config for a range of interfaces.  
The configuration information for interfaces A2 and A3 is now displayed  
together.  
5-53  
Switch Memory and Configuration  
Display Configuration of Selected Interface  
HP Switch(config)# show running-config interface A2-A3  
Running configuration:  
All the information for interfaces A2 and A3 is  
shown together in the output.  
interface A2  
disable  
name "test1"  
flow-control  
broadcast-limit 80  
speed-duplex 100-full  
unknown-vlans block  
qos priority 4  
gvrp join-timer 30 leave-timer 60 leaveall-timer 700  
dhcp-snooping trust  
lacp passive  
bandwidth-min output 20 10 10 10 20 10 10 10  
rate-limit bcast in percent 75  
ipv6 access-group "check" in  
untagged vlan 1  
exit  
interface A3  
disable  
name "test1"  
flow-control  
broadcast-limit 80  
speed-duplex 100-full  
unknown-vlans block  
qos priority 4  
gvrp join-timer 30 leave-timer 60 leaveall-timer 700  
dhcp-snooping trust  
lacp passive  
bandwidth-min output 20 10 10 10 20 10 10 10  
rate-limit bcast in percent 75  
ipv6 access-group "check" in  
untagged vlan 1  
exit  
Figure 5-47. Example of Running Config Output for a Specified Interface Range  
Figure 5-48 shows an example of the running config file for a range of  
interfaces after some configuration changes have been made.  
5-54  
Switch Memory and Configuration  
Display Configuration of Selected Interface  
HP Switch(config)# no stack  
HP Switch(config)# mesh 2-3  
Command will take effect after saving configuration and reboot.  
HP Switch(config)# write memory  
HP Switch(config)# reload  
HP Switch# show running-config interface 2-3  
Running configuration:  
interface 2  
untagged vlan 1  
mesh  
exit  
interface 3  
flow-control  
untagged vlan 1  
mesh  
exit  
Figure 5-48. Example of Running Config Output for a Range of Interfaces  
Figure 5-49 is an example of the running config output showing VLAN infor-  
mation.  
5-55  
 
Switch Memory and Configuration  
Display Configuration of Selected Interface  
HP Switch(config)# show running-config  
Running configuration:  
; J8698A Configuration Editor; Created on release #K.14.54C  
; Ver #02:0b:ef:e6  
hostname "HP Switch"  
module 1 type J9309A  
module 3 type J8702A  
module 6 type J8702A  
ip routing  
vlan 1  
name "DEFAULT_VLAN"  
untagged A1-A4,C1-C24,F1-F24  
ip address dhcp-bootp  
exit  
vlan 2  
name "test-vlan-2"  
ip helper-address 4.1.1.1  
ip helper-address 5.1.1.1  
ip address 1.1.1.1 255.255.255.0  
ipv6 address 2001::/64 anycast  
ipv6 enable  
exit  
vlan 3  
name "VLAN3"  
ip helper-address 7.1.1.1  
ip forward-protocol udp 7.1.1.1 snmp  
ip forward-protocol udp 11.1.1.2 dns  
no ip address  
exit  
VLAN 4 configuration information is not together  
in the config file output.  
vlan 4  
name "VLAN4"  
ip address 5.1.1.1 255.255.255.0  
ip bootp-gateway 5.1.1.1  
exit  
logging 10.0.102.90  
logging system-module ospf  
ip route 5.1.1.0 255.255.255.0 vlan 4 distance 3  
Figure 5-49. Example of Running Config Output Showing VLAN Information  
In Figure 5-50, the configuration information for VLAN 4 is now displayed in  
one place.  
5-56  
Switch Memory and Configuration  
Display Configuration of Selected Interface  
HP Switch(config)# show running-config vlan 3-4  
Running configuration:  
vlan 3  
name "VLAN3"  
ip helper-address 7.1.1.1  
ip forward-protocol udp 7.1.1.1 snmp  
ip forward-protocol udp 11.1.1.2 dns  
no ip address  
exit  
vlan 4  
name "VLAN4"  
VLAN 4 configuration information is displayed  
together in the output.  
ip address 5.1.1.1 255.255.255.0  
ip bootp-gateway 5.1.1.1  
ip route 5.1.1.0 255.255.255.0 distance 3  
exit  
Figure 5-50. Example of Running Config Output for a Range of VLANs  
Figure 5-51 shows an example of the running config for a range of VLANs after  
configuration changes have been made to selected VLANs.  
HP Switch(config)# dhcp-snooping  
HP Switch(config)# vlan 14  
HP Switch(vlan-14)# exit  
HP Switch(config)# vlan 15  
HP Switch(vlan-15)# exit  
HP Switch(config)# vlan 23  
HP Switch(vlan-23)# exit  
HP Switch(config)# dhcp-snooping vlan 14-15  
HP Switch(config)# static-mac 00:11:22:33:44:55 vlan 23 interface A3  
HP Switch(config)# spanning-tree instance 2 vlan 15  
HP Switch(config)# show running-config vlan 14-15  
Running configuration:  
vlan 14  
name "VLAN14"  
no ip address  
dhcp-snooping  
exit  
vlan 15  
name "VLAN15"  
no ip address  
dhcp-snooping  
spanning-tree instance 2  
exit  
Figure 5-51. Example of Output for Running Config for a Range of VLANs  
5-57  
Switch Memory and Configuration  
Display Configuration of Selected Interface  
Startup Configuration Output  
You can display the startup configuration using this command. An example of  
the startup configuration output is shown in Figure 5-52.  
Syntax: show config [interface <port-list | loopback <0-7> | vlan <vlan-id-list>]  
Displays startup configuration information about the  
selected interface when one is specified. The interfaces can be  
ports, VLANs, or SVLANs.  
Note: For the 5400zl, 3800, and 8200zl switches, when the  
command is executed in enhanced secure mode the following  
prompt displays:  
Do you want to show sensitive information  
(y/n)?  
If “Y/y” is entered, the normal command output is displayed  
ontheconsole.IfN/nisentered,allthesensitiveinformation  
is hidden and will be displayed as asterisks (“*****”). The  
default option is “N/n” when interactive mode is disabled. For  
more information, see the chapter “Secure Mode (5400zl,  
3800, and 8200zl)” in the Access Security Guide for your  
switch.  
5-58  
       
Switch Memory and Configuration  
Display Configuration of Selected Interface  
HP Switch(config)# show config  
Startup configuration:  
; J8698A Configuration Editor; Created on release #K.14.54C  
; Ver #02:0b:ef:e6  
hostname "HP Switch"  
module 1 type J9309A  
module 3 type J8702A  
module 6 type J8702A  
vlan 1  
name "DEFAULT_VLAN"  
untagged A1-A4,C1-C9,C15-C24,F1-F24  
ip address dhcp-bootp  
no untagged C10-C14  
exit  
vlan 5  
name "VLAN5"  
untagged C10-C14  
ip address 5.1.1.1 255.255.255.128  
exit  
interface loopback 5  
ip address 7.1.1.1  
exit  
interface loopback 7  
ip address 12.1.1.1  
exit  
snmp-server community "public" unrestricted  
Figure 5-52. Example of Startup Configuration Output  
Figure 5-53 shows an example of the startup config output for a selected VLAN.  
HP Switch(vlan-5)# show config vlan 5  
Startup configuration:  
vlan 5  
untagged C10-C14  
ip address 5.1.1.1 255.255.255.128  
exit  
Figure 5-53. Example of Startup Config Output for a Specific VLAN  
Figure 5-54 shows an example of the startup config output for a selected VLAN.  
5-59  
Switch Memory and Configuration  
Display Configuration of Selected Interface  
HP Switch(vlan-5)# show config vlan 5  
Startup configuration:  
vlan 5  
name "VLAN5"  
untagged C10-C14  
ip address 5.1.1.1 255.255.255.128  
exit  
Figure 5-54. Example of Startup Config Output for a Specific VLAN  
Figure 5-55 shows an example of the startup config output for a range of  
interfaces for a specific VLAN.  
HP Switch(vlan-5)# show config interface C10-C13  
Startup configuration:  
interface C10  
untagged vlan 5  
exit  
interface C11  
untagged vlan 5  
exit  
interface C12  
untagged vlan 5  
exit  
interface C13  
untagged vlan 5  
exit  
Figure 5-55. Example of Startup Config Output for a Range of Interfaces for a  
Specific VLAN  
5-60  
 
Switch Memory and Configuration  
Automatic Configuration Update with DHCP Option 66  
Automatic Configuration Update with  
DHCP Option 66  
HP switches are initially bootedup with the factory-shipped configuration file.  
This feature provides a way to automatically download a different configura-  
tion file from a TFTP server using DHCP Option 66. The prerequisites for this  
to function correctly are:  
One or more DHCP servers with Option 66 are enabled  
One or more TFTP servers has the desired configuration file.  
C a u t i o n  
This feature must use configuration files generated on the switch to function  
correctly. If you use configuration files that were not generated on the switch,  
and then enable this feature, the switch may reboot continuously.  
CLI Command  
The command to enable the configuration update using Option 66 is:  
Syntax: [no] dhcp config-file-update  
Enables configuration file update using Option 66.  
Default: Enabled  
HP Switch(config)# dhcp config-file-update  
Figure 5-56. Example of Enabling Configuration File Update Using Option 66  
5-61  
           
Switch Memory and Configuration  
Automatic Configuration Update with DHCP Option 66  
Possible Scenarios for Updating the Configuration File  
The following table shows various network configurations and how Option 66  
is handled.  
Scenario  
Behavior  
Single Server serving Multiple VLANs  
Each DHCP-enabled VLAN interface initiates DHCPDISCOVER  
message, receives DHCPOFFER from the server, and send  
DHCPREQUEST to obtain the offered parameters.  
If multiple interfaces send DHCPREQUESTs, it’s possible that more  
than one DHCPACK is returned with a valid Option 66.  
Evaluating and updating the configuration file occurs only on the  
primary VLAN.  
Option 66 is ignored by any interfaces not belonging to the primary  
VLAN.  
Multiple Servers serving a Single VLAN  
Multiple Servers serving Multiple VLANs  
Multi-homed Server serving Multiple VLANs  
Each DHCP-enabled VLAN interface initiates one DHCPDISCOVER  
and receives one or more DHCPOFFER messages.  
Each interface accepts the best offer.  
Option 66 is processed only for the interface belonging to the primary  
VLAN.  
Each DHSP-enabled VLAN interface initiates DHCPDISCOVER and  
receives one or more DHCPOFFER messages.  
Each interface accepts the best offer.  
Option 66 is processed only for the interface belonging to the primary  
VLAN.  
The switch perceives the multi-homed server as multiple separate  
servers.  
Each DHCP-enabled VLAN interface initiates DHCPDISCOVER and  
receives one DHCPOFFER message.  
Each interface accepts the offer.  
Option 66 is processed only for the interface belonging to the primary  
VLAN.  
Operating Notes  
Replacing the Existing Configuration File: After the DHCP client down-  
loads the configuration file, the switch compares the contents of that file with  
theexistingconfigurationfile. Ifthecontentisdifferent, thenewconfiguration  
file replaces the existing file and the switch reboots.  
Option 67 and the Configuration File Name: Option 67 includes the name  
of the configuration file. If the DHCPACK contains this option, it overrides the  
default name for the configuration file (switch.cfg)  
5-62  
           
Switch Memory and Configuration  
Automatic Configuration Update with DHCP Option 66  
GlobalDHCPParameters: Global parameters are processed only if received  
on the primary VLAN.  
Best Offer: The “Best Offer” is the best DHCP or BootP offer sent by the  
DHCP server in response to the DHCPREQUEST sent by the switch. The  
criteria for selecting the “Best Offer” are:  
DHCP is preferred over BootP  
If two BootP offers are received, the first one is selected  
For two DHCP offers:  
The offer from an authoritative server is selected  
If there is no authoritative server, the offer with the longest lease  
is selected  
Log Messages  
The file transfer is implemented by the existing TFTP module. The system logs  
the following message if an incorrect IP address is received for Option 66:  
“Invalid IP address <ip-address> received for DHCP Option 66”  
5-63  
   
Switch Memory and Configuration  
Automatic Configuration Update with DHCP Option 66  
5-64  
6
Interface Access and System Information  
Interface Access: Console/Serial Link,  
Web, and Inbound Telnet  
The interface access features in the switch operate properly by default.  
However, you can modify or disable access features to suit your particular  
needs. Similarly, you can choose to leave the system information parameters  
at their default settings. However, modifying these parameters can help you  
to more easily distinguish one device from another in your network.  
Interface Access Features  
Feature  
Default  
Menu  
Inactivity Time  
0 Minutes  
(disabled)  
page 6-5  
page 6-7  
Inbound Telnet Access  
Outbound Telnet Access  
WebAgent Access  
Terminal type  
Enabled  
n/a  
page 6-5  
page 6-4  
page 6-5  
page 6-7  
page 6-7  
page 6-7  
Enabled  
VT-100  
All  
page 6-5  
Event Log event types to list  
(Displayed Events)  
Baud Rate  
Speed Sense  
XON/XOFF  
page 6-7  
page 6-7  
Flow Control  
In most cases, the default configuration is acceptable for standard operation.  
N o t e  
Basic switch security is through passwords. You can gain additional security  
by using the security features described in the Access Security Guide for your  
switch. You can also simply block unauthorized access via the WebAgent or  
Telnet (as described in this section) and installing the switch in a locked  
environment.  
6-1  
                         
Interface Access and System Information  
Interface Access: Console/Serial Link, Web, and Inbound Telnet  
Interface Access Commands Used in This Section  
show console  
below  
[no] telnet-server  
[no] web-management  
console  
below  
page 6-7  
page 6-7  
About Terminal Line Width and Length Settings  
For console/serial link and inbound telnet sessions, the switch output:  
Uses whatever width is set by the terminal program. If width is not  
specified, 80 characters is the default.  
Automatically wraps on word boundaries (such as spaces) for non-colum-  
nar output  
Automatically wraps on column boundaries for columnar output  
HP recommends that you do not set your terminal width (terminal width <y>)  
above 150 columns. (Windows telnet displays up to 156 characters on 1280  
pixel wide display, so 150 is comfortably within this).  
Listing the Current Console/Serial Link Configuration  
This command lists the current interface access parameter settings.  
Syntax: show console  
This example shows the default console/serial configuration.  
6-2  
         
Interface Access and System Information  
Interface Access: Console/Serial Link, Web, and Inbound Telnet  
HP Switch(config)# show console  
Console/Serial Link  
Inbound Telnet Enabled [Yes] : Yes  
Interface Access  
Enable/Disable  
Web Agent Enabled [Yes] : Yes  
Terminal Type [VT100] : VT100  
Screen Refresh Interval (sec) [3] : 3  
Displayed Events [All] : All  
Console Control  
Options  
Event Log Event  
Types To List  
Baud Rate [Speed Sense] : speed-sense  
Flow Control [XON/XOFF] : XON/XOFF  
Session Inactivity Time (min) [0] : 0  
Figure 6-1. Listing of Show Console Command  
6-3  
Interface Access and System Information  
Interface Access: Console/Serial Link, Web, and Inbound Telnet  
Reconfigure Inbound Telnet Access  
In the default configuration, inbound Telnet access is enabled.  
Syntax: [no] telnet-server [listen <oobm | data | both>]  
Enables or disables inbound Telnet access on a switch.  
Use the no version of the command to disable inbound Telnet  
access.  
The listen parameter is available only on switches that have a  
separate out-of-band management port. Values for this  
parameter are:  
oobm — inbound Telnet access is enabled only on  
the out-of-band management port.(This port is  
available on selected switch models.)  
data — inbound Telnet access is enabled only on  
the data ports.  
both — inbound Telnet access is enabled on both  
the out-of-band management port and on the data  
ports. This is the default value.  
Refer to Appendix I, “Network Out-of-Band Management” in  
this guide for more information on out-of-band management.  
The listen parameter is not available on switches that do not  
have a separate out-of-band management port.  
To disable inbound Telnet access:  
HP Switch(config)# no telnet-server  
To re-enable inbound Telnet access:  
HP Switch(config)# telnet-server  
6-4  
     
Interface Access and System Information  
Interface Access: Console/Serial Link, Web, and Inbound Telnet  
Outbound Telnet to Another Device  
This feature operates independently of the telnet-server status and enables  
you to Telnet to another device that has an IP address.  
Syntax: telnet <ipv4-addr | ipv6-addr | hostname | switch-num> [oobm]  
Initiates an outbound telnet session to another network  
device. The destination can be specified as:  
IPv4 address  
IPv6 address  
Hostname  
Stack number of a member switch (1-16) if the  
switch is a commander in a stack and stacking is  
enabled  
For switches that have a separate out-of-band management  
port, the oobm parameter specifies that the Telnet traffic will  
go out from the out-of-band management interface. If this  
parameter is not specified, the Telnet traffic goes out from the  
data interface. The oobm parameter is not available on  
switches that do not have a separate out-of-band management  
port. Refer to Appendix I, “Network Out-of-Band Manage-  
management.  
Note:Iftheconsoleinactivity-timer expires, anyoutboundTelnet  
or SSH sessions that are open on the switch are terminated.  
(For information on console inactivity-timer, refer to “Reconfig-  
ure the Console/Serial Link Settings” on page 6-7.)  
For example, if the host “Labswitch” is in the domain abc.com, you can enter  
the following command and the destination is resolved to “Lab-  
switch.abc.com”.  
HP Switch(config)# telnet Labswitch  
You can also enter the full domain name in the command:  
HP Switch(config)# telnet Labswitch.abc.com  
You can use the show telnet command to display the resolved IP address.  
6-5  
             
Interface Access and System Information  
Interface Access: Console/Serial Link, Web, and Inbound Telnet  
HP Switch(config)# show telnet  
Telnet Activity  
--------------------------------------------------------  
Session : ** 1  
Privilege: Manager  
From  
To  
: Console  
:
-------------------------------------------------------  
Session : ** 2  
Privilege: Manager  
From  
To  
: 12.13.14.10  
: 15.33.66.20  
-------------------------------------------------------  
Session : ** 3  
Privilege: Operator  
From  
To  
: 2001:db7:5:0:203:4ff:fe0a:251  
: 2001:db7:5:0:203:4ff1:fddd:12  
Figure 6-2. Example of show telnet Command Displaying Resolved IP Addresses  
Making Window Size Negotiation Available for a Telnet  
Session  
When a telnet connection is established with a switch, the switch always uses  
the default values of 80 columns by 24 lines for the window dimensions. The  
window can be resized by either dragging the corner of the window, or by  
executing the terminal length <x> width <y> CLI command and then configuring  
the telnet client with those dimensions. The new window dimensions are lost  
after that telnet session ends.  
When the telnet connection is established with an HP switch, either the switch  
or the telnet client needs to initiate the inquiry about the availability of NAWS.  
If NAWS is available, you can resize the window by dragging the corner of the  
window to the desired size. The telnet software uses NAWS to tell the switch  
what the new window dimensions are. If the switch supports the requested  
window dimensions, it uses them for all future interactions. If the switch does  
not support those window dimensions, it refuses them and the telnet client  
requests an alternate set of window dimensions. The negotiation continues  
until the telnet client and the switch agree on the window dimensions.  
The switch currently responds to a request from the remote telnet client to  
negotiate window size. However, some telnet clients do not request to nego-  
tiate window size unless the switch’s telnet server suggests that NAWS is  
available.  
6-6  
   
Interface Access and System Information  
Interface Access: Console/Serial Link, Web, and Inbound Telnet  
This feature allows window size negotiation to occur with telnet clients that  
support NAWS but do not try to use it unless it is suggested by the switch’s  
telnet server. The switch’s telnet server will suggest to the telnet client that  
NAWS is available.  
Reconfigure WebAgent Access  
In the default configuration, web browser access is enabled.  
Syntax: [no] web-management [listen <oobm | data | both>]  
Use the no version of the command to disable inbound HTTP  
access.  
The listen parameter is available only on switches that have a  
separate out-of-band management port. Values for this  
parameter are:  
oobm — inbound HTTP access is enabled only on  
the out-of-band management port.  
data — inbound HTTP access is enabled only on  
the data ports.  
both — inbound HTTP access is enabled on both  
the out-of-band management port and on the data  
ports. This is the default value.  
Refer to Appendix I, “Network Out-of-Band Management” in  
this guide for more information on out-of-band management.  
The listen parameter is not available on switches that do not  
have a separate out-of-band management port.  
To disable WebAgent access:  
HP Switch(config)# no web-management  
To re-enable WebAgent access:  
HP Switch(config)# web-management  
Reconfigure the Console/Serial Link Settings  
Syntax: console  
[terminal < vt100 | ansi | none >]  
[screen-refresh < 1 | 3 | 5 | 10 | 20 | 30 | 45 | 60 >]  
[baud-rate  
6-7  
           
Interface Access and System Information  
Interface Access: Console/Serial Link, Web, and Inbound Telnet  
< speed-sense | 1200 | 2400 | 4800 | 9600 | 19200 |38400 | 57600 |  
1155200 >]  
[ flow-control < xon/xoff | none >]  
[inactivity-timer < 0 | 1 | 5 | 10 | 15 | 20 | 30 | 60 |120 >]  
[events <none | all | not-info | critical | debug]  
[local-terminal <vt 100 | none | ansi>]  
N o t e  
N o t e  
Changing the console local-terminal setting to ansi adds a tty=ansi entry before  
the switch name in the CLI output.  
Changing the console local-terminal setting to none adds a tty=none entry before  
the switch name in the CLI output.  
If the console inactivity-timer expires, any outbound Telnet or SSH sessions  
open on the switch are terminated.  
If you change the Baud Rate or Flow Control settings, you should make the  
corresponding changes in your console access device. Otherwise, you may  
lose connectivity between the switch and your terminal emulator due to  
differences between terminal and switch settings for these two parameters.  
All console parameter changes except events and inactivity-timer require that  
you save the configuration with write memory and then execute boot before the  
new console configuration will take effect.  
For example, figure 6-3 shows how to configure the switch with the following:  
VT100 operation  
19,200 baud  
No flow control  
10-minute inactivity time  
Critical log events  
6-8  
       
Interface Access and System Information  
Denying Interface Access by Terminating Remote Management Sessions  
HP Switch(config)# console terminal vt100  
This command will take effect after saving the configuration and  
rebooting the system.  
HP Switch(config)# console baud-rate 19200  
This command will take effect after saving the configuration and  
rebooting the system.  
HP Switch(config)# console flow-control none  
This command will take effect after saving the configuration and  
rebooting the system.  
The switch implements the Inactivity Timer  
HP Switch(config)# console inactivity-timer 60  
HP Switch(config)# console events critical  
HP Switch(config)# write memory  
and Event Log changes immediately. The the  
other console changes are implemented  
after executing write memory and reload.  
HP Switch(config)# reload  
Figure 6-3. Example of Executing a Series of Console Commands  
N o t e  
Switch models supporting redundant management, console settings, such as  
mode, flow-control and baud-rate, are the same on both management mod-  
ules. There cannot be individual settings for each management module.  
DenyingInterfaceAccessbyTerminating  
Remote Management Sessions  
The switch supports up to five management sessions. show ip ssh lists the  
current management sessions, and kill terminates a currently running remote  
session. (Kill does not terminate a Console session on the serial port, either  
through a direct connection or via a modem. It does not affect the console on  
the standby module.)  
Syntax: kill [< session-number >]  
For example, if you are using the switch’s serial port for a console session and  
want to terminate an active Telnet session, you would do the following:  
6-9  
       
Interface Access and System Information  
Denying Interface Access by Terminating Remote Management Sessions  
HP Switch(config)# show ip ssh  
SSH Enabled  
: Yes  
Secure Copy Enabled : No  
TCP Port Number : 22  
Host Key Type : RSA  
Timeout (sec)  
Host Key Size  
: 120  
: 2048  
Ciphers : aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc,  
[email protected],aes128-ctr,aes192-ctr,aes256-ctr  
: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96  
MACs  
Ses Type  
| Source IP  
Port  
--- -------- + ---------------------------------------------- -----  
1 console |  
Session 2 is an active  
Telnet session.  
2 telnet |  
3 ssh  
| 15.30.252.195  
1531  
4 inactive |  
5 inactive |  
6 inactive |  
HP Switch(config)# kill 2  
HP Switch(config)# show ip ssh  
SSH Enabled  
: Yes  
Secure Copy Enabled : No  
TCP Port Number : 22  
Host Key Type : RSA  
Timeout (sec)  
Host Key Size  
: 120  
: 2048  
Ciphers : aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc,  
[email protected],aes128-ctr,aes192-ctr,aes256-ctr  
: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96  
MACs  
Ses Type  
| Source IP  
Port  
--- -------- + ---------------------------------------------- -----  
1 console |  
The kill 2 command  
terminates session 2.  
2 inactive |  
3 ssh  
| 15.30.252.195  
1531  
4 inactive |  
5 inactive |  
6 inactive |  
Figure 6-4. Example of Using the “Kill” Command To Terminate a Remote Session  
6-10  
Interface Access and System Information  
System Information  
System Information  
System Information Features  
Feature  
Default  
switch product name  
CLI  
System Name  
System Contact  
System Location  
MAC Age Time  
Time Sync Method  
page 6-12  
page 6-12  
page 6-12  
page 6-13  
n/a  
n/a  
300 seconds  
None  
See “Time Protocols” in the  
ManagementandConfiguration  
Guide  
Time Zone  
Daylight Time Rule  
Time  
0
page 6-14  
page 6-14  
page 6-14  
None  
January 1, 1990 at  
00:00:00 at last power  
reset  
Configuring system information is optional, but recommended.  
System Name: Using a unique name helps you to identify individual devices  
where you are using an SNMP network management tool such as HP PCM+.  
System Contact and Location: This information is helpful for identifying  
the person administratively responsible for the switch and for identifying the  
locations of individual switches.  
MAC Age Time: The number of seconds a MAC address the switch has  
learned remains in the switch’s address table before being aged out (deleted).  
Aging out occurs when there has been no traffic from the device belonging to  
that MAC address for the configured interval.  
Time Sync Method: Selects the method (TimeP or SNTP) the switch will use  
for time synchronization. For more on this topic, see “Time Protocols” in the  
Management and Configuration Guide.  
Time Zone: The number of minutes your time zone location is to the West (+)  
or East (-) of Coordinated Universal Time (formerly GMT). The default 0  
means no time zone is configured. For example, the time zone for Berlin,  
Germany is + 60 (minutes) and the time zone for Vancouver, Canada is - 480  
(minutes).  
6-11  
               
Interface Access and System Information  
System Information  
Daylight Time Rule:Specifies the daylight savings time rule to apply for your  
location. The default is None. (For more on this topic, refer to Appendix D,  
“Daylight Savings Time on HP switches.)  
Time: Used in the CLI to specify the time of day, the date, and other system  
parameters.  
Viewing and Configuring System Information  
System Information Commands Used in This Section  
show system information  
hostname  
below  
below  
below  
snmp-server  
[contact] [location]  
mac-age-time  
time  
page 6-13  
timezone  
page 6-14  
page 6-14  
page 6-14  
daylight-time-rule  
date  
time  
Listing the Current System Information. Thiscommandliststhecurrent  
system information settings.  
Syntax: show system information  
This example shows the switch’s default console configuration.  
HP Switch# show system information  
Status and Counters - General System Information  
System Name  
System Contact  
System Location  
: HP Switch  
:
:
MAC Age Time (sec) : 300  
Time Zone : 0  
Daylight Time Rule : None  
Figure 6-5. Example of CLI System Information Listing Configure a System Name,  
Contact, and Location for the Switch  
6-12  
   
Interface Access and System Information  
System Information  
To help distinguish one switch from another, configure a plain-language  
identity for the switch.  
Syntax: hostname < name-string >  
snmp-server [contact <system-contact>] [location <system-location>]  
Each field allows up to 255 characters. To help simplify administration, it is  
recommended that you configure hostname to a character string that is mean-  
ingful within your system.  
For example, to name the switch “Blue” with “Next-4474” as the system  
contact, and “North-Data-Room” as the location:  
HP Switch(config)# hostname Blue  
Blue(config)# snmp-server contact Ext-4474 location North-Data-Room  
Blue(config)# show system  
Status and Counters - General System Information  
New hostname, contact,  
and location data from  
previous commands.  
System Name  
System Contact  
System Location  
: Blue  
: Ext-4474  
: North-Data-Room  
MAC Age Time (sec) : 300  
Time Zone : 0  
Additional System  
Information  
Daylight Time Rule : None  
Software revision : K.15.05.0000x  
Base MAC Addr  
Serial Number  
: 001871-c42f00  
: SG641SU00L  
ROM Version  
: K.15.12  
Allow V1 Modules : Yes  
Up Time  
CPU Util (%)  
: 22 hours  
: 2  
Memory - Total : 120,459,264  
Free : 80,188,992  
IP Mgmt - Pkts Rx : 8147  
Pkts Tx : 8155  
Packet - Total : 6750  
Buffers Free : 5086  
Lowest : 5085  
-- MORE --, next page: Space, next line: Enter, quit: Control-C  
Figure 6-6. System Information Listing After Executing the Preceding Commands  
Reconfigure the MAC Age Time for Learned MAC Addresses. This  
command corresponds to the MAC Age Interval in the menu interface, and is  
expressed in seconds.  
6-13  
       
Interface Access and System Information  
System Information  
Syntax: mac-age-time < 10 - 1000000 > (seconds)  
Allows you to set the MAC address table’s age-out interval. An  
address is aged out if the switch does not receive traffic from that  
MAC address for the age-out interval, measured in seconds.  
Default: 300 seconds.  
For example, to configure the age time to seven minutes:  
HP Switch(config)# mac-age-time 420  
Configure the Time Zone and Daylight Time Rule. These commands:  
Set the time zone you want to use  
Define the daylight time rule for keeping the correct time when daylight-  
saving-time shifts occur.  
Syntax: time timezone < -720 - 840 >  
time daylight-time-rule < none | alaska | continental-us-and-canada |  
middle-europe-and-portugal | southern-hemisphere | western-europe |  
user-defined>  
East of the 0 meridian, the sign is “+”. West of the 0 meridian, the sign is “-”.  
For example, the time zone setting for Berlin, Germany is +60 (zone +1, or 60  
minutes), and the time zone setting for Vancouver, Canada is -480 (zone -8, or  
-480 minutes). Toconfigurethetime zone anddaylighttimerule for Vancouver,  
Canada:  
HP Switch(config)# time timezone -480 daylight-time-rule  
continental-us-and-canada  
Configure the Time and Date. The switch uses the time command to con-  
figure both the time of day and the date. Also, executing time without param-  
eters lists the switch’s time of day and date. Note that the CLI uses a 24-hour  
clock scheme; that is, hour (hh) values from 1 p.m. to midnight are input as  
13 - 24, respectively.  
Syntax: time [ hh:mm [ :ss ]] [ mm/dd/ [ yy ] yy ]  
For example, to set the switch to 9:45 a.m. on November 17, 2010:  
HP Switch(config)# time 9:45 11/17/10  
N o t e  
Executing reload orboot resets the time and date to their default startup values.  
6-14  
             
7
Overview  
You can configure IP addressing through all of the switch’s interfaces. You can  
also:  
Easily edit a switch configuration file to allow downloading the file to  
multiple switches without overwriting each switch’s unique gateway and  
VLAN 1 IP addressing.  
Assign up to 32 IP addresses to a VLAN (multinetting).  
Select an IP address to use as the source address for all outgoing traffic  
generated by a specified software application on the switch. This allows  
unique identification of the software application on the server site regard-  
less of which local interface has been used to reach the destination server.  
Why Configure IP Addressing? In its factory default configuration, the  
switch operates as a multiport learning bridge with network connectivity  
provided by the ports on the switch. However, to enable specific management  
access and control through your network, you will need IP addressing. Table  
7-1 on page 7-12 shows the switch features that depend on IP addressing to  
operate.  
IP Configuration  
IP Configuration Features  
Feature  
Default  
Menu  
CLI  
WebAgent  
IP Address and Subnet Mask  
Multiple IP Addresses on a VLAN  
Default Gateway Address  
Packet Time-To-Live (TTL)  
DHCP/Bootp page 7-4 page 7-6 page 7-11  
n/a  
none  
page 7-8  
page 7-4 page 7-6 page 7-11  
page 7-4 page 7-6  
64 seconds  
7-1  
                     
Configuring IP Addressing  
IP Configuration  
Feature  
Default  
Menu  
page 7-4 page 7-6  
page 7-25  
CLI  
WebAgent  
Time Server (Timep)  
Single Source IP Addressing  
DHCP  
outgoing IP  
address  
IP Address and Subnet Mask. Configuring the switch with an IP address  
expands your ability to manage the switch and use its features. By default, the  
switch is configured to automatically receive IP addressing on the default  
VLAN from a DHCP/Bootp server that has been configured correctly with  
information to support the switch. (Refer to “DHCP/Bootp Operation” on page  
7-12 for information on setting up automatic configuration from a server.)  
However, if you are not using a DHCP/Bootp server to configure IP addressing,  
use the menu interface or the CLI to manually configure the initial IP values.  
After you have network access to a device, you can use the WebAgent to  
modify the initial IP configuration if needed.  
For information on how IP addressing affects switch operation, refer to “How  
IP Addressing Affects Switch Operation” on page 7-12.  
Multinetting: Assigning Multiple IP Addresses to a VLAN. For a given  
VLAN you can assign up to 32 IP addresses. This allows you to combine two  
or more subnets on the same VLAN, which enables devices in the combined  
subnets to communicate normally through the network without needing to  
reconfigure the IP addressing in any of the combined subnets.  
Default Gateway Operation. The default gateway is required when a  
router is needed for tasks such as reaching off-subnet destinations or forward-  
ing traffic across multiple VLANs. The gateway value is the IP address of the  
next-hop gateway node for the switch, which is used if the requested destina-  
tion address is not on a local subnet/VLAN. If the switch does not have a  
manually-configured default gateway and DHCP/Bootp is configured on the  
primary VLAN, then the default gateway value provided by the DHCP or Bootp  
server will be used. If the switch has a manually configured default gateway,  
then the switch uses his gateway, even if a different gateway is received via  
DHCPor Bootp onthe primary VLAN. This is also true for manually configured  
TimeP, SNTP, and Time-To-Live(TTL). (In the default configuration, VLAN 1 is  
the Primary VLAN.) Refer to the information on Primary VLANs in the  
Advanced Traffic Management Guide for your switch.  
7-2  
                 
Configuring IP Addressing  
IP Configuration  
Packet Time-To-Live (TTL) . This parameter specifies the maximum num-  
ber of routers (hops) through which a packet can pass before being discarded.  
Each router decreases a packet’s TTL by 1 before forwarding the packet. If  
decreasing the TTL causes the TTL to be 0, the router drops the packet instead  
of forwarding it. In most cases, the default setting (64) is adequate.  
Just Want a Quick Start with IP Addressing?  
If you just want to give the switch an IP address so that it can communicate  
on your network, or if you are not using VLANs, HP recommends that you use  
the Switch Setup screen to quickly configure IP addressing. To do so, do one  
of the following:  
Enter setup at the CLI Manager level prompt.  
HP Switch# setup  
Select 8. Run Setup in the Main Menu of the menu interface.  
For more on using the Switch Setup screen, refer to the Installation and  
Getting Started Guide you received with the switch.  
IP Addressing with Multiple VLANs  
In the factory-default configuration, the switch has one, permanent default  
VLAN (named DEFAULT_VLAN) that includes all ports on the switch. Thus,  
when only the default VLAN exists in the switch, if you assign an IP address  
and subnet mask to the switch, you are actually assigning the IP addressing  
to the DEFAULT_VLAN.  
N o t e s  
If multiple VLANs are configured, then each VLAN can have its own IP  
address. This is because each VLAN operates as a separate broadcast  
domain and requires a unique IP address and subnet mask. A default  
gateway (IP) address for the switch is optional, but recommended.  
In the factory-default configuration, the default VLAN (named  
DEFAULT_VLAN) is the switch’s primary VLAN. The switch uses the  
primary VLAN for learning the default gateway address. The switch can  
also learn other settings from a DHCP or Bootp server, such as (packet)  
Time-To-Live (TTL), and Timep or SNMP settings. (Other VLANs can also  
use DHCP or BootP to acquire IP addressing. However, the switch’s  
gateway, TTL, and TimeP or SNTP values, which are applied globally, and  
not per-VLAN, will be acquired through the primary VLAN only, unless  
manually set by using the CLI, Menu, or WebAgent.(If these parameters  
are manually set, they will not be overwritten by alternate values received  
7-3  
                 
Configuring IP Addressing  
IP Configuration  
from a DHCP or Bootp server.) For more on VLANs, refer to the chapter  
titled “Static Virtual LANs” in the Advanced Traffic Management Guide  
for your switch.  
The IP addressing used in the switch should be compatible with your  
network. That is, the IP address must be unique and the subnet mask must  
be appropriate for your IP network.  
IfyouchangetheIPaddressthrougheitherTelnetaccessortheWebAgent,  
the connection to the switch will be lost. You can reconnect by either  
restarting Telnet with the new IP address or entering the new address as  
the URL in your web browser.  
Menu: Configuring IP Address, Gateway, and Time-To-  
Live (TTL)  
Do one of the following:  
To manually enter an IP address, subnet mask, set the IP Config parameter  
to Manual and then manually enter the IP address and subnet mask values  
you want for the switch.  
To use DHCP or Bootp, use the menu interface to ensure that the IP Config  
parameter is set to DHCP/Bootp, then refer to “DHCP/Bootp Operation” on  
page 7-12.  
To Configure IP Addressing.  
1. From the Main Menu, Select.  
2. Switch Configuration …  
5. IP Configuration  
N o t e s  
If multiple VLANs are configured, a screen showing all VLANs appears instead  
of the following screen.  
The Menu interface displays the IP address for any VLAN. If you use the CLI  
to configure the IP address on a VLAN, use the CLI show ip command to list  
them. (Refer to “Viewing the Current IP Configuration” on page 7-6.)  
7-4  
       
Configuring IP Addressing  
IP Configuration  
For descriptions of these  
parameters, see the  
online Help for this  
screen.  
Before using the DHCP/  
Bootp option, refer to  
“DHCP/Bootp  
Operation” on page 7-12.  
Figure 7-1. Example of the IP Service Configuration Screen without Multiple  
VLANs Configured  
2. Press [E] (for Edit).  
3. If the switch needs to access a router, for example, to reach off-subnet  
destinations, select the Default Gateway field and enter the IP address of  
the gateway router.  
4. If you need to change the packet Time-To-Live (TTL) setting, select Default  
TTL and type in a value between 2 and 255.  
5. To configure IP addressing, select IP Config and do one of the following:  
If you want to have the switch retrieve its IP configuration from a  
DHCP or Bootp server, at the IP Config field, keep the value as DHCP/  
Bootp and go to step 8.  
If you want to manually configure the IP information, use the Space  
bar to select Manual and use the [Tab] key to move to the other IP  
configuration fields.  
6. Select the IP Address field and enter the IP address for the switch.  
7. Select the Subnet Mask field and enter the subnet mask for the IP address.  
8. Press [Enter], then [S] (for Save).  
7-5  
         
Configuring IP Addressing  
IP Configuration  
CLI: Configuring IP Address, Gateway, and Time-To-  
Live (TTL)  
Page  
7-6  
IP Commands Used in This Section  
show ip  
ip address < mask-length >  
ip address /< mask-bits >  
ip default-gateway  
ip ttl  
7-7, 7-8  
7-7, 7-8  
7-10  
7-11  
Viewing the Current IP Configuration.  
Syntax: show ip  
This command displays the IP addressing for each VLAN  
configured in the switch. If only the DEFAULT_VLAN exists,  
then its IP configuration applies to all ports in the switch.  
Where multiple VLANs are configured, the IP addressing is  
listed per VLAN. The display includes switch-wide packet  
time-to-live, and (if configured) the switch’s default gateway  
and Timep configuration.  
(You can also use the show management command to display the IP addressing  
and time server IP addressing configured on the switch. See figure  
1-6 on page 1-9 in the Management and Configuration Guide for your switch.)  
For example, in the factory-default configuration (no IP addressing assigned),  
the switch’s IP addressing appears as:  
7-6  
         
Configuring IP Addressing  
IP Configuration  
HP Switch> show ip  
Internet (IP) Service  
IP Routing : Disabled  
Default Gateway :  
The Default IP  
Configuration  
Default TTL  
Arp Age  
: 64  
: 20  
Domain Suffix :  
DNS server  
:
|
Proxy ARP  
Std Local  
VLAN  
| IP Config IP Address  
Subnet Mask  
-------------------- + ---------- --------------- --------------- ----------  
DEFAULT_VLAN | DHCP/Bootp  
Figure 7-2. Example of the Switch’s Default IP Addressing  
With multiple VLANs and some other features configured, show ip provides  
additional information:  
HP Switch(config)# show ip  
Internet (IP) Service  
A Switch with IP  
Addressing and  
VLANs Configured  
IP Routing : Disabled  
Default Gateway : 10.20.227.1  
Default TTL  
Arp Age  
: 64  
: 20  
Domain Suffix :  
DNS server  
:
|
Proxy ARP  
Std Local  
VLAN  
| IP Config IP Address  
Subnet Mask  
-------------------- + ---------- --------------- --------------- ----------  
DEFAULT_VLAN  
VLAN22  
| Manual  
| Disabled  
10.28.227.101 255.255.248.0  
No  
No  
Figure 7-3. Example of Show IP Listing with Non-Default IP Addressing Configured  
Configure an IP Address and Subnet Mask. The following command  
includes both the IP address and the subnet mask. You must either include the  
ID of the VLAN for which you are configuring IP addressing or go to the  
7-7  
     
Configuring IP Addressing  
IP Configuration  
context configuration level for that VLAN. (If you are not using VLANs on the  
switch—that is, if the only VLAN is the default VLAN—then the VLAN ID is  
always “1”.)  
N o t e  
The default IP address setting for the DEFAULT_VLAN is DHCP/Bootp. On  
additional VLANs you create, the default IP address setting is Disabled.  
Syntax:  
[ no ] vlan < vlan-id > ip address <ip-address/mask-length>  
or  
[ no ] vlan < vlan-id > ip address < ip-address > < mask-bits >  
or  
vlan < vlan-id > ip address dhcp-bootp  
This example configures IP addressing on the default VLAN with the subnet  
mask specified in mask bits.  
HP Switch(config)# vlan 1 ip address 10.28.227.103  
255.255.255.0  
This example configures the same IP addressing as the preceding example,  
but specifies the subnet mask by mask length.  
HP Switch(config)# vlan 1 ip address 10.28.227.103/24  
This example deletes an IP address configured in VLAN 1.  
HP Switch (config) no vlan 1 ip address 10.28.227.103/24  
Configure Multiple IP Addresses on a VLAN (Multinetting). The fol-  
lowing is supported:  
Up to 2000 IP addresses for the switch  
Up to 32 IP addresses for the same VLAN  
Up to 512 IP VLANs, that is, VLANs on which you can configure IP  
addresses  
Each IP address on a VLAN must be for a separate subnet, whether on the  
same VLAN or different VLANs.  
Syntax:  
[ no ] vlan < vlan-id > ip address < ip-address/mask-length >  
[ no ] vlan < vlan-id > ip address < ip-address > < mask-bits >  
7-8  
         
Configuring IP Addressing  
IP Configuration  
For example, if you wanted to multinet VLAN_20 (VID = 20) with the IP  
addresses shown below, you would perform steps similar to the following.  
(For this example, assume that the first IP address is already configured.)  
IP Address  
1st address  
2nd address  
3rd address  
VID  
20  
IP Address  
10.25.33.101  
10.26.33.101  
10.27.33.101  
Subnet Mask  
255.255.240.0  
255.255.240.0  
255.255.240.0  
20  
20  
HP Switch(config)# vlan 20  
HP Switch(vlan-20)# ip address 10.26.33.101/20  
HP Switch(vlan-20)# ip address 10.27.33.101/20  
1. Go to VLAN 20.  
2. Configure two additional  
IP addresses on VLAN  
20.  
HP Switch(config)# show ip  
Internet (IP) Service  
3. Display IP addressing.  
IP Routing : Disabled  
Default Gateway : 10.20.227.1  
Default TTL  
Arp Age  
: 64  
: 20  
Domain Suffix :  
DNS server  
:
|
Proxy ARP  
Std Local  
VLAN  
| IP Config IP Address  
Subnet Mask  
-------------------- + ---------- --------------- --------------- ----------  
DEFAULT_VLAN  
VLAN_20  
| Manual  
| Manual  
| Manual  
| Manual  
10.20.30.100  
10.25.33.101  
10.26.33.101  
10.27.33.101  
255.255.240.0  
255.255.240.0  
255.255.240.0  
255.255.240.0  
No  
No  
No  
No  
No  
No  
No  
No  
Figure 7-4. Example of Configuring and Displaying a Multinetted VLAN  
If you then wanted to multinet the default VLAN, you would do the following:  
7-9  
Configuring IP Addressing  
IP Configuration  
HP Switch(vlan-20)# vlan 1  
HP Switch(vlan-1)# ip address 10.21.30.100/20  
HP Switch(config)# show ip  
Internet (IP) Service  
IP Routing : Disabled  
Default Gateway : 10.20.227.1  
Default TTL  
Arp Age  
: 64  
: 20  
Domain Suffix :  
DNS server  
:
|
Proxy ARP  
Std Local  
VLAN  
| IP Config IP Address  
Subnet Mask  
-------------------- + ---------- --------------- --------------- ----------  
DEFAULT_VLAN  
| Manual  
| Manual  
| Manual  
| Manual  
| Manual  
10.20.30.100  
10.21.30.100  
10.25.33.101  
10.26.33.101  
10.27.33.101  
255.255.240.0  
255.255.240.0  
255.255.240.0  
255.255.240.0  
255.255.240.0  
No  
No  
No  
No  
No  
No  
No  
No  
No  
No  
VLAN_20  
Figure 7-5. Example of Multinetting on the Default VLAN  
N o t e  
The Internet (IP) Service screen in the Menu interface (figure 7-1 on page 7-5)  
displays the first IP address for each VLAN. You must use the CLI show ip  
command to display the full IP address listing for multinetted VLANs.  
Removing or Replacing IP Addresses in a Multinetted VLAN. To  
remove an IP address from a multinetted VLAN, use the no form of the IP  
address command shown on page 7-8. Generally, to replace one IP address  
with another, you should first remove the address you want to replace, and  
then enter the new address.  
Configure the Optional Default Gateway. Using the Global configura-  
tion level, you can manually assign one default gateway to the switch. (The  
switch does not allow IP addressing received from a DHCP or Bootp server  
to replace a manually configured default gateway.)  
Syntax: ip default-gateway < ip-address >  
7-10  
       
Configuring IP Addressing  
IP Configuration  
For example:  
HP Switch(config)# ip default-gateway 10.28.227.115  
Note  
The switch uses the IP default gateway only while operating as a Layer 2  
device. While routing is enabled on the switch, the IP default gateway is not  
used. Thus, to avoid loss of Telnet access to off-subnet management stations,  
you should use the ip route command to configure a static (default) route  
before enabling routing. For more information, refer to the chapter titled “IP  
Routing Features” in the Multicast and Routing Guide for your switch.  
Configure Time-To-Live (TTL). The maximum number of routers (hops)  
through which a packet can pass before being discarded. (The default is 64.)  
Each router decreases a packet’s TTL by 1 before forwarding the packet. If a  
router decreases the TTL to 0, the router drops the packet instead of forward-  
ing it.  
Syntax: ip ttl <number-of-hops>  
HP Switch(config)# ip ttl 60  
In the CLI, you can execute this command only from the global configuration  
level. The TTL default is 64, and the range is 2 - 255.  
WebAgent: Configuring IP Addressing  
You can use the WebAgent to access IP addressing only if the switch already  
has an IP address that is reachable through your network.  
1. In the navigation pane, click on Home.  
2. Click on Quick Setup.  
3. In the Switch Quick Setup Parameters box, click on Change.  
4. Enter the IP address and any other information such as the Subnet mask  
and Gateway.  
5. Click on Save to save your changes.  
6. If you need further information on using the WebAgent, click on [?] to  
access the web-based help available for the switch.  
7-11  
           
Configuring IP Addressing  
IP Configuration  
How IP Addressing Affects Switch Operation  
Without an IP address and subnet mask compatible with your network, the  
switch can be managed only through a direct terminal device connection to  
the Console RS-232 port. You can use direct-connect console access to take  
advantage of features that do not depend on IP addressing. However, to realize  
the full capabilities HP proactive networking offers through the switch, con-  
figure the switch with an IP address and subnet mask compatible with your  
network. The following table lists the general features available with and  
without a network-compatible IP address configured.  
Table 7-1. Features Available With and Without IP Addressing on the Switch  
Features Available Without an IP Address  
Additional Features Available with an IP Address and  
Subnet Mask  
Direct-connect access to the CLI and the menu  
interface.  
DHCP or Bootp support for automatic IP address  
configuration, and DHCP support for automatic Timep  
server IP address configuration  
Multiple Spanning Tree Protocol  
Port settings and port trunking  
Switch meshing  
Console-based status and counters information for  
monitoring switch operation and diagnosing problems  
through the CLI or menu interface.  
VLANs and GVRP  
Serial downloads of software updates and  
configuration files (Xmodem)  
Link test  
Port monitoring  
WebAgent access, with configuration, security, and  
diagnostic tools, plus the Alert Log for discovering  
problems detected in the switch along with suggested  
solutions  
SNMP network management access such as PCM+  
fornetworkconfiguration,monitoring,problem-finding  
and reporting, analysis, and recommendations for  
changes to increase control and uptime  
TACACS+, RADIUS, SSH, SSL, and 802.1X  
authentication  
Multinetting on VLANs  
Telnet access to the CLI or the menu interface  
IGMP  
TimeP and SNTP server configuration  
TFTP download of configurations and software  
updates  
Access Control Lists (ACLs)  
IP routing, Multicast Routing  
VRRP router redundancy  
PIM-DM and PIM-SM  
Radius  
Password authentication  
Quality of Service (QoS)  
Authorized IP manager security  
Ping test  
DHCP/Bootp Operation  
Overview. DHCP/Bootp is used to provide configuration data from a DHCP  
or Bootp server to the switch. This data can be the IP address, subnet mask,  
default gateway, Timep Server address, and TFTP server address. If a TFTP  
server address is provided, this allows the switch to TFTP a previously saved  
7-12  
           
Configuring IP Addressing  
IP Configuration  
configuration file from the TFTP server to the switch. With either DHCP or  
Bootp, the servers must be configured prior to the switch being connected to  
the network.  
N o t e  
The switches covered in this guide are compatible with both DHCP and Bootp  
servers.  
The DHCP/Bootp Process. Whenever the IP Config parameter in the switch  
or in an individual VLAN in the switch is configured to DHCP/Bootp (the  
default), or when the switch is rebooted with this configuration:  
1. DHCP/Bootp requests are automatically broadcast on the local network.  
(The switch sends one type of request to which either a DHCP or Bootp  
server can respond.)  
2. When a DHCP or Bootp server receives the request, it replies with a  
previously configured IP address and subnet mask for the switch. The  
switch also receives an IP Gateway address if the server has been config-  
ured to provide one. In the case of Bootp, the server must first be  
configuredwithanentrythathastheswitch’sMACaddress. (Todetermine  
the switch’s MAC address, refer to Appendix D, “MAC Address Manage-  
ment”.) The switch properly handles replies from either type of server. If  
multiple replies are returned, the switch tries to use the first reply.)  
N o t e  
If you manually configure default gateway, TTL, TimeP, and/or SNTP param-  
eters on the switch, it ignores any values received for the same parameters via  
DHCP or Bootp.  
If the switch is initially configured for DHCP/Bootp operation (the default),  
or if it reboots with this configuration, it begins sending request packets on  
the network. If the switch does not receive a reply to its DHCP/Bootp requests,  
it continues to periodically send request packets, but with decreasing fre-  
quency. Thus, if a DHCP or Bootp server is not available or accessible to the  
switch when DHCP/Bootp is first configured, the switch may not immediately  
receive the desired configuration. After verifying that the server has become  
accessible to the switch, reboot the switch to re-start the process immediately.  
DHCP Operation. A significant difference between a DHCP configuration  
and a Bootp configuration is that an IP address assignment from a DHCP  
server is automatic. Depending on how the DHCP server is configured, the  
switch may receive an IP address that is temporarily leased. Periodically the  
switch may be required to renew its lease of the IP configuration. Thus, the IP  
addressing provided by the server may be different each time the switch  
reboots or renews its configuration from the server. However, you can fix the  
address assignment for the switch by doing either of the following:  
7-13  
             
Configuring IP Addressing  
IP Configuration  
Configure the server to issue an “infinite” lease.  
Using the switch’s MAC address as an identifier, configure the server with  
a “Reservation” so that it will always assign the same IP address to the  
switch. (For MAC address information, refer to Appendix D, “MAC  
Address Management”.)  
For more information on either of these procedures, refer to the documenta-  
tion provided with the DHCP server.  
Bootp Operation. When a Bootp server receives a request it searches its  
Bootp database for a record entry that matches the MAC address in the Bootp  
request from the switch. If a match is found, the configuration data in the  
associated database record is returned to the switch. For many Unix systems,  
the Bootp database is contained in the /etc/bootptab file. In contrast to DHCP  
operation, Bootp configurations are always the same for a specific receiving  
device. That is, the Bootp server replies to a request with a configuration  
previously stored in the server and designated for the requesting device.  
Bootp Database Record Entries. A minimal entry in the Bootp table file  
/etc/bootptab to update an IP address and subnet mask to the switch or a VLAN  
configured in the switch would be similar to this entry:  
8212switch:\  
ht=ether:\  
ha=0030c1123456:\  
ip=10.66.77.88:\  
sm=255.255.248.0:\  
gw=10.66.77.1:\  
hn:\  
vm=rfc1048  
An entry in the Bootp table file /etc/bootptab to tell the switch or VLAN  
where to obtain a configuration file download would be similar to this entry:  
8212switch:\  
ht=ether:\  
ha=0030c1123456:\  
ip=10.66.77.88:\  
sm=255.255.248.0:\  
gw=10.66.77.1:\  
lg=10.22.33.44:\  
T144=”switch.cfg”:\  
vm=rfc1048  
7-14  
             
Configuring IP Addressing  
IP Configuration  
where:  
8212switch is a user-defined symbolic name to help you find the correct section of the  
bootptab file. If you have multiple switches that will be using Bootp to get their  
IP configuration, you should use a unique symbolic name for each switch.  
ht  
is the “hardware type”. For the switches covered in this guide, enter ether (for  
Ethernet). This tag must precede the ha tag.  
ha  
is the “hardware address”. Use the switch's (or VLAN's) 12-digit MAC address.  
is the IP address to be assigned to the switch (or VLAN).  
ip  
sm  
gw  
lg  
is the subnet mask of the subnet in which the switch (or VLAN) is installed.  
is the IP address of the default gateway.  
TFTP server address (source of final configuration file)  
T144  
vm  
is the vendor-specific “tag” identifying the configuration file to download.  
is a required entry that specifies the Bootp report format. Use rfc1048 for the  
switches covered in this guide.  
N o t e  
The above Bootp table entry is a sample that will work for the switch when  
the appropriate addresses and file names are used.  
Network Preparations for Configuring DHCP/Bootp  
In its default configuration, the switch is configured for DHCP/Bootp opera-  
tion. However, the DHCP/Bootp feature will not acquire IP addressing for the  
switch unless the following tasks have already been completed:  
For Bootp operation:  
ABootpdatabaserecordhasalreadybeenenteredintoanappropriate  
Bootp server.  
The necessary network connections are in place  
The Bootp server is accessible from the switch  
For DHCP operation:  
A DHCP scope has been configured on the appropriate DHCP server.  
The necessary network connections are in place  
A DHCP server is accessible from the switch  
N o t e  
Designating a primary VLAN other than the default VLAN affects the switch’s  
use of information received via DHCP/Bootp. For more on this topic, refer to  
the chapter describing VLANs in the Advanced Traffic Management Guide  
for your switch.  
7-15  
 
Configuring IP Addressing  
Loopback Interfaces  
After you reconfigure or reboot the switch with DHCP/Bootp enabled in a  
network providing DHCP/Bootp service, the switch does the following:  
Receives an IP address and subnet mask and, if configured in the server,  
a gateway IP address and the address of a Timep server.  
If the DHCP/Bootp reply provides information for downloading a config-  
urationfile, theswitchusesTFTPtodownloadthefilefromthedesignated  
source, then reboots itself. (This assumes that the switch or VLAN has  
connectivity to the TFTP file server specified in the reply, that the config-  
uration file is correctly named, and that the configuration file exists in the  
TFTP directory.)  
Loopback Interfaces  
This section describes how to configure and use user-defined loopback inter-  
faces on the switch.  
Introduction  
By default, each switch has an internal loopback interface (lo0) with the IP  
address 127.0.0.1. This IP address is used only for internal traffic transmitted  
within the switch and is not used in packet headers in egress traffic sent to  
network devices.  
You can configure up to seven other loopback interfaces (lo1, lo2, lo3, and so  
on) on the switch to use to transmit network across the network. Each  
loopback interface can have multiple IP addresses. Routing protocols, such  
as RIP and OSPF, advertise the configured loopback addresses throughout a  
network or autonomous system.  
User-defined loopback addresses provide the following benefits:  
A loopback interface is a virtual interface that is always up and reachable  
as long as at least one of the IP interfaces on the switch is operational. As  
a result, a loopback interface is useful for debugging tasks since its IP  
address can always be pinged if any other switch interface is up.  
7-16  
         
Configuring IP Addressing  
Loopback Interfaces  
You can use a loopback interface to establish a Telnet session, ping the  
switch, and access the switch through SNMP, SSH, and HTTP (WebAgent).  
A loopback IP address can be used by routing protocols. For example,  
you canconfigure the loopbackIP address asthe routerID usedtoidentify  
the switch in an OSPF area. Because the loopback interface is always up,  
you ensure that the switch's router ID remains constant and that the OSPF  
network is protected from changes caused by downed interfaces.  
N o t e  
OSPF does not require that you use an IP address as the router ID. OSPF only  
requires the router ID to be a unique value within the autonomous system  
(AS). However, if you configure the loopback IP address as the router ID,  
OSPF can reach the switch if any switch interface is up. (Normally, OSPF  
automatically configures the router ID with the IP address of a switch inter-  
face. The disadvantage is that if the interface goes down, OSPF can no longer  
ping the switch using the router ID even if other interfaces are operational.)  
For more information about how to configure a loopback IP address to  
participate in an OSPF broadcast area, refer to the section titled “(Optional)  
Assigning Loopback Addresses to an Area” in the Multicast and Routing  
Guide.  
Configuring a Loopback Interface  
To configure a loopback interface, enter the interface loopback command at  
the global configuration level of the CLI:  
Syntax: [no] interface loopback <number>  
Creates a loopback interface, where <number> is a value from  
1 to 7. Use the no form of the command to remove the loopback  
interface.  
Note: You cannot remove the default loopback interface  
(number 0) with IP address 127.0.0.1.  
You can configure up to thirty-two IP addresses on a loopback interface. To  
configure an IP address for the loopback interface, enter the ip address < ip-  
address > command at the loopback interface configuration level as shown in  
the following example.  
Note that when you configure an IP address for a loopback interface, you do  
not specify a network mask. The default subnet mask 255.255.255.255 is used.  
7-17  
       
Configuring IP Addressing  
Loopback Interfaces  
HP Switch(config)# interface loopback 1  
HP Switch(config)# ip address 10.1.1.1  
Figure 7-6. Example of a Loopback Interface Configuration  
N o t e s  
You can configure a loopback interface only from the CLI; you cannot  
configure a loopback interface from the WebAgent or Menu interface.  
Loopback interfaces share the same IP address space with VLAN config-  
urations. The maximum number of IP addresses supported on a switch is  
2048, which includes all IP addresses configured for both VLANs and  
loopback interfaces (except for the default loopback IP address  
127.0.0.1).  
Each IP address that you configure on a loopback interface must be  
unique in the switch. This means that the address cannot be used by a  
VLAN interface or another loopback interface.  
For example, if you configure a VLAN with IP address 172.16.100.8/24, you  
cannot configure a loopback interface with IP address 172.16.100.8. In the  
same way, if you configure a loopback interface (lo1) with IP address  
172.16.101.8, you cannot configure another loopback interface (lo2) with  
IP address 172.16.101.8.  
You can configure multiple IP addresses on a loopback interface (lo0 to  
lo7). Up to thirty-two IP addresses are supported on a loopback interface.  
The following example shows valid IP address configurations on two  
loopback interfaces.  
HP Switch(config)# interface loopback 0  
HP Switch(lo0)# ip address 172.16.101.8  
HP Switch(lo0)# ip address 172.16.101.9  
HP Switch(lo0)# exit  
HP Switch(config)# interface loopback 1  
HP Switch(lol)# ip address 172.16.102.1  
HP Switch(lol)# ip address 172.16.102.2  
Displaying Loopback Interface Configurations  
To display the list of loopback interfaces which have been assigned IP  
addresses, enter the show ip command.  
7-18  
   
Configuring IP Addressing  
Loopback Interfaces  
In the show ip command output, information about configured loopback  
interfaces is displayed below other IP configuration parameters, such as  
packet time-to-live (TTL) and ARP age-out values, and VLAN IP configura-  
tions. The following example displays the IP addresses configured for two  
user-defined loopback interfaces (lo1 and lo2).  
HP Switch# show ip  
IP Routing : Enabled  
Default Gateway : 15.255.128.1  
Default TTL  
Arp Age  
: 64  
: 20  
Domain Suffix :  
DNS server  
:
|
Proxy ARP  
Std Local  
VLAN  
| IP Config IP Address  
Subnet Mask  
-------------------- + ---------- --------------- --------------- ----------  
DEFAULT_VLAN  
VLAN2  
VLAN3  
| Manual  
Manual  
10.0.8.121  
192.168.12.1  
255.255.0.0  
255.255.255.0 No  
No  
No  
No  
Disabled  
Loopback Addresses  
IP Address  
-------- ---------- ---------------  
Loopback IP Config  
Subnet Mask  
----------------  
255.255.255.255  
255.255.255.255  
255.255.255.255  
lol  
lo2  
lo2  
Manual  
Manual  
Manual  
172.16.110.2  
172.16.112.2  
172.16.114.1  
Figure 7-7. Example of show ip Command Output  
N o t e  
The default loopback interface (lo0) with IP address 127.0.0.1 is not displayed  
in the show ip command output because it is permanently configured on the  
switch. To display the default loopback address, enter the show ip route  
command as shown in figure 7-8.  
7-19  
 
Configuring IP Addressing  
Loopback Interfaces  
To display the loopback interfaces configured on the switch in a list of IP  
routing entries displayed according to destination IP address, enter the show  
ip route command.  
The following example displays the configuration of the default loopback  
interface (lo0) and one user-defined loopback interface (lo2).  
HP Switch# show ip route  
IP Route Entries  
VLAN Type  
Destination  
Gateway  
Sub-Type Metric  
Dist.  
------------------ --------------- ---- --------- ---------- ---------- -----  
10.0.0.0/16  
127.0.0.0/8  
127.0.0.1/32  
172.16.10.121/32 lo2  
172.16.100.0/24  
172.16.102.0/24  
DEFAULT_VLAN 1  
reject  
lo0  
connected  
static  
1
0
1
0
0
0
0
1
0
connected  
static  
1
IntraArea 1  
1
10.0.8.11  
VLAN2  
1
2
ospf  
connected  
Figure 7-8. Example of show ip route Command Output  
7-20  
 
Configuring IP Addressing  
IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads  
IP Preserve: Retaining VLAN-1 IP  
Addressing Across Configuration File  
Downloads  
For the switches covered in this guide, IP Preserve enables you to copy a  
configuration file to multiple switches while retaining the individual IP  
address and subnet mask on VLAN 1 in each switch, and the Gateway IP  
address assigned to the switch. This enables you to distribute the same  
configuration file to multiple switches without overwriting their individual IP  
addresses.  
Operating Rules for IP Preserve  
When ip preserve is entered as the last line in a configuration file stored on a  
TFTP server:  
If the switch’s current IP address for VLAN 1 was not configured by DHCP/  
Bootp, IP Preserve retains the switch’s current IP address, subnet mask,  
and IP gateway address when the switch downloads the file and reboots.  
The switch adopts all other configuration parameters in the configuration  
file into the startup-config file.  
If the switch’s current IP addressing for VLAN 1 is from a DHCP server,  
IP Preserve is suspended. In this case, whatever IP addressing the config-  
uration file specifies is implemented when the switch downloads the file  
and reboots. If the file includes DHCP/Bootp as the IP addressing source  
for VLAN 1, the switch will configure itself accordingly and use DHCP/  
Bootp. If instead, the file includes a dedicated IP address and subnet mask  
for VLAN 1 and a specific gateway IP address, then the switch will  
implement these settings in the startup-config file.  
The ip preserve statement does not appear in show config listings. To verify  
IP Preserve in a configuration file, open the file in a text editor and view  
the last line. For an example of implementing IP Preserve in a configura-  
tion file, see figure 7-9, below.  
Enabling IP Preserve  
To set up IP Preserve, enter the ip preserve statement at the end of a configu-  
ration file. (Note that you do not execute IP Preserve by entering a command  
from the CLI).  
7-21  
             
Configuring IP Addressing  
IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads  
; J9091A Configuration Editor; Created on release #K.15.06.0000x  
hostname “HP Switch”  
time daylight-time-rule None  
.
.
.
password manager  
password operator  
ip preserve  
Entering “ip preserve” in the last line of a configuration file implements IP  
Preserv when the file is downloaded to the switch and the switch reboots.  
Figure 7-9. Example of Implementing IP Preserve in a Configuration File  
For example, consider figure 7-10:  
DHCP  
Server  
TFTP  
Server  
Management  
config.  
Station  
IP  
Address  
Switch 1  
Switch 4  
Switch 3  
VLAN 1: DHCP  
VLAN 1:  
10.31.22.101  
VLAN 1:  
10.31.22.102  
VLAN 1:  
10.31.22.103  
Switch 4 also copies and implements the  
config.txt file from the TFTP server (figure 7-11),  
but acquires new IP addressing from the DHCP  
Switches 1 through 3 copy and implement the config.txt file  
from the TFTP server (figure 7-11), but retain their current IP  
Figure 7-10. Example of IP Preserve Operation with Multiple Series Switches  
If you apply the following configuration file to figure 7-10, switches 1 - 3 will  
retain their manually assigned IP addressing and switch 4 will be configured  
to acquire its IP addressing from a DHCP server.  
7-22  
Configuring IP Addressing  
IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads  
HP Switch(config)# show run  
Running configuration:  
; J9091A Configuration Editor; Created on release #K.15.06.0000x  
hostname "HP Switch"  
module 1 type J8702A  
module 2 type J8705A  
trunk A11-A12 Trk1 Trunk  
ip default-gateway 10.10.10.115  
snmp-server community "public" Unrestricted  
vlan 1  
Using figure 7-10, above, switches 1 - 3 ignore these  
entries because the file implements IP Preserve and  
their current IP addressing was not acquired through  
DHCP/Bootp.  
name "DEFAULT_VLAN"  
untagged A1-A10,A13-A24,B1-B24,Trk1  
ip address dhcp-bootp  
exit  
Switch 4 ignores IP Preserve and implements the  
DHCP/Bootp addressing and IP Gateway specified in  
this file (because its last IP addressing was acquired  
from a DHCP/Bootp server).  
spanning-tree Trk1 priority 4  
password manager  
password operator  
Figure 7-11. Configuration File in TFTP Server, with DHCP/Bootp Specified as the IP Addressing Source  
If you apply this configuration file to figure 7-10, switches 1 - 3 will still retain  
their manually assigned IP addressing. However, switch 4 will be configured  
with the IP addressing included in the file.  
7-23  
 
Configuring IP Addressing  
IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads  
HP Switch# show run  
Running configuration:  
; J9091A Configuration Editor; Created on release #K.15.06.0000x  
hostname "HP Switch"  
module 1 type J8702A  
module 2 type J8705A  
trunk A11-A12 Trk1 Trunk  
ip default-gateway 10.10.10.115  
snmp-server community "public" Unrestricted  
vlan 1  
Because switch 4 (figure 7-10)  
receiveditsmostrecentIPaddressing  
from a DHCP/Bootp server, the switch  
ignores the ip preserve command and  
implements the IP addressing  
included in this file.  
name "DEFAULT_VLAN"  
untagged A1,A7-A10,A13-A24,B1-B24,Trk1  
ip address 10.12.17.175 255.255.255.0  
tagged A4-A6  
no untagged A2-A3  
exit  
vlan 2  
name "VLAN2"  
untagged A2-A3  
no ip address  
exit  
spanning-tree Trk1 priority 4  
password manager  
password operator  
Figure 7-12. Configuration File in TFTP Server, with Dedicated IP Addressing Instead of DHCP/Bootp  
To summarize the IP Preserve effect on IP addressing:  
If the switch received its most recent VLAN 1 IP addressing from a DHCP/  
Bootp server, it ignores the IP Preserve command when it downloads the  
configuration file, and implements whatever IP addressing instructions  
are in the configuration file.  
If the switch did not receive its most recent VLAN 1 IP addressing from a  
DHCP/Bootp server, it retainsits currentIPaddressing when itdownloads  
the configuration file.  
The content of the downloaded configuration file determines the IP  
addresses and subnet masks for other VLANs.  
7-24  
 
Configuring IP Addressing  
Configuring a Single Source IP Address  
Configuring a Single Source IP Address  
Overview  
This feature applies to the following software applications:  
RADIUS  
SFlow  
SNTP  
System Logging applications  
TACACS  
Telnet  
TFTP  
The above IP-based software applications use a client-server communication  
model, that is, the client’s source IP address is used for unique client identifi-  
cation. The source IP address is determined by the system and is usually the  
IP address of the outgoing interface in the routing table. However, routing  
switches may have multiple routing interfaces due to load balancing orrouting  
redundancy, and outgoing packets can potentially be sent by different paths  
at different times. This results in different source IP addresses, which creates  
a client identification problem on the server site. For example, there is no way  
to designate a fixed IP address for outgoing packets for RADIUS or TACACS,  
so it is necessary to configure in the RADIUS or TACACS database all possible  
IP addresses that are configured on the switch as valid clients. When using  
system logging, it can be difficult to interpret the logging and accounting data  
on the server site as the same client can be logged with different IP addresses.  
To decrease the amount of administrative work involved, a configuration  
model is provided that allows the selection of an IP address to use as the  
source address for all outgoing traffic generated by a specified software  
application on the switch. This allows unique identification of the software  
application on the server site regardless of which local interface has beenused  
to reach the destination server.  
7-25  
   
Configuring IP Addressing  
Configuring a Single Source IP Address  
Specifying the Source IP Address  
The CLI command ip source-interface is used to specify the source IP address  
for an application. Different source IP addresses can be used for different  
software applications, but only one source IP address can be specified for  
each application.  
.
Syntax:  
[no] ip source-interface <radius | sflow | sntp | syslog | tacacs | telnet | tftp  
| all> <loopback <id> | vlan <vlan-id> address <ip-address>>  
Determines the source IP address used by the specified  
software application when transmitting IP packets. The all  
parameter can be used to set one IP address for all the listed  
applications.  
The no version of the command cancels the configuration and  
the application reverts to its default behavior. The system  
determines the source IP address of outgoing application-  
specific IP packets at packet transmission time.  
loopback <id>: Specifies that the IP address of the loopback  
interface is used as the source IP address in outgoing packets.  
If the loopback interface has no IP address, then the  
application reverts to the default behavior. If more than one IP  
address is configured, then the lowest IP address is used.  
vlan <vlan-id>: Specifies that the IP address of the indicated  
VLAN interface is used as the source IP address of outgoing  
packets. If the specified VLAN interface has no IP address  
configured, or is down, then the application reverts to the  
default behavior. If more than one IP address is configured,  
then the lowest IP address is used.  
address <ip-address>: Specifies the IP address that should be  
used as the source IP address of outgoing packets. The IP  
address must be a valid IP address configured on one of the  
switch’s VLAN or loopback interfaces. If the interface is down,  
then the application reverts to the default behavior.  
The Source IP Selection Policy  
The source IP address selection for the application protocols is defined  
through assignment of one of the following policies:  
7-26  
           
Configuring IP Addressing  
Configuring a Single Source IP Address  
Outgoing Interface—the IP address of the outgoing IP interface is used as  
the source IP address. This is the default policy and the default behavior  
of applications.  
Configured IP Address—the specific IP address that is used as the source  
IP address. This address is configured on one of the switch’s IP interfaces,  
either a VLAN interface or a Loopback interface.  
Configured IP Interface—the IP address from the specific IP interface  
(VLAN or Loopback) is used as the source IP address. If there are multiple  
IP addresses assigned (multinetting, for example), the lowest IP address  
is used.  
If the selection policy cannot be executed because the interface does not have  
an IP address configured, does not exist, or is down, the application protocol  
uses the default Outgoing Interface policy. A warning message is displayed,  
but the configuration changes are accepted. When using the show ip source-  
interface status command to display information about the source IP address  
selection policy, the administratively-assigned source IP selection policy and  
the actual (operational) source IP selection policy in effect are displayed. The  
operational source IP selection policy may be different from the assigned  
source selection policy if the IP interface does not exist or is down. In this  
case, the default of Outgoing Interface appears as the operational policy (See  
figure 7-13).  
HP Switch(config)# show ip source-interface detail  
Source-IP Detailed Information  
Protocol : Tacacs  
Admin Policy  
Oper Policy  
Source IP Interface  
Source IP Address  
: Configured IP Interface  
: Outgoing Interface  
: Vlan 22  
The Admin Policy differs from the Oper  
Policy because the Source Interface  
State is Down. The default Outgoing  
Interface policy is actually in effect.  
: 10.10.10.4  
Source Interface State : Down  
Figure 7-13. Example of the Administratively-assigned Source IP Selection Policy Differing From the  
Operational Policy  
The no form of the ip source-interface command reverts the application proto-  
cols to the default behavior. The Outgoing Interface policy is used.  
Figure 7-14 is an example of assigning a specific source IP address for a  
RADIUS application. The administrative policy is Configured IP Address.  
7-27  
         
Configuring IP Addressing  
Configuring a Single Source IP Address  
HP Switch(config)# ip source-interface radius address 10.10.10.2  
HP Switch(config)# show ip source-interface radius  
Source-IP Configuration Information  
Protocol | Admin Selection Policy IP Interface IP Address  
-------- + ----------------------- -------------- ---------------  
Radius | Configured IP Address vlan 3  
10.10.10.2  
Figure 7-14. Example of a Specific IP Address Assigned for the RADIUS Application Protocol  
In figure 7-15, a VLAN interface (VLAN 22) is specified as the source IP address  
for TACACS. The administrative policy is Configured IP Interface.  
HP Switch(config)# ip source-interface tacacs vlan 22  
HP Switch(config)# show ip source-interface tacacs  
Source-IP Configuration Information  
Protocol | Admin Selection Policy IP Interface IP Address  
-------- + ----------------------- -------------- ---------------  
Tacacs | Configured IP Interface vlan 22  
10.10.10.4  
Figure 7-15. Example of Using a VLAN Interface as the Source IP Address for TACACS  
Figure 7-16 shows a VLAN interface being specified as the source IP address  
for logging. The administrative policy is Configured IP Interface.  
HP Switch(config)# ip source-interface syslog vlan 10  
HP Switch(config)# show ip source-interface syslog  
Source-IP Configuration Information  
Protocol | Admin Selection Policy IP Interface IP Address  
-------- + ----------------------- -------------- ---------------  
Syslog | Configured IP Interface vlan 10  
10.10.10.10  
Figure 7-16. Example of Using a VLAN Interface as the Source IP Address for Logging (Syslog)  
7-28  
 
Configuring IP Addressing  
Configuring a Single Source IP Address  
Displaying the Source IP Interface Information  
There are several show commands that can be used to display information  
about the source IP interface status.  
Syntax:  
show ip source-interface status [radius | sflow | sntp | tacacs | telnet | tftp  
| syslog]  
Displays the operational status information for the source IP  
address selection policy. Both the administratively-assigned  
source IP selection policy and the operational source IP  
selection policy are displayed.  
When no parameters are specified, policy information for all  
protocols is displayed.  
HP Switch(config)# show ip source-interface status  
Source-IP Status Information  
Protocol | Admin Selection Policy Oper Selection Policy  
-------- + ----------------------- -----------------------  
Tacacs | Configured IP Interface Configured IP Interface  
Radius | Configured IP Address Configured IP Address  
Syslog | Configured IP Interface Outgoing Interface  
Telnet | Outgoing Interface  
Outgoing Interface  
Outgoing Interface  
Outgoing Interface  
Tftp  
Sntp  
Sflow  
| Outgoing Interface  
| Outgoing Interface  
| Configured IP Interface Configured IP Interface  
Figure 7-17. Example of the Data Displayed for Source IP Interface Status  
When executing the show ip source-interface command without parameters,  
the configured IP interfaces (VLANs) and IP addresses are displayed for each  
protocol.  
7-29  
   
Configuring IP Addressing  
Configuring a Single Source IP Address  
HP Switch(config)# show ip source-interface  
Source-IP Configuration Information  
Protocol | Admin Selection Policy IP Interface IP Address  
-------- + ----------------------- -------------- ---------------  
Tacacs | Configured IP Interface vlan 22  
Radius | Configured IP Address  
Syslog | Configured IP Interface vlan 10  
Telnet | Outgoing Interface  
10.10.10.2  
Tftp  
Sntp  
Sflow  
| Outgoing Interface  
| Outgoing Interface  
| Outgoing Interface  
Figure 7-18. Example of show ip source-interface Command Output  
The show ip source-interface detail command displays detailed information  
about the configured policies, source IP address, and interface state for each  
protocol.  
Syntax:  
show ip source-interface detail [radius | sflow | sntp | tacacs | telnet | tftp  
| syslog]  
Displays detailed operational status information for the  
source IP address selection policy. Information about the  
configured policies, source IP address and interface state are  
displayed.  
When no parameters are specified, policy information for all  
protocols is displayed.  
7-30  
 
Configuring IP Addressing  
Configuring a Single Source IP Address  
HP Switch(config)# show ip source-interface detail  
Source-IP Detailed Information  
Protocol : Tacacs  
Admin Policy  
: Configured IP Interface  
Oper Policy  
: Configured IP Interface  
: vlan 22  
Source IP Interface  
Source IP Address  
Source Interface State : Up  
: 10.10.10.4  
Protocol : Radius  
Admin Policy  
: Configured IP Address  
Oper Policy  
: Configured IP Address  
: vlan 3  
Source IP Interface  
Source IP Address  
: 10.10.10.2  
Source Interface State : Up  
Protocol : Syslog  
Admin Policy  
: Configured IP Interface  
Oper Policy  
: Configured IP Interface  
: vlan 10  
Source IP Interface  
Source IP Address  
: 10.10.10.10  
Source Interface State : Up  
Protocol : Telnet  
Admin Policy  
: Configured IP Interface  
Oper Policy  
: Configured IP Interface  
: loopback 1  
Source IP Interface  
Source IP Address  
: 10.10.10.11  
Source Interface State : Up  
Protocol : Tftp  
Admin Policy  
: Outgoing Interface  
Oper Policy  
: Outgoing Interface  
Source IP Interface  
Source IP Address  
: N/A  
: N/A  
Source Interface State : N/A  
Protocol : Sntp  
Admin Policy  
: Outgoing Interface  
Oper Policy  
: Outgoing Interface  
Source IP Interface  
Source IP Address  
: N/A  
: N/A  
Source Interface State : N/A  
Protocl : Sflow  
Admin Policy  
: Outgoing Interface  
Oper Policy  
: Outgoing Interface  
Source IP Interface  
Source IP Address  
: N/A  
: N/A  
Source Interface State : N/A  
Figure 7-19. Example of Detailed Information Displayed for Each Protocol  
The show command can also be usedwith the application to display the source  
IP address selection information in effect for the application protocol.  
7-31  
Configuring IP Addressing  
Configuring a Single Source IP Address  
HP Switch(config)# show radius  
Status and Counters - General RADIUS Information  
Deadtime(min) : 0  
Timeout(secs) : 5  
Retransmit Attempts : 3  
Global Encryption Key :  
Dynamic Authorization UDP Port : 3799  
Source IP Selection : Configured IP address  
Source IP Selection for the specified  
application protocol is displayed.  
Figure 7-20. Example of show radius Command Displaying Source IP Selection Information  
HP Switch(config)# show tacacs  
Status and Counters - TACACS Information  
Timeout : 5  
Source IP Selection for the specified  
application protocol is displayed.  
Source IP Selection : Configured IP Interface  
Encryption Key :  
Figure 7-21. Example of show tacacs Command Displaying Source IP Selection Information  
HP Switch(config)# show debug  
Debug Logging  
Source IP Selection for the specified  
application protocol is displayed.  
Source IP Selection: Configured IP interface  
Destination: None  
Enabled debug types:  
None are enabled.  
Figure 7-22. Example of show debug Command Displaying Source IP Selection Information for Syslog  
7-32  
     
Configuring IP Addressing  
Configuring a Single Source IP Address  
HP Switch(config)# show telnet  
Telnet Activity  
Source IP Selection is displayed.  
Source IP Selection: 10.10.10.11  
--------------------------------------------------------  
Session : ** 1  
Privilege: Manager  
From  
To  
: Console  
:
Figure 7-23. Example of show telnet Command Displaying Source IP Selection  
HP Switch(config)# show sntp  
SNTP Configuration  
SNTP Authentication : Disabled  
Time Sync Mode: Timep  
SNTP Mode : disabled  
Poll Interval (sec) [720] : 720  
Source IP Selection: Outgoing Interface  
Source IP Selection is displayed.  
Figure 7-24. Example of show sntp Command Displaying Source IP Selection  
HP Switch(config)# show sflow agent  
Version  
Agent Address  
: 1.3;HP;K.15.07.0000x  
: 10.1.1.1  
Source IP Selection : Configured IP Interface  
Figure 7-25. Example of sFlow Agent Information  
Error Messages  
The following error messages may appear when configuring source IP selec-  
tion if the interface does not exist, is not configured for IP, or is down.  
Error Message  
Description  
Warning: Specified IP address is not configured on any inter- The IP address specified has not been assigned to any  
face  
interface on the switch.  
Warning: Specified IP interface is not configured  
The IP interface has not been configured.  
7-33  
 
Configuring IP Addressing  
Configuring a Single Source IP Address  
Error Message  
Description  
Warning: Specified IP interface is not configured for IP  
Warning: Specified IP interface is down.  
An IP address has not been assigned to this interface.  
TheinterfaceontheswitchassociatedwiththisIPaddress  
is down.  
Warning: Specified IP interface is configured for DHCP  
The IP address has not been configured specifically  
(manually) for this interface and may change.  
7-34  
8
Software Management  
Downloading Switch Documentation  
and Software from the Web  
You can download software updates and the corresponding product documen-  
tation from the HP Networking Website. Check the web site frequently for the  
latest software version available for your switch.  
Viewing or Downloading the Software Manual Set  
Downloading Software Updates for Your Switch  
HP periodically provides switch software updates through the HP Networking  
website (www.hp.com/networking/support). After you acquire the new software  
file, you can use one of the following methods for downloading it to the switch:  
For a TFTP transfer from a server, do either of the following:  
Select Download OS in the Main Menu of the switch’s menu interface  
and use the (default) TFTP option.  
Use the copy tftp command in the switch’s CLI (see below).  
For an Xmodem transfer from a PC or Unix workstation, do either of the  
Select Download OS in the Main Menu of the switch’s menu interface  
and select the XMODEM option.  
Use the copy xmodem command in the switch’s CLI (page 8-3).  
Use the USB port to download a software file from a USB flash drive (page  
8-4).  
Use the download utility in PCM+ management software.  
8-1  
         
Software Management  
Downloading Switch Documentation and Software from the Web  
N o t e  
Downloading new software does not change the current switch configuration.  
The switch configuration is contained in a separate file that can also be  
transferred, for example, toarchive ortobe usedinanother switch of the same  
model.  
This section describes how to use the CLI to download software to the switch.  
You can also use the menu interface for software downloads. For more  
information, see “Using the Menu Interface” on page 2-1 in this guide.  
TFTP Download from a Server  
Syntax: copy tftp flash <ip-address> <remote-os-file> [ < primary | secondary > ]  
Note that if you do not specify the flash destination, the TFTP download  
defaults to the primary flash.  
For example, to download a software file named K_15_01_0031.swi from a  
TFTP server with the IP address of 10.28.227.103:  
1. Execute the copy command as shown below:  
HP Switch# copy tftp flash 10.28.227.103  
K_15_01_0031.swi  
The primary OS image will be deleted. continue  
[y/n]? Y  
03125K  
2. When the switch finishes downloading the software file from the server,  
it displays the progress message  
Validating and Writing System Software to FLASH...  
3. When the CLI prompt re-appears, the switch is ready to reboot to activate  
the downloaded software:  
a. Use the show flash command to verify that the new software version  
is in the expected flash area (primary or secondary)  
b. Reboot the switch from the flash area that holds the new software  
(primary or secondary), using the following command:  
Syntax: boot system flash [ < primary | secondary > ]  
After the switch reboots, it displays the CLI or Main Menu, depending on  
the Logon Default setting last configured in the menu’s Switch Setup  
screen.  
8-2  
     
Software Management  
Downloading Switch Documentation and Software from the Web  
4. Verify the software version by displaying the system information for the  
switch (for example, through the show system-information command), and  
viewing the Software revisionfield.  
Xmodem Download From a PC or Unix Workstation  
This procedure assumes that:  
The switch is connected via the Console RS-232 port to a PC operating  
as a terminal. (Refer to your switch Installation and Getting Started  
Guide for information on connecting a PC as a terminal and running  
the switch console interface.)  
The switch software is stored on a disk drive in the PC.  
The terminal emulator you are using includes the Xmodem binary  
transfer feature. (For example, in the HyperTerminal application  
included with most Windows systems, the Send File option in the  
Transfer drop-down menu supports the Xmodem protocol.)  
Using Xmodem and a terminal emulator, you can download a switch software  
file to either primary or secondary flash using the CLI.  
Syntax: copy xmodem flash [< primary | secondary >]  
1. To reduce the download time, you may want to increase the baud rate in  
your terminal emulator and in the switch to a value such as 115200 bits  
per second. (The baud rate must be the same in both devices.) For  
example, to change the baud rate in the switch to 115200, execute this  
command:  
HP Switch(config)# console baud-rate 115200  
(If you use this option, be sure to set your terminal emulator to the same  
baud rate.)  
Changing the console baud-rate requires saving to the Startup Config with  
the write memory command. Alternatively, you can logout of the switch  
and change your terminal emulator speed and allow the switch to Auto-  
Detect your new higher baud rate (i.e. 115200 bps)  
2. Execute the following command in the CLI:  
HP Switch# copy xmodem flash primary  
The primary OS image will be deleted. continue [y/n]? Y  
Press ‘Enter’ and start XMODEM on your host...  
3. Execute the terminal emulator commands to begin the Xmodem transfer.  
For example, using HyperTerminal:  
8-3  
     
Software Management  
Downloading Switch Documentation and Software from the Web  
a. Click on Transfer, then Send File.  
b. Type the file path and name in the Filename field.  
c. In the Protocol field, select Xmodem.  
d. Click on the Send button.  
The download can take several minutes, depending on the baud rate used  
in the transfer.  
4. If you increased the baud rate on the switch (1), use the same command  
to return it to its previous setting. (A baud rate of 9600 bits per second is  
recommended for most applications.) Remember to return your terminal  
emulator to the same baud rate as the switch.)  
5. Use the show flash command to verify that the new software version is in  
the expected flash area (primary or secondary)  
6. Reboot the switch from the flash area that holds the new software  
(primary or secondary).  
After the switch reboots, it displays the CLI or Main Menu, depending on  
the Logon Default setting last configured in the menu’s Switch Setup  
screen.  
Using USB to Download Switch Software  
To use the USB port on the switch to download a software version from a USB  
flash drive:  
The software version must be stored on the USB flash drive, and you must  
know the file name (such as K_15_01_0031.swi).  
The USB flash drive must be properly installed in the USB port on the  
switch.  
N o t e  
Some USB flash drives may not be supported on your switch. For information  
on USB device compatibility, refer to the HP networking support FAQ web  
pages,  
www.hp.com/go/procurve/faqs, and select FAQs for your switch.  
Syntax: copy usb flash <filename> [ < primary | secondary > ]  
For example, to download a software file named K_15_01_0031.swi from a  
USB flash drive:  
1. Execute the copy command as shown below:  
8-4  
   
Software Management  
Downloading Switch Documentation and Software from the Web  
HP Switch# copy usb flash K_15_01_0031.swi  
secondary  
The secondary OS image will be deleted. continue  
[y/n]? Y  
03125K  
2. When the switch finishes downloading the software file from the server,  
it displays the progress message  
Validating and Writing System Software to FLASH...  
3. When the CLI prompt re-appears, the switch is ready to reboot to activate  
the downloaded software:  
a. Use the show flash command to verify that the new software version  
is in the expected flash area (primary or secondary)  
b. Reboot the switch from the flash area that holds the new software  
(primary or secondary), using the following command:  
Syntax: boot system flash [ < primary | secondary > ]  
After the switch reboots, it displays the CLI or Main Menu, depending on  
the Logon Default setting last configured in the menu’s Switch Setup  
screen.  
4. Verify the software version by displaying the system information for the  
switch (for example, through the show system-information command), and  
viewing the Software revisionfield.  
Software Signing and Verification  
As an enhanced security feature, you can verify whether a software image  
being downloaded to or stored in your switch has, in fact, been provided by  
HP Networking without any modification or corruption.  
Validation is based on the image signature that is generated and attached to  
the switch software by HP Code Signing Service (HPCSS). HP Networking  
implemented digital signature validation starting with specific switch soft-  
ware versions. For a list of these software versions, go to:  
www.hp.com/networking/swvalidation.  
N o t e  
Once a switch software image has been digitally signed on a specific version,  
all later versions will also be signed.  
8-5  
   
Software Management  
Downloading Switch Documentation and Software from the Web  
Switches supporting digital signature verification will generate an error mes-  
sage if you attempt to download an image that is not digitally signed. For  
example, using the CLI commands described above to revert back to an image  
that isn’t signed from an image that is signed and supports verification would  
result in the following message:  
This software image does not contain a digital  
signature and cannot be validated as originating from  
HP. You may bypass this validation by using the 'allow-  
no-signature' option. Please see www.hp.com/network-  
ing/swvalidation for information about which versions  
of software contain digital signatures.  
When you use the copy command to download a properly signed image, the  
CLI logs the following syslog message:  
Update: Firmware image contains valid signature.  
Errors related to signature validation will generate one of the following log  
messages:  
• Update: Aborted. Downloaded file invalid.  
• Update: Aborted. Firmware image does not contain a  
signature.  
• Update: Aborted. Firmware image signature is not  
valid.  
Using the CLI to Validate or Bypass a Signature Verification  
Manually Validating Software. Ifnecessary,youcanvalidatesoftwarethat  
does not support signature verification by executing the following command:  
verify signature flash {primary|secondary}  
If the signature is valid, the following message will be displayed:  
Signature is valid.  
Bypassing Verification. If necessary, you can use the allow-no-signature  
option to bypass signature verification. To do this, execute the copy command  
as follows:  
copy {tftp|sftp|usb|xmodem} flash [<hostname/IP>]  
[<filename>] {primary|secondary} allow-no-signature  
8-6  
 
Software Management  
Downloading Switch Documentation and Software from the Web  
N o t e  
support for your switch, go to: www.hp.com/networking/swvalidation.  
Saving Configurations While Using the CLI  
The switch operates with two configuration files:  
Running-Config File: Exists in volatile memory and controls switch  
operation. Rebooting the switch erases the current running-config file and  
replaces it with an exact copy of the current startup-config file. To save a  
configuration change, you must save the running configuration to the  
startup-config file.  
Startup-Config File: Exists in flash (non-volatile) memory and pre-  
serves the most recently-saved configuration as the “permanent” config-  
uration. When the switch reboots for any reason, an exact copy of the  
current startup-config file becomes the new running-config file in volatile  
memory.  
When you use the CLI to make a configuration change, the switch places the  
change in the running-config file. If you want to preserve the change across  
reboots, you must save the change to the startup-config file. Otherwise, the  
next time the switch reboots, the change will be lost. There are two ways to  
save configuration changes while using the CLI:  
Execute write memory from the Manager, Global, or Context configuration  
level.  
When exiting from the CLI to the Main Menu, press [Y] (for Yes) when  
you see the “save configuration” prompt:  
Do you want to save current configuration [y/n]?  
Important: Best Practices for Software Updates  
N o t e  
With version K.15.01.0031 and later software, you will notice a slight change  
in the versioning system.  
Software updates that contain significant new features and enhancements  
may be designated by an increment to both the major and minor release  
version numbers. That is, K.15.01.0031 represents a major update to software  
version(s) K.14.xx, and K.14.xx represents a major update to K.13.xx, and so  
forth. In addition, a future version (such as K.15.02.xxxx) may represent a  
minor release to version K.15.01.xxxx, but may still contain significant  
8-7  
       
Software Management  
Downloading Switch Documentation and Software from the Web  
changes. To mitigate against potential migration issues when performing such  
updates, this section documents best practices for updating the switch,  
including contingency procedures for rolling back to previous software  
versions and saved configurations.  
Updating the Switch: Overview  
C a u t i o n  
Before you update the switch software to a new version:  
We strongly recommend that you save a copy of your config file to an  
external location.  
We advise against rolling back (going from a newer software version  
to an older software version) without copying a backup config file to  
the device.  
If you do choose to downgrade software using your existing config file,  
unpredictable changes in the config file and switch behavior may occur. If  
booting a K.15.01.0031 or later config file into a K.14.xx or earlier versions of  
software, the following commands may be removed from your config file:  
Any commands that are present in K.15.01.0031 (or later) but are not  
present in earlier versions of software  
logging  
snmp-server  
mirror-session  
auto-tftp  
fault-finder  
interface loopback  
To perform an update to your switch software, follow the steps below (see  
“Updating the Switch: Detailed Steps” on page 8-9 for detailed steps):  
1. Download the image to your TFTP server.  
2. Save your current configuration (Config1) to a backup configuration file  
(Config2).  
3. Save your current configuration to an external tftp server.  
4. Backup your current running image (Primary) to the secondary image.  
5. Set your secondary image to boot with Config2.  
6. Download the new image to the switch’s primary image.  
7. Verify that your images and configuration are set correctly.  
8-8  
 
Software Management  
Downloading Switch Documentation and Software from the Web  
8. Reload the switch.  
After following these steps, you should end up with the following results:  
Primary image will hold the new software image you want to install (for  
example, K.15.01.0031)  
Secondary image will hold the image you are currently running (for  
example, K.14.47)  
Primary image will boot with Config1 (config file corresponding to new  
software version—in this example, K.15.01.0031)  
Secondary image will boot with Config2* (config file corresponding to  
previous software version—in this example, K.14.47)  
* The current config file must be copied to Config2, or you will be unable to  
revert if the need arises.  
N o t e  
You might opt to use a different methodology in which the new software will  
be installed as the secondary and not the primary image, in which case you  
would use the commands boot system flash secondary, and/or boot set-default  
flash secondary to change the location of the default boot. However, since you  
will still need to take precautions to allow you to revert to your previous  
configuration, We strongly recommend that you follow the methods that are  
proposed in our update process. This will ensure that you can use our  
proposed roll back procedures should the need arise.  
Updating the Switch: Detailed Steps  
The following detailed steps shows how to update the switch software from  
an existing version to a significant new version (in the example provided here,  
from version K.14.47 to version K.15.01.0031).  
1. Download the latest software image to your TFTP server from the HP  
networking web site.:  
2. Save your current configuration (Config1) to backup configuration file  
(Config2).  
a. Before copying the config, verify the current state of your system  
using the show version, show flash, and show config files commands.  
For example:  
Switch1# show version  
Image stamp:  
/sw/code/build/btm(t4a)  
Nov 6 2009 13:20:26  
8-9  
 
Software Management  
Downloading Switch Documentation and Software from the Web  
K.14.47  
188  
Boot Image:  
Primary  
Switch1# show flash  
Image  
-----  
Size(Bytes) Date Version  
---------- -------- -------  
Primary Image : 9839140 11/06/09 K.14.47  
Secondary Image : 0  
Boot Rom Version: K.12.20  
Default Boot  
: Primary  
Switch1# show config files  
Configuration files:  
id | act pri sec | name  
---+-------------+---------------------------------  
1 | * * * | config1  
2 |  
3 |  
|
|
b. Create a backup configuration file and verify the change.  
Switch1# copy config config1 config config2  
Switch1# show config files  
Configuration files:  
id | act pri sec | name  
---+-------------+---------------------------------  
1 | * * * | config1  
2 |  
3 |  
| config2  
|
3. Save the current config to a tftp server using the copy tftp command. For  
example:  
Switch1# copy startup-config tftp 10.1.1.60  
Switch1_config_K_14_47.cfg  
8-10  
Software Management  
Downloading Switch Documentation and Software from the Web  
N o t e  
This step is necessary because HP switches do not support roll back (going  
from a newer software version to an older software version) without the  
ability to copy a backup config file onto the device.  
4. Backup your current running image (primary) to the secondary image.  
Switch1# copy flash flash secondary  
Switch1# show flash  
Image  
-----  
Size(Bytes) Date Version  
---------- -------- -------  
Primary Image : 9839140 11/06/09 K.14.47  
Secondary Image : 9839140 11/06/09 K.14.47  
Boot Rom Version: K.12.20  
Default Boot  
: Primary  
5. Set your secondary image to boot with Config2.  
Switch1# startup-default secondary config config2  
Switch1# show config files  
Configuration files:  
id | act pri sec | name  
---+-------------+---------------------------------  
1 | * *  
2 |  
3 |  
| config1  
* | config2  
|
N o t e  
Step 5 will enable you to revert from K.15.01.xxxx to your previous image with  
your previous configuration just by invoking the command boot system flash  
secondary.  
6. Download the new primary image.  
Switch1# copy tftp flash 192.168.1.60  
K_15_01_0031.swi primary  
The Primary OS Image will be deleted, continue [y/  
n]?  
8-11  
 
Software Management  
Downloading Switch Documentation and Software from the Web  
At the prompt, enter y for yes, and the new image will be downloaded and  
written to the File system. Once tftp download has been completed you  
will see the following message:  
Validating and Writing System Software to the  
Filesystem ...  
7. Verify that your images and configuration are set correctly. For example,  
if you updated from K.14.47 to K.15.01.0031, you should see the following  
outputs from the switch show commands:  
Switch1# show version  
Image stamp:  
/sw/code/build/btm(t4a)  
Nov 6 2009 13:20:26  
K.14.47  
188  
Boot Image:  
Primary  
Switch1# show flash  
Image  
-----  
Size(Bytes) Date Version  
---------- -------- -------  
Primary Image : 11537788 04/23/10 K.15.01.0031  
Secondary Image : 9839140 11/06/09 K.14.47  
Boot Rom Version: K.15.09  
Default Boot  
: Primary  
Switch1# show config files  
Configuration files:  
id | act pri sec | name  
---+-------------+---------------------------------  
1 | * *  
2 |  
3 |  
| config1  
* | config2  
|
8. Reload the new switch image.  
Switch1# reload  
System will be rebooted from primary image. Do you want  
to continue [y/n]? y  
At the prompt, enter y, for yes, and the switch will boot with the new image.  
8-12  
Software Management  
Downloading Switch Documentation and Software from the Web  
N o t e  
As an additional step, we recommend saving the startup-config to a tftp server  
using the copy tftp command. For example:  
Switch1# copy startup-config tftp 10.1.1.60  
Switch1_config_K_15_01_0031.cfg  
Rolling Back Switch Software  
If you have followed the update procedures documented in the previous  
section, you should be able to revert to your previous configuration and  
software version using the steps below.  
C a u t i o n  
Long Usernames and Passwords. Software versions K.15.01.0032 and later  
support the longer usernames and passwords introduced in K.14.59.  
Before downgrading to a software version that does not support long user-  
names and passwords, use one of the following procedures:  
Using the password CLI command or the Web browser interface,  
change usernames or passwords to be no more than 16 characters in  
length, and without any special characters. Then execute a CLI write  
memory command (required if the include-credentials feature has ever  
been enabled).  
Clearthevaluesusingthe nopasswordallCLIcommand. Thenexecute  
a CLI write memory command (required if the include-credentials  
feature has ever been enabled).  
Clear password values by using the "Clear" button on the switch. Then  
execute a CLI write memory command (required if the include-creden-  
tials feature has ever been enabled).  
Note: The procedures above should be used only when downgrading  
from a software version that supports long usernames and passwords  
to a version that does not.  
To roll back your switch from K.15.01.0031 to K.14.47, for example, follow the  
steps below:  
1. Verify that your images and configuration are set correctly using the show  
version, show flash, and show config files commands.  
8-13  
     
Software Management  
Downloading Switch Documentation and Software from the Web  
Switch1# show version  
Image stamp:  
/sw/code/build/btm(t5a)  
Apr 23 2010 05:43:42  
K.15.01.0031  
67  
Boot Image:  
Primary  
Switch1# show flash  
Image  
-----  
Size(Bytes) Date Version  
---------- -------- -------  
Primary Image : 11537788 04/23/10 K.15.01.0031  
Secondary Image : 9839140 11/06/09 K.14.47  
Boot Rom Version: K.15.09  
Default Boot  
: Primary  
Switch1# show config files  
Configuration files:  
id | act pri sec | name  
---+-------------+------------------------------  
1 | * *  
2 |  
3 |  
| config1  
* | config2  
|
2. Boot the switch using the secondary image (with config2).  
Switch1# boot system flash secondary  
System will be rebooted from secondary image. Do  
you want to continue [y/n]? y  
Enter y for yes, and the switch will boot from the secondary image  
(K.14.47, in this example) with the corresponding configuration for  
that software version (Config2).  
Viewing or Transferring Alternate Configuration Files  
Viewing or copying an alternate configuration saved to the switch will always  
be accomplished through the software currently running on the switch. This  
may result in a misleading portrayal of the configuration. For example, if a  
configuration is created on K.14.47 and saved as config2, and if it is then  
8-14  
   
Software Management  
Downloading Switch Documentation and Software from the Web  
viewed or transferred while the switch is running K.15.01.0031, it will appear  
as though K.15.01.0031 has converted the configuration. However, the alter-  
nate configuration file, config2, will still be intact on the switch and load  
properly when the switchis booted intothe same software version from which  
the configuration file originated.  
When an enhancement introduces a feature that did not previously exist in  
the switch, it may present several challenges to the user.  
Backwards compatibility of the configuration created with a version of soft-  
ware that supports a new feature or parameter is not guaranteed. Software  
versions that did not recognize or support a particular command or parameter  
will not be able to interpret that line in the configuration. For this reason, it is  
strongly recommended that network administrators always save their config-  
uration while still running the switch with the original software version,  
and with a notation indicating the software versiononwhich the configuration  
wassaved. For example, a user might save aconfigurationfor a switch running  
K.14.47 to a TFTP server with an IP address of 10.10.10.15 as follows:  
HP Switch-onK1447# copy running-config tftp  
10.10.10.15 5406onK1447  
If, for example, the user deems it necessary to revert to the use of K.14.47, the  
user can boot into it and then restore the saved config from the TFTP server.  
Viewing or copying an alternate configuration that is saved to the switch flash  
can be accomplished only with the software that is currently running on the  
switch.  
Here, for example, a configuration is created on K.14.47 and then saved to  
flash:  
HP Switch-onK1447# copy config config2 config  
K1447config <cr>  
And later, the configuration that was created on K.14.47 is viewed while the  
switch is running K.15.01.0031:  
HP Switch-onK1501# show config K1447config <cr>  
The command output will show how the K.14.47 config would be interpreted  
if it were to be used by the K.15.01.0031 software. Copying the K1447config  
file to a TFTP server would similarly trigger an interpretation by the software  
performing the file transfer. Note, however, that this does not actually change  
the configuration. If the version is rolled back from K.15.01.0031 to K.14.47  
with a command like the following (given that K.14.47 is stored in secondary  
flash), the K.14.xx formatted config is still intact and valid.  
8-15  
Software Management  
Downloading Switch Documentation and Software from the Web  
HP Switch# boot system flash secondary config  
K1447config  
This “interpretation” during a TFTP or show command execution is inherent  
in the architecture of the switch. When switch features change significantly  
(such as the move from IPv4 support to IPv6 support), there may be configu-  
ration parameters from the previous config that cannot be translated by the  
switch for viewing while it is running the new software. This necessitates  
storing configurations for each version of software to an external location, if  
the user would like to view the stored config prior to reloading it.  
8-16  
Index  
A
listing command options … 3-7  
alias  
command … 3-24  
ARP  
asterisk  
port or trunk-specific commands … 3-12  
B
banner  
default … 1-4  
user-configurable … 1-9  
IP address … 1-3  
manager password … 1-2  
Bootp … 7-14  
boot  
Bootp  
automatic switch configuration … 1-1  
Bootp table file … 7-14  
Bootptab file … 7-14  
operation … 7-12, 7-14  
server … 7-2  
permanent … 5-5  
permanent change defined … 5-2  
quick … 2-7  
reboot to activate changes … 2-12  
running-config file … 8-7  
saving from CLI … 8-7  
saving from menu interface … 2-9  
using with Unix systems … 7-14  
See also DHCP.  
Bootp/DHCP differences … 7-13  
Index – 1  
show default-config … 5-4  
system … 6-11  
meaning of asterisk … 2-9, 2-12  
navigation … 2-8, 2-9  
global config … 3-4, 7-10  
manager level … 3-4  
moving between contexts … 3-6  
port or trunk-group … 3-12  
VLAN-specific … 3-14  
multiple config file, tftp … 5-48  
date, configure … 6-14  
default custom config file … 5-8  
See also gateway.  
banner … 1-4, 1-8  
baud rate, speed sense … 6-1  
configuration file name, switch.cfg … 5-62  
console/serial configuration … 6-2  
default gateway, none … 7-1  
DHCP Option 66, enabled … 5-61  
flow control, XON/XOFF … 6-1  
inactivity timer, 0 minutes … 6-1  
interface access features … 6-1  
IP address, DHCP/Bootp … 7-2  
running-config file … 5-38  
running-config file operation … 5-37  
secondary boot path … 5-40  
show config file content … 5-41  
show multiple files … 5-40  
startup-config … 5-37  
startup-config file … 5-38  
2 – Index  
IP configuration features … 7-1  
loopback interface, le0 … 7-16  
MAC age time, 300 seconds … 6-11  
system information features … 6-11  
system name, switch product name … 6-11  
Telnet access, enabled … 6-1  
terminal … 6-1  
gateway  
configuring … 7-4  
default gateway … 7-2  
IP address … 7-3, 7-5  
manual config priority … 7-13  
on primary VLAN … 7-3  
default VLAN … 7-3  
DHCP  
automatic switch configuration … 1-1  
Bootp operation … 7-12  
H
for CLI … 3-10  
DHCP/Bootp differences … 7-13  
DHCP/Bootp process … 7-13  
DNS  
for menu interface … 2-8, 2-10  
hop, router … 7-11  
hostname parameter … 6-13  
switch documentation … 1-vii  
latest versions … 1-vii  
release notes … 1-vii  
Domain Name Server  
See DNS.  
download  
I
in-band  
Xmodem … 8-3  
IP … 7-6  
E
enhanced secure mode … 5-14, 5-51, 5-58  
erase  
config file … 5-49  
erase all zeroize … 5-26  
gateway … 7-2  
console menu … 2-7  
Event Log Message Reference Guide … 1-vii  
gateway (IP) address … 7-3  
menu access … 7-4  
F
multiple addresses in VLAN … 7-2, 7-8  
single source addressing … 7-26  
source IP address … 7-26  
source-interface command … 7-27  
subnet … 7-2, 7-8  
factory default configuration  
restoring … 5-7  
fastboot command … 5-32  
fault detection policy … 4-5  
flash memory … 2-9, 5-1  
Index – 3  
Time-To-Live … 7-6, 7-11  
MAC address … 7-14  
memory  
outgoing interface … 7-27  
quick start … 7-3  
removing or replacing … 7-10  
setup screen … 7-3  
source IP with debug  
startup configuration … 2-9  
configuration changes, saving … 2-9  
See also console.  
types … 3-16  
module  
not present with stacking … 2-14, 3-28  
module not present … 2-14, 3-28  
multinetting … 7-2, 7-8  
source IP with tacacs … 7-32  
source-interface option … 7-26  
telnet … 6-5  
telnet-server … 6-4  
IP Preserve  
tftp traffic … 5-48, 5-49  
web-management … 6-7  
operator access … 3-3, 3-5  
operator password … 4-5  
DHCP server … 7-21  
overview … 7-21  
rules, operating … 7-21  
summary of effect … 7-24  
K
L
console … 2-6  
delete … 4-6  
loopback interface  
benefits … 7-16  
configuration … 7-17  
default … 7-16, 7-19  
displaying configuration … 7-18  
in OSPF area … 7-17  
if you lose the password … 4-6  
lost … 4-6  
manager … 3-3  
operator … 3-3  
setting … 4-6  
multiple interfaces supported … 7-16  
lost password … 4-6  
passwords  
4 – Index  
PCM  
starting web browser … 4-4  
Clear button … 4-7  
port  
show  
default loopback interface … 7-19  
displaying loopback interface … 7-18  
loopback interface configuration … 7-16, 7-17  
numbering with stacking … 2-13, 3-28  
telnet … 6-5  
SNTP  
Software verification … 8-5  
SSH  
privilege levels … 3-2  
stacking  
Q
member ID … 2-13, 3-28  
module not present … 2-14, 3-28  
startup-config  
R
reboot  
faster boot time … 5-32  
via menu console … 2-7  
via menu interface … 2-9, 2-11  
See also boot.  
viewing … 5-4  
statistics … 2-6  
clear counters … 5-18  
access from console … 2-6  
subnet … 7-8  
reload … 5-2  
command … 5-28  
remote session, terminate … 6-9  
repeat, command description … 3-23  
reset  
Reset button … 5-2  
router  
subnet mask, configuring … 1-3  
switch console  
See console.  
switch setup menu … 2-7  
Switch Setup screen … 1-2  
gateway … 7-5  
router, hop … 7-11  
running-config  
T
Telnet  
show for VLANs … 5-51  
viewing … 5-4  
running-config file … 8-7  
domain name address … 6-5  
hostname … 6-5  
ipv6 address … 6-5  
oobm … 6-5  
outbound … 6-5  
session timeout … 6-5  
show command … 6-5  
S
scheduled reboot … 5-33  
SCP/SFTP  
transfer of config files … 5-50  
Index – 5  
switch-num … 6-5  
terminate session, kill command … 6-9  
telnet  
warranty … 0-ii  
NAWS … 6-6  
terminal type … 6-1  
time server … 7-2  
time zone 6-11, 6-14  
Time-To-Live … 7-3, 7-4, 7-5, 7-11  
on primary VLAN … 7-3  
See also TTL.  
TTL … 7-3, 7-4, 7-5, 7-6  
IP … 7-11  
manual config priority … 7-13  
on primary VLAN … 7-3  
See also Time-To-Live.  
tty=ansi … 6-8  
first-time install … 4-5  
password, setting … 4-6  
system requirements … 4-4  
web-management  
listen, oobm … 6-7  
oobm … 6-7  
write memory  
U
effect on menu interface … 2-12  
redundant management … 5-5  
Unix, Bootp … 7-14  
V
Xmodem OS download … 8-3  
VLAN  
flash … 5-25  
ID … 3-14  
file storage … 5-26  
from ROM console … 5-26  
management modules … 5-26  
redundant MM … 5-27  
with HA … 5-27  
multinet … 7-2  
multinetting … 7-2, 7-8  
multiple IP addresses … 7-2, 7-8  
primary … 7-2  
reboot required … 2-7  
subnet … 7-2, 7-8  
support enable/disable … 2-7  
VLAN ID  
See VLAN.  
VT-100 terminal … 6-1  
6 – Index  
Technology for better business outcomes  
© Copyright 2012 Hewlett-Packard Development Company, L.P.  
The information contained herein is subject to change without notice. The only  
warranties for HP products and services are set forth in the express warranty  
statements accompanying such products and services. Nothing herein should be  
construed as constituting an additional warranty. HP will not be liable for  
technical or editorial errors or omissions contained herein.  
November 2012  
Manual Part Number  
5998-3892  

York Y34 User Manual
Schumacher 00 99 000943 User Manual
Panasonic Cw Xc125hu User Manual
MAYTAG MDB8979SF User Manual
DIMPLEX DTK SP User Manual
DEZCTOP DA DBMONT BK1 User Manual
DACOR IF36LNBOL 02 User Manual
BROTHER FAX870MC User Manual
BLACK DECKER GL8033 User Manual
ACER EB192Q User Manual