Usin g HP -UX VLANs
HP 9000 Netw or k in g for HP -UX 11i
Ma n u fa ctu r in g Pa r t Nu m ber : T1453-90001
E0302
U. S. A.
© Copyright 2002 Hewlett-Packard Company.
Download from Www.Somanuals.com. All Manuals Search And Download.
HP-UX VLAN Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Benefits of HP-UX VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Types of VLANs Supported by HP-UX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
HP-UX VLAN Tagging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
System and Software Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Supported Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Unsupported Functionality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Planning HP-UX VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
How to Configure VLANs on the Switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
How to Configure VLANs on HP-UX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Configuration Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Properties of a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Special Case of VLAN ID 0--Priority Tagged Frames . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Promiscuous Mode Characteristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Allowable Values for HP VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Using VLANs with MC/ServiceGuard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
How is 802.1p Priority Set? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Setting 802.1p Priority, ToS, and Overrides . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Where to Get More Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
3. Con figu r in g VLANs Usin g SAM
Configuring VLANs Using SAM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Modifying Parameters in vlanconf File. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Using the lanadmin -V Command for Administering VLANs . . . . . . . . . . . . . . . . . . . . 48
lanadmin Syntax. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Using lanadmin to Create a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Using a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Using lanadmin to Modify a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
3
Download from Www.Somanuals.com. All Manuals Search And Download.
Using lanadmin to Delete a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Diagnostic Flowcharts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Flowchart 1: Link Level Tests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Flowchart 1a: Linkloop Test . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Flowchart 2: Network Level Tests. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Flowchart 2 Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
NetTL Trace and Log of VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Glossa r y . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
4
Download from Www.Somanuals.com. All Manuals Search And Download.
Table 1-1. Needed Patches for HP-UX VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Table 2-2. Allowable Values for Parameters in vlanconf File . . . . . . . . . . . . . . . . . . 29
Table 2-3. ToS to 802.1 User Priority Mappings Based on IP Precedence . . . . . . . . 32
Table 2-4. Allowable Settings for VLAN_PRI_OVERRIDE Value in vlanconf File . 33
Table 2-5. Allowable Settings for VLAN_TOS_OVERRIDE Value in vlanconf File . 34
Table A-1. Flowchart Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
5
Download from Www.Somanuals.com. All Manuals Search And Download.
Ta bles
6
Download from Www.Somanuals.com. All Manuals Search And Download.
Figure 1-1. VLANs (Virtual LANs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Figure 2-3. VLANs and Service Guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Figure 3-2. Action Pulldown for Creating Virtual LANs . . . . . . . . . . . . . . . . . . . . . . 39
Figure 3-3. Create Virtual LANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Figure 3-4. Add an IP Address for the VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Figure A-1. Flowchart 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Figure A-2. Flowchart 1a . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Figure A-3. Flowchart 1b . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Figure A-4. Flowchart 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Figure A-5. Flowchart 2a . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Figure A-6. Flowchart 2b . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
Figure A-7. Flowchart 2b (continued) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
7
Download from Www.Somanuals.com. All Manuals Search And Download.
Figu r es
8
Download from Www.Somanuals.com. All Manuals Search And Download.
What are HP-UX VLANs?
A Virtual LAN (VLAN) is a logical or virtual network segment that can
span multiple physical network segments. Using VLANs, you can group
switched-network end-stations by:
•
•
•
•
department, such as engineering and manufacturing,
type of user, such as power users or those with special needs,
application, or
project
instead of physical location (Figure 1-1).
Figu r e 1-1
VLANs (Vir tu a l LANs)
End
Users
Switches
Internetwork
Router
Servers
LAN 2
P h ysica l View
Marketing VLAN
Engineering VLAN
Manufacturing VLAN
Internetwork
Router
Logica l View
VLANs isolate broadcast and multicast traffic by determining which
destinations should receive that traffic, thereby making better use of
switch and end-station resources. With VLANs, broadcasts and
multicasts go only to the intended nodes in the virtual LAN.
10
Chapter 1
Download from Www.Somanuals.com. All Manuals Search And Download.
What are HP-UX VLANs?
VLANs create broadcast domains using switches instead of routers.
While VLANs in some environments may reduce the number of routers
needed (and their latency), you still need a router if you want the VLANs
to communicate with each other.
Chapter 1
11
Download from Www.Somanuals.com. All Manuals Search And Download.
What are HP-UX VLANs?
HP-UX VLAN Features
HP -UX VLAN Fea tu r es
Following are some of the features of HP-UX VLANs:
•
•
•
HP-UX VLANs are implemented with host-based IEEE 802.1Q/p
compliant tagging to allow configuring multiple VLANs on a given
Ethernet LAN card based on their IP-subnet, protocol, or LAN card
port.
HP VLANs are for use over fast Ethernet or gigabit Ethernet LAN
cards running on HP-UX 11i (11.11) PA-RISC-based servers and
workstations. HP-UX supports up to 1024 VLANS per LAN card
port.
HP-UX VLANs do not require you to rewrite applications, install
new hardware, or recable. They are also compatible with HP
MC/ServiceGuard as well as HP’s online addition and replacement
(OLAR) capabilities.
12
Chapter 1
Download from Www.Somanuals.com. All Manuals Search And Download.
What are HP-UX VLANs?
Benefits of HP-UX VLANs
Ben efits of HP -UX VLANs
The advantages of HP-UX VLANs are:
•
Physically dispersed workgroups can be logically connected within
the same broadcast domain to appear as if they are on the same
physical LAN.
•
•
•
A single physical link can simultaneously serve several IP subnets
when subnet-based VLANs are configured on that link.
Switches no longer need to classify and tag traffic. They focus on
forwarding packets.
Workgroups requiring increased security can be logically connected
within the same broadcast domain. Broadcast traffic will be isolated
within the secure group.
•
•
•
End stations using VLANs can offer rudimentary class of service
(CoS) locally by prioritizing traffic for certain activities.
HP-UX VLANs can be created, modified, and deleted without
rebooting.
HP-UX VLANs are interoperable with non-VLAN aware devices,
that is, devices such as servers or bridges that do not transmit or
receive tagged packets.
Chapter 1
13
Download from Www.Somanuals.com. All Manuals Search And Download.
What are HP-UX VLANs?
Types of VLANs Supported by HP-UX
Typ es of VLANs Su p p or ted by HP -UX
The types of HP-UX VLANs that you can create are as follows:
•
NIC-Port Based--A group of physical LAN card ports belong to the
same layer-2 broadcast domain. Each LAN card port transmits and
receives frames belonging to the VLAN associated with that port.
Members of the same port-based VLAN all have the same VLAN ID.
A VLAN ID uniquely identifies the VLAN to which a frame belongs.
•
•
Protocol Based--Common protocols such as IP, IPX, AppleTalk,
Decnet, and NetBIOS are grouped into layer-2 broadcast domains.
IP Subnet Based--Each IP subnet has its own unique VLAN. Traffic
from different subnets is logically separated from each other as if
each subnet were on a different LAN segment.
Please refer to “Planning HP-UX VLANs” in this document for more
information on setting up the different types of VLANs described.
HP-UX VLANs conform to IEEE specifications 802.1Q (for VLAN
tagging) and IEEE 802.1p (MAC-level frame prioritizing) to provide
end-to-end class of service (CoS).
14
Chapter 1
Download from Www.Somanuals.com. All Manuals Search And Download.
What are HP-UX VLANs?
HP-UX VLAN Tagging
HP -UX VLAN Ta ggin g
Network switches and end stations that know about VLANs are said to
be VLAN-a w a r e. Network switches and end stations that can interpret
VLAN tags are said to be VLAN-ta g-a w a r e. HP-UX VLAN-tag-aware
end stations add VLAN tags to standard Ethernet frames--a process
called exp licit ta ggin g. A VLAN tag (Figure 1-2) identifies which
VLAN a data frame belongs to and enables traffic from more than one
VLAN to use the same switch or LAN card port (Figure 1-3).
When a VLAN-aware switch receives data from an end-station, the
switch determines where the data is to go and whether the VLAN ID
should be retained. If the data is to go to a device that can recognize the
VLAN tag, the VLAN tag is retained. If the data is to go to a device that
has no knowledge of VLANs (VLAN-u n a w a r e), the switch sends the
data without the VLAN tag.
Figu r e 1-2
IEEE 802.1Q VLAN Ta g in Eth er n et Fr a m e
4 Bytes
Destin a tion Sou r ce
802.1Q
Typ e/Len
Da ta
Fr a m e
Ch eck
Ad d r ess
Ad d r ess
VLAN Ta g
2 Bytes (Ta g Con tr ol In for m a tion )
2 Bytes
User
P r ior ity
3 bits
Ca n on ica l
VLAN ID
Ta g
P r otocol
ID
For m a t
In d ica tor
1 bit
12 bits
You must configure VLAN tagging on switch ports that interface to
end-stations that have tagged VLANs. If a switch or end-station port is
member of only a single, port-based VLAN, tagging is not required.
To transmit tagged frames, you must configure a VLAN on the
end-station with a VLAN ID that matches the VLAN ID of a tagged
VLAN on the switch port and the VLAN ID of a VLAN at the remote
end-station. Refer to the next 3 chapters in this guide for complete
details on configuring VLANs on your HP-UX end stations.
Chapter 1
15
Download from Www.Somanuals.com. All Manuals Search And Download.
What are HP-UX VLANs?
System and Software Requirements
System a n d Softw a r e Requ ir em en ts
Following are the hardware and software requirements for VLANs as of
March 2002:
•
Type of HP System Required
— HP-UX Precision Architecture (PA-RISC).
OS Required
•
— HP-UX 11i (11.11). New HP servers and workstations shipped
after March 2002 already have VLAN technology pre-installed in
the operating environment. For computers shipped before March
2002, check the product Information Sheet to see if the VLAN
product can be loaded by way of required patches.
•
VLANs work over all HP HSC and PCI 100Base LAN cards and all
HP HSC and PCI 1000Base LAN cards.
Pa tch es Requ ir ed for th e Ma r ch 2002 HP -UX 11i-ba sed
Ver sion
The following patches are required in order to use the HP-UX VLAN
software on HP-UX 11i-based systems.
These patch numbers are current at the time of publication and may be
superseded. Check to see if these patches are superseded, and download
Ta ble 1-1
Need ed Pa tch es for HP -UX VLANs
Dr iver
11i Pa tch #
Tr a n sp or t
PHNE_25644
PHNE_23465
PHNE_24491
PHNE_24473
PHNE_25388
100Ba se-T *
Giga bit *
n ettl, n etfm t, a n d n ettla d m
LAN--cor e p a tch th a t en a bles
VLANs
Chapter 1
17
Download from Www.Somanuals.com. All Manuals Search And Download.
What are HP-UX VLANs?
System and Software Requirements
Ta ble 1-1
Need ed Pa tch es (Con tin u ed )for HP -UX VLANs (Con tin u ed )
Dr iver
11i Pa tch #
SAM
PHCO_25866
* Either the 100Base-T or Gigabit patch
may be optional depending on which
link type you have.
18
Chapter 1
Download from Www.Somanuals.com. All Manuals Search And Download.
What are HP-UX VLANs?
Supported Switches
Su p p or ted Sw itch es
HP-UX VLANs are supported with switches that implement IEEE
802.1Q-compliant VLAN tagging. The switches must implement at least
port-based VLANs and must be VLAN-tag aware. The following switches
are among those that support HP-UX VLANs:
•
•
•
•
HP ProCurve 9304M
HP ProCurve 4000M/8000M
Extreme Summit 7i
Cisco Catalyst 6509
Chapter 1
19
Download from Www.Somanuals.com. All Manuals Search And Download.
What are HP-UX VLANs?
Unsupported Functionality
Un su p p or ted F u n ction a lity
HP-UX VLANs do not support the following functionality:
•
GARP VLAN registration protocol (GVRP) is currently not
supported. HP-UX VLANs will not send GVRP messages or interpret
them.
•
HP-UX VLANs do not operate on:
— Any Itanium-based servers whether the LAN card is factory
installed or customer installed.
— HP-UX 11.20, 11.0, and 10.20.
— FDDI, Token Ring, ATM, 100VG, EISA, and HP-PB LAN cards.
20
Chapter 1
Download from Www.Somanuals.com. All Manuals Search And Download.
Overview of Installation and Configuration
Planning HP-UX VLANs
P la n n in g HP -UX VLANs
The following requirements must be satisfied before setting up VLANs in
an HP-UX network:
•
•
•
In order for both end stations of a VLAN to communicate, both the
end-station LAN cards and the switch ports that are connected to
those LAN cards on a point-to-point link need to be VLAN-tag-aware.
For VLANs to communicate with each other, an external
VLAN-aware switch or router is required (Figure 2-1). However, it is
not possible to extend a single vlan across a router.
If a hub is connected to a network of VLANs, every port on the hub
must belong to the same VLAN. Hubs do not have the ability to
provide VLANs to individual ports.
VLAN awareness does not provide any benefit in a shared LAN
environment (using hubs or repeaters). In these shared LAN
environments, all stations see all traffic whether it is VLAN tagged or
not.
Figu r e 2-1
Com m u n ica tion between VLANS Requ ir es a n Exter n a l Rou ter
LAN Card with Two
Port-Based
VLANs Configured
Port A2
Red VLAN
Port A1
External
Router
Port A3
Green VLAN
Port A4
22
Chapter 2
Download from Www.Somanuals.com. All Manuals Search And Download.
Overview of Installation and Configuration
How to Configure VLANs on the Switch
How to Con figu r e VLANs on th e Sw itch
IEEE 802.1Q compliant devices and legacy/untagged VLANs can coexist
on the same networks, but legacy/untagged VLANS require a separate
link, whereas the 802.1Q tagged VLANs can combine several VLANs
into one link. On 802.1Q-compliant devices, separate ports (configured as
untagged) must be used to connect separate VLANs to non-802.1Q
devices.
Figu r e 2-2
Ta gged a n d Un ta gged VLAN Tech n ology in Sa m e Netw or k
Switch Port
untagged or native VLAN
VLAN 1
Untagged
Tagged
tagged VLAN
VLAN 2
VLAN 3
VLAN 4
LAN
Card
Port
tagged VLAN
tagged VLAN
When you assign a switch port to a given VLAN, you must implement the
VLAN tag if the switch port will carry traffic for more than one VLAN.
Otherwise, the port VLAN assignment can remain u n ta gged because
the tag is not needed. On a given switch, use the untagged designation
for a port VLAN assignment where the port is connected to a
non-802.1Q-compliant device or is assigned to only one VLAN as in
VLAN 1 in Figure 2-2. Use the ta gged designation when more than one
VLAN is assigned to the port, or the port is connected to a device that
does comply with the 802.1Q standard as in VLANs 2 through 4 in
Figure 2-2. These simple rules are summarized in Table 2-1.
Chapter 2
23
Download from Www.Somanuals.com. All Manuals Search And Download.
Overview of Installation and Configuration
How to Configure VLANs on the Switch
Ta ble 2-1
Su m m a r y of VLAN Ta ggin g Assign m en t
VLANs Per
Por t
Ta ggin g Sch em e
1
Untagged or Tagged. If the device connected
to the port is 802.1Q-compliant, then the
recommended choice is “Tagged.”
2 or more
1 VLAN Untagged; all others Tagged
or
All VLANs Tagged
A given VLAN must have the same VLAN ID on any
802.1Q-compliant device in which the VLAN is configured.
24
Chapter 2
Download from Www.Somanuals.com. All Manuals Search And Download.
Overview of Installation and Configuration
How to Configure VLANs on HP-UX
How to Con figu r e VLANs on HP -UX
Ch oose Con figu r a tion Meth od : Use SAM; Ed it
vla n con f; Use la n a d m in
There are three ways to configure VLANs: the first two methods preserve
configuration changes across reboots; the third applies changes
immediately but doesn’t preserve configuration changes across reboots:
To permanently save your configurations, you can either:
•
Use the GUI-based system admin manager (SAM). To use SAM,
refer to the instructions in “Configuring VLANs Using SAM” in this
document for details, and then do the steps for verifying VLANs.
Using SAM reduces risk of errors and saves your data permanently.
If you use, SAM, configuration doesn’t require a reboot to take effect.
or
•
Edit the /etc/r c.con fig.d /vla n con f configuration file using an editor
such as “vi.” Changes will not take effect until the next reboot. Refer
to “Configuring VLANs by Editing the vlanconf File” in this
document for instructions on editing the configuration file for
VLANs.
To temporarily configure VLANs on a live system, you can:
Use the lanadmincommand from the HP-UX command line.
•
CAUTION
If you use the lanadmincommand to administer VLANs, those changes
are not preserved across reboots. See “Using the lanadmin Command for
Administering VLANs” for details on the lanadmincommand.
Chapter 2
25
Download from Www.Somanuals.com. All Manuals Search And Download.
Overview of Installation and Configuration
Configuration Process
Con figu r a tion P r ocess
Following are the steps to configure HP-UX VLANs. These steps are for
defining VLAN membership, assigning names, VLAN IDs, and port
assignments. This procedure assumes that the switches can add VLAN
tags:
1. Determine the network topology affected. Either draw the affected
network topology or list it. Include all affected end
stations--workstations and servers.
2. Define the VLANs. Decide, according to your requirements, which
systems belong to which logical groups.
3. Assign VLAN IDs to each VLAN. Ensure that the assignments are
consistent across endstations and switches; otherwise, stations will
not communicate with each other. A VLAN ID can be any number
between 0 and 4094 that is used only once within that port.
NOTE
The VLAN ID is not the same as the number of VLANs supported
--HP-UX supports up to 1024 VLANS per LAN card port.
4. Determine which LAN card ports need tagged VLANs and which do
not. Typically, you may need to put a server LAN card port in several
VLANs while a desktop LAN card port can belong to just one VLAN.
5. Assign VLAN IDs to each LAN card port on end stations and
switches. Mark VLANs on the switches as tagged or untagged
according to the LAN card port to which they are connected.
6. On HP-UX servers that must belong to several VLANs, create
VLANs on the corresponding LAN card ports.
26
Chapter 2
Download from Www.Somanuals.com. All Manuals Search And Download.
Overview of Installation and Configuration
Properties of a VLAN
P r op er ties of a VLAN
When a VLAN is created on a given LAN card port, (see “Creating a
VLAN”), the system generates a virtual PPA or VP PA which can be used
to send and receive 802.1Q tagged frames on that LAN card. Each
HP-UX VLAN has a Virtual PPA associated with it. A VPPA has
essentially the same properties as a physical point of attachment (PPA)
on a LAN card. The differences are:
1. A VPPA is associated with a VLAN, the properties of which are
determined by the create (or modify) command. The PPA of a
physical interface doesn’t have a VLAN associated with it.
2. A VLAN doesn’t have a unique hardware instance. VPPA values are
assigned such that they don’t overlap with hardware instance
numbers of physical interfaces on the system.
Note: the PPA assigned to a LAN card port is the same as its
hardware instance number.
3. A VLAN shares all the link properties of the physical interface on
which it is configured. Any changes to the underlying physical
interface will be propagated to all its VPPAs.
In the sample lanscan output in the section “Displaying a VLAN and
its Properties,” lan5000 shares all the properties (such as speed,
duplexity, MTU, MAC address) of the physical port with which it is
associated, lan0.
4. All frames transmitted via a VPPA are VLAN tagged. Frames
transmitted via a physical PPA are sent untagged.
5. lanadminnon-interactive mode options to set the value of MTU (-M),
speed (-S or -X), station address (-A) and reset the MTU (-R) and
interactive mode options “reset” and “special” are not supported
for VPPAs.
6. lanadmininteractive mode displays and clears driver statistics for
VPPAs.
Chapter 2
27
Download from Www.Somanuals.com. All Manuals Search And Download.
Overview of Installation and Configuration
Special Case of VLAN ID 0--Priority Tagged Frames
Sp ecia l Ca se of VLAN ID 0--P r ior ity Ta gged
Fr a m es
VLAN ID 0 means that the frame doesn’t belong to any VLAN but has
802.1p priority information. Ensure that any switches used with HP-UX
VLANs support VLAN ID 0.
P r om iscu ou s Mod e Ch a r a cter istics
Only one stream can be running in unfiltered promiscuous mode per
physical interface plus all its VLAN interfaces put together.
The promiscuous stream will be able to see all frames transmitted or
received on the physical LAN card port--all tagged and untagged.
28
Chapter 2
Download from Www.Somanuals.com. All Manuals Search And Download.
Overview of Installation and Configuration
Allowable Values for HP VLANs
Allow a ble Va lu es for HP VLANs
Table 2-2 lists the allowable values for configuring VLANs in the
/etc/r c.con fig.d /vla n con f file. It describes the parameter functions,
default values, and allowable ranges.
For the format of the /etc/r c.con fig.d /vla n con f file, refer to
“Configuring VLANs by Editing vlanconf File” in this document.
Ta ble 2-2
Allow a ble Va lu es for Pa r a m eter s in vla n con f File
Pa r a m eter --
d escr ip tion
Ra n ge a n d
Restr iction s
Defa u lt
Typ e
VLAN_ID-- VLAN ID 0 - 4094; unique within
None
Integer
NIC
1 VLAN ID per VLAN;
VLAN_PRIORITY--
802.1p priority for
outbound VLAN
frames
0 - 7
0
Integer
VLAN_TOS-- Type of
0 - 255
0
Integer
Service value
VLAN_PRI_OVERRIDE CONF_PRI/
CONF_PRI
Case-sensitive
character
string.
-- Priority Override
level
IP_HEADER/
CONF_TOS
VLAN_TOS_OVERRIDE IP_HEADER/
IP_HEADER
Case-sensitive
character
string.
-- Type of service
Override Level
ETHER_HEADER/
CONF_TOS/
CONF_PRI
1
VLAN_NAME-- VLAN
name
31 chars; keyword not
allowed; unique within
NIC;
Alphanumeric
character string.
Case-sensitive
None
1 VLAN name per VLAN
VLAN_VPPA-- Virtual starts at # 5000;
None
Integer
PPA number
1 VPPA per
vlanid; unique per system
Chapter 2
29
Download from Www.Somanuals.com. All Manuals Search And Download.
Overview of Installation and Configuration
Allowable Values for HP VLANs
Ta ble 2-2
Allow a ble Va lu es for Pa r a m eter s in vla n con f File (Con tin u ed )
Pa r a m eter --
d escr ip tion
Ra n ge a n d
Restr iction s
Defa u lt
Typ e
1
Default is an empty string; lanadmin will display it as UNNAMED.
30
Chapter 2
Download from Www.Somanuals.com. All Manuals Search And Download.
Overview of Installation and Configuration
Using VLANs with MC/ServiceGuard
Usin g VLANs w ith MC/Ser viceGu a r d
You can create MC ServiceGuard fail-over groups with VLANs as long as
the primary and standby links are both VLAN interfaces with the same
VLAN ID. See Figure 2-2 for an example. Please refer to HP MC
ServiceGuard documentation for more details.
Exa m p le:
Figu r e 2-3
VLANs a n d Ser vice Gu a r d
F G3
F G2
la n 5003
la n 5002
la n 5001
la n 5000
vla n id
2
vla n id
1
vla n id
2
vla n id
1
la n 2
F G1
la n 1
F G1 = Fa il-over gr ou p 1
F G2 = Fa il-over gr ou p 2
F G3 = Fa il-over gr ou p 3
Chapter 2
31
Download from Www.Somanuals.com. All Manuals Search And Download.
Overview of Installation and Configuration
How is 802.1p Priority Set?
How is 802.1p P r ior ity Set?
IP packets are classified and marked into different priority levels and the
markings are transported through a type of service (ToS) octet in the
IPv4 header and a traffic class field in the IPv6 header.
HP-UX end stations transmit IPv4 type-of-service (ToS) values but do
not enforce priority. The end stations perform ToS-to-802.1p conversion
and vice-versa for IP packets depending on how the VLAN overrides are
set. They also allow 802.1p priority setting for non-IP packets.
Priority may be set by user, destination address, input port, output port,
access priority, or by VLAN. User priority is a 3-bit field which allows
priority information to be encoded in the frame. The eight levels of IEEE
802.1p recommended user priorities are shown in Table 2-3.
Ta ble 2-3
ToS to 802.1 User P r ior ity Ma p p in gs Ba sed on IP P r eced en ce
IEEE 802.1p
User
P r ior ity
HP WebQoS ToS
Va lu e Ra n ge
Tr a ffic Typ e
0xE0 - 0xFF
0xC0 - 0xDF
0xA0 - 0xBF
0x80 - 0x9F
0x60 - 0x7F
0x40 - 0x5F
7 (highest)
Network Management
Voice
6
5
4
3
Video
Controlled Load
Excellent Effort
Best Effort
0 (routine
traffic)
0x20 - 0x3F
0x00 - 0x1F
2
Undefined
1 (lowest)
Background
32
Chapter 2
Download from Www.Somanuals.com. All Manuals Search And Download.
Overview of Installation and Configuration
How do Pri and ToS Override Affect My Inbound and Outbound frames?
How d o P r i a n d ToS Over r id e Affect My
In bou n d a n d Ou tbou n d fr a m es?
Consider the following command.
lanadmin -V create vlanid VID pri PRI tos TOS pri_override
PO tos_override TO 6
This command will create a VLAN interface on PPA 6, with VID as the
VLAN ID, PRI as the 802.1p priority, TOS as the IPv4 ToS value.
•
All frames transmitted via the newly created interface will be VLAN
tagged.
•
•
The VLAN ID field in the tag will be VID without exception.
Please note that non-IP packets are not affected by PO, TO, and TOS
settings. Outbound non-IP packets are always tagged with VLAN ID
VID and 802.1p priority PRI.
traffic.
•
The 802.1p priority value in the VLAN tag is determined by the PRI,
PO, and TOS settings as shown in Table 2-4.
•
The ToS value of an inbound IP packet header is determined by TOS,
TO, and PRI settings as shown in Table 2-5.
Ta ble 2-4
Allow a ble Settin gs for VLAN_P RI_OVERRIDE
Va lu e in vla n con f File
P r ior ity Over r id e Settin g
CONF_PRI (default)
IP_HEADER
VLAN Tag priority setting is PRI.
VLAN Tag priority comes from
ToS to 802.1p mapping table (see
Table 2-3). The ToS value is taken
from the IP header.
Chapter 2
33
Download from Www.Somanuals.com. All Manuals Search And Download.
Overview of Installation and Configuration
How do Pri and ToS Override Affect My Inbound and Outbound frames?
Ta ble 2-4
Allow a ble Settin gs for VLAN_P RI_OVERRIDE
P r ior ity Over r id e Settin g
Ou tbou n d IP Pa ck ets
CONF_TOS
VLAN Tag priority comes from
ToS to 802.1p mapping table (see
Table 2-3). The ToS value used is
TOS.
Ta ble 2-5
Allow a ble Settin gs for
VLAN_TOS_OVERRIDE Va lu e in vla n con f
File
In bou n d IP Pa ck et Hea d er
ToS Settin g
ToS Over r id e Settin g
IP_HEADER (default)
IP header ToS value is
undisturbed.
CONF_TOS
overwritten with TOS
ETHER_HEADER
IP header ToS value is
overwritten with a value from the
802.1p to ToS mapping table (see
Table 2-3). The 802.1p value used
inbound frame.
CONF_PRI
IP header ToS value is
overwritten with a value from the
802.1p to ToS mapping table (see
Table 2-3). The 802.1p value used
is PRI.
34
Chapter 2
Download from Www.Somanuals.com. All Manuals Search And Download.
Overview of Installation and Configuration
Setting 802.1p Priority, ToS, and Overrides
Settin g 802.1p P r ior ity, ToS, a n d Over r id es
802.1p priority is the priority in the tag in the frame header. Switches
can use the 802.1p priority.
ToS is the IP precedence in the IP header. Switches ignore ToS. Routers
may use it.
The Priority Override Levels for Outbound Traffic are as follows:
CONF_PRI
IP_HEADER
CONF_TOS
Your specified priority will be used.
IP header ToS will be converted to 802.1p priority.
Your specified ToS value will be converted to 802.1p
priority according to the values shown in Table 2-1.
The ToS Override Levels for Inbound Traffic are as follows:
IP_HEADER ToS value in the IP header will be used.
ETHER_HEADER Ether header 802.1p priority will be
converted to ToS value.
CONF_TOS
CONF_PRI
ToS specified by user will used.
Your specified 802.1p priority will be converted
to ToS.
Wh er e to Get Mor e In for m a tion
For information on using the lanadmincommand to temporarily modify
HP-UX VLANs (between reboots), type:
man vlan.
Chapter 2
35
Download from Www.Somanuals.com. All Manuals Search And Download.
Overview of Installation and Configuration
Where to Get More Information
36
Chapter 2
Download from Www.Somanuals.com. All Manuals Search And Download.
Configuring VLANs Using SAM
Configuring VLANs Using SAM
Con figu r in g VLANs Usin g SAM
You can use SAM to configure VLANs by completing the following steps:
1. Log in as root.
2. Check the HP-UX version by typing: uname -a. The version should
be HP-UX 11i (11.11)
3. At the HP-UX prompt, type: sam
4. At the SAM main window, double click:
Networking and Communications
5. There are then 2 ways to access VLAN configuration. Either choose
the icon Virtual LAN, or choose Network Interface Cardsand
then show the VLANs by using the List Pulldown.
SAM displays a list of VLAN-aware physical interfaces and all
VLANs created on them (Figure 3-1).
Figu r e 3-1
List P u lld ow n w ith Vir tu a l LANs Disp la yed
38
Chapter 3
Download from Www.Somanuals.com. All Manuals Search And Download.
Configuring VLANs Using SAM
Configuring VLANs Using SAM
6. On the Virtual LANscreen, available VLAN-aware cards are
displayed. When you select a LAN card and then use the Create
VLANpulldown (Figure 3-2), the Create VLANscreen appears (Figure
3-3). For the VLAN ID, enter any number between 0 and 4094 and use
it only once within that port.
NOTE
The VLAN ID is not the same as the number of VLANs supported
--HP-UX supports up to 1024 VLANS per LAN card port.
Figu r e 3-2
Action P u lld ow n for Cr ea tin g Vir tu a l LANs
On this screen, you can optionally add a VLAN Name (31 chars, and
unique within a LAN card), priority, ToS, and overrides. See the
chapter “Overview of Installation and Configuration:” or the online
help for details.
Chapter 3
39
Download from Www.Somanuals.com. All Manuals Search And Download.
Configuring VLANs Using SAM
Configuring VLANs Using SAM
Figu r e 3-3
Cr ea te Vir tu a l LANs
After you have assigned a VLAN ID, the VLAN then shows on the
main screen with the status Not Configured. You then highlight the
VLAN, and select the Configure IP Addresspulldown action. This
displays the Add an IP Address for the VLAN screen (Figure 3-4).
After you have configured an IP address for the VLAN, its status on
the main screen will show as Enabled.
Assign VLAN IDs to each VLAN. Ensure that the assignments are
consistent across endstations and switches; otherwise, stations will
not communicate with each other.
NOTE
On a switch or end-station, all the frames for a specific VLAN must
be either tagged or untagged. All devices in a VLAN’s data path must
be VLAN-aware (one that understands VLAN membership and
formats).
Once a VLAN has been configured, you can modify its properties
even if it is in the Enabledstate.
40
Chapter 3
Download from Www.Somanuals.com. All Manuals Search And Download.
Configuring VLANs Using SAM
Configuring VLANs Using SAM
On the Modify VLAN Properties screen, the fields are all optional;
the data elements are the same as discussed in the chapter
“Overview of Installation and Configuration:” VLAN name, VPPA,
priority, ToS, and overrides.
Figu r e 3-4
Ad d a n IP Ad d r ess for th e VLAN
7. At any time, view the online help pulldown menu for doing any of the
listed tasks or for finding help on a specific field.
Chapter 3
41
Download from Www.Somanuals.com. All Manuals Search And Download.
Configuring VLANs Using SAM
Configuring VLANs Using SAM
42
Chapter 3
Download from Www.Somanuals.com. All Manuals Search And Download.
Configuring VLANs by Editing vlanconf File
Modifying Parameters in vlanconf File
Mod ifyin g Pa r a m eter s in vla n con f File
Following is the format of the /etc/r c.con fig.d /vla n con f file. To
permanently save changes to this file, either use SAM or use a text editor
such as “vi.” If you use the lanadmincommand line interface to make
changes to VLANs, your configuration will not be preserved after reboots
unless you modify the vla n con f file manually.
# vlanconf: configuration values to create VLAN Virtual
#
#
#
#
Interface. This file will maintain the VLAN
information across reboot, and will be modified
by SAM. You can also edit this file.
# VLAN_PHY_INTERFACE : Physical interface name, see
#
#
lanscan(1m)output. This value must be
specified.
#
# VLAN_ID
#
#
#
: Unique VLAN id for VLAN. VLAN id is a
positive integer value which can range
from 0 to 4094. This value must be
specified.
#
# VLAN_PRIORITY
#
#
#
: Priority for the VLAN. Priority is
a positive integer value which can
range from 0 to 7. Default value of 0
will be taken if not specified.
#
# VLAN_TOS
: Inbound ToS value applicable to IP
packets. Its a positive integer value
that ranges from 0 to 255. A default
value of 0 will be taken if not
specified.
#
#
#
#
#
# VLAN_PRI_OVERRIDE : Outbound priority override level. It
#
#
#
#
#
#
#
#
#
#
tells the system what priority to
choose, when tagging the packets with
VLAN information.Allowed priority
override levels are as follows:
CONF_PRI - User specified priority
will be used (default if
not specified).
IP_HEADER - IP header ToS will be
converted to 802.1p
44
Chapter 4
Download from Www.Somanuals.com. All Manuals Search And Download.
Configuring VLANs by Editing vlanconf File
Modifying Parameters in vlanconf File
#
#
#
#
#
#
#
#
#
priority. Only for
IP packets. For non-IP
packets, CONF_PRI
will be used.
CONF_TOS - User specified ToS, taken
from VLAN_TOS[] will be
converted to
802.1p priority.
# VLAN_TOS_OVERRIDE : Inbound ToS value to be used for IP
#
packets.
#
Allowed ToS override levels are as follows:
#
#
#
#
#
IP_HEADER
- ToS value in the IP
header will be used
(default if not
specified).
#
#
ETHER_HEADER - Ether header 802.1p
priority will be
#
converted to ToS
#
value.
#
#
#
#
#
#
CONF_TOS
CONF_PRI
- ToS specified by the user
will be used.
- 802.1p priority given in
VLAN_PRIORITY[] will
be converted to ToS
value.
#
# VLAN_NAME
#
#
#
: Name of the VLAN. Its a simple string,
which consists of alphanumeric
characters. No special characters
allowed.
#
# VLAN_VPPA
: User requested VPPA for the VLAN Virtual
Interface that will be created by the
information given above. If not
#
#
#
#
#
specified system will assign a VPPA.
# For each VLAN configuration, add a set of variable # assignments like the ones
below, changing the index to “[1]”, # “[2]” et cetera.
##############################################################
#
# Sample Entry
#
# VLAN_PHY_INTERFACE[1]=
Chapter 4
45
Download from Www.Somanuals.com. All Manuals Search And Download.
Configuring VLANs by Editing vlanconf File
Modifying Parameters in vlanconf File
# VLAN_ID[1]=
# VLAN_PRIORITY[1]=
# VLAN_TOS[1]=
# VLAN_PRI_OVERRIDE[1]=
# VLAN_TOS_OVERRIDE[1]=
# VLAN_NAME[1]=””
# VLAN_VPPA[1]=
Example:
Following is an example where the physical interface lan0 has been
assigned a VLAN ID of 1, default values for VLAN priority, VLAN ToS,
VLAN priority override, VLAN ToS override, the name “Red,” and a
VLAN PPA of 5000.
VLAN_PHY_INTERFACE[0]=lan0
VLAN_ID[0]=1
VLAN_PRIORITY[0]=0
VLAN_TOS[0]=0
VLAN_PRI_OVERRIDE[0]=CONF_PRI
VLAN_TOS_OVERRIDE[0]=IP_HEADER
VLAN_NAME[0]=Red
VLAN_VPPA[0]=5000
46
Chapter 4
Download from Www.Somanuals.com. All Manuals Search And Download.
Using lanadmin -V to Administer VLANs
Using the lanadmin -V Command for Administering VLANs
Usin g th e la n a d m in -V Com m a n d for
Ad m in ister in g VLANs
To configure VLANs, you use either the GUI-based system admin
manager (SAM) or edit the configuration file with an editor. VLAN
configuration doesn’t require a reboot to take effect. If you use SAM, your
configurations will be preserved after reboots in a configuration file
called /etc/r c.con fig.d /vla n con f.
If you use the lanadmincommand line interface, your configuration will
not be preserved after reboots unless you also save the configuration in
the vlanconf file by either using SAM or editing it. See “Modifying
Parameters in vlanconf File” in this document for the format of the
/etc/r c.con fig.d /vla n con f file.
la n a d m in Syn ta x
If you use the lanadmincommand line interface to work with VLANs,
you can display the general usage string by typing:
lanadmin -V help
General usage string:
lanadmin -V create vlanid <vlanid> (range 0-4094)
[pri <priority> (range 0 - 7, default 0)]
[tos <ToS value> (range 0-255, default 0)]
[vppa <vppa>]
[name <name> (31 characters alphanumeric
string)]
[tos_override <level>(IP_HEADER, ETHER_HEADER,
CONF_TOS or CONF_PRI,
default IP_HEADER)]
[pri_override <level>(CONF_PRI,IP_HEADER
or CONF_TOS, default CONF_PRI)] <ppa>
-V delete <vppa>
-V modify [vlanid <vlanid> (range 0-4094)]
[pri <priority> (range 0 - 7)]
[tos <ToS value> (range 0-255)]
[name <name> (31 characters alpha numeric
string]
[tos_override <level>(IP_HEADER, ETHER_HEADER,
48
Chapter 5
Download from Www.Somanuals.com. All Manuals Search And Download.
Using lanadmin -V to Administer VLANs
Using the lanadmin -V Command for Administering VLANs
CONF_TOS or CONF_PRI)
[pri_override <level>(CONF_PRI,IP_HEADER or
CONF_TOS)] <vppa>
-V scan
-V info <vppa>
-V basevppa
-V help
Usin g la n a d m in to Cr ea te a VLAN
Assume that the system has the following configuration as shown by the
lanscancommand output.
lanscan
Hardware Station
Path Address
1/2/3 0x001083FF9951 0 UP
1/2/4 0x006023456789 1 DOWN lan1 snap1
Crd Hdw
In# State NamePPA
lan0 snap0
Net-Interface
NM
ID
1
MAC HP-DLPI DLPI
Type Support Mjr#
ETHER Yes
ETHER Yes
119
119
2
To configure a VPPA with VLAN ID 454 and a priority of 6 on “lan0”,
execute the following command.
lanadmin -V create vlanid 454 pri 6 0
Successfully configured
lan5000: vlanid 454 name UNNAMED pri 6 tos 0 tos_override IP_HEADER pri_override
CONF_PRI ppa 0
This command created a VLAN “lan5000” on top of the physical interface
lan0. The PPA associated with this VLAN, 5000, is referred to as a
VPPA, short for Virtual PPA. Note: the parameters that were not
specified in the command have been assigned default values.
Disp la yin g a VLAN a n d its P r op er ties
You can use the default lanscan command to view all the interfaces as
follows.
lanscan
VLAN0 0x001083FF9951 5000 UP
1/2/4 0x006023456789 1 DOWN
lan5000snap5000 14
lan1 snap1
ETHER Yes
ETHER Yes
119
119
2
Chapter 5
49
Download from Www.Somanuals.com. All Manuals Search And Download.
Using lanadmin -V to Administer VLANs
Using the lanadmin -V Command for Administering VLANs
The VLAN (lan5000) appears in lanscan output just like a physical
interface. VPPAs are identified by the string “VLANx” in the hardware
path, where x is a number and is unique per VPPA. In the lanscan
output, VPPAs of a given physical interface are displayed just after the
corresponding physical interface.
The verbose option of the lanscancommand displays more information
about the VLAN.
lanscan -v
Hardware
Path
Station
Address
Crd Hdw
Net-Interface
PPA
NM
ID
MAC HP-DLPI DLPI
Type Support Mjr#
In# State Name
VLAN0
Extended Station
Address
0x001083FF9951 5000 UP
lan5000 snap5000 14
LLC Encapsulation
Methods
ETHER
Yes 119
0x001083FF9951
Driver Specific Information
vlan
.......................................................................
Vlan ID Phy-PPA Priority ToS Priority-Override ToS-Override Name
454
0
6
0 CONF_PRI
IP_HEADER
UNNAMED
Usin g la n a d m in to Set 802.1p P r ior ity, ToS, a n d Over r id es
The lanadmin -V create vlanidcommand has options to set the
802.1p priority, called pri, and/or the Type of Service (ToS) value, called
tos. It also has pri_override and tos_override. For more details, refer to
“Setting 802.1p Priority, ToS, and Overrides” in this document.
Usin g la n a d m in to Qu er y for VLANs on a System
The following command can be used to query for the list of VPPAs
configured and their properties.
lanadmin -V scan
A sample output for the successful command is as follows:
VLAN
Physical VLAN
Pri Pri
Override
ToS
ToS
Override
Level
NAME
Interface Interface ID
Name
Level
lan5000
lan5003
lan5001
lan0
lan0
lan1
5
11
1
2
5
4
CONF_PRI
CONF_PRI
IP_HEADER
25
204
64
IP_HEADER
CONF_PRI
IP_HEADER
purple
newone
lan5002
lan2
3
7
CONF_TOS
200
CONF_PRI
UNNAMED
Note: UNNAMED will be displayed as the VLAN name if there is no
name associated with the VPPA.
50
Chapter 5
Download from Www.Somanuals.com. All Manuals Search And Download.
Using lanadmin -V to Administer VLANs
Using the lanadmin -V Command for Administering VLANs
Qu er yin g for a Sin gle VP PA on a System You can query the Virtual
PPA using the following command:
lanadmin -V info <vppa>
The info command will return the output in the following format when
successful.
Example: lanadmin -V info 5000
VLAN
Physical
VLAN
ID
Pri Pri
Override
ToS
25
ToS
NAME
Interface Interface
Name
Override
Level
Level
lan5000
lan0
5
2
CONF_PRI
IP_HEADER
Qu er yin g for a Ba se VP PA Va lu e You can determine the minimum
acceptable value for a Virtual PPA using the following command:
lanadmin -V basevppa
Example: lanadmin -V basevppa
5000
Usin g a VLAN
Once a VLAN is created, its VPPA can be used to configure protocols,
send commands, and transmit and receive data just like a physical point
of attachment (PPA). For example, to configure an IP address on the
VLAN, type:
ifconfig lan5000 inet 100.2.1.1 netmask 255.255.255.0 up
NOTE
You cannot change physical link properties such as speed, duplexity, or
maximum transmission unit (MTU) over a VLAN. If you make changes
to a physical interface, those changes will be reflected in the VLANs on
that interface.
Usin g la n a d m in to Mod ify a VLAN
The properties of a VLAN can be modified using lanadmin. For example,
to change the VLAN ID to 53 and priority to 3, on lan5000, type:
Chapter 5
51
Download from Www.Somanuals.com. All Manuals Search And Download.
Using lanadmin -V to Administer VLANs
Using the lanadmin -V Command for Administering VLANs
lanadmin -V modify vlanid 53 pri 3 5000
Successfully modified lan5000
Old value: vlanid 454 pri 6
New value: vlanid 53 pri 3
After the modification, the lanscan -voutput will display:
Hardware Station
Crd Hdw
In# State NamePPA
0x001083FF9951 5000 UP lan5000 snap5000 14 ETHER Yes
Net-Interface
NM MAC
ID Type Support Mjr#
119
HP-DLPI DLPI
Path
Address
VLAN0
Extended Station
Address
LLC Encapsulation
Methods
0x001083FF9951
Driver Specific Information
vlan
.......................................................................
Vlan ID Phy-PPA Priority ToS Priority-Override ToS-Override Name
53
0
3
0
CONF_PRI
IP_HEADER
UNNAMED
Usin g la n a d m in to Delete a VLAN
Before deleting a VLAN, ensure that there are no applications or upper
layer protocols active on the VLAN by running:
lanadmin -p <VPPA>.
This command displays the applications and commands that are
presently using the interface. For example, if the only thing done to
lan5000 is configure an IP address, the lanadmin -pcommand output
would look like:
lanadmin -p 5000
ifconfig
ifconfig
Since ifconfigcommand is used to configure an IP address the same is
displayed. There are two entries because when an IPv4 address is
configured using ifconfig, it configures both IP and ARP on the
interface.
To remove the IP and ARP streams, do:
ifconfig lan5000 unplumb.
The lanadmin -p 5000output will not show any entries now, which
means the interface can be deleted. To delete this VLAN use the delete
option as follows:
52
Chapter 5
Download from Www.Somanuals.com. All Manuals Search And Download.
Using lanadmin -V to Administer VLANs
Using the lanadmin -V Command for Administering VLANs
lanadmin -V delete 5000
The lanadmin -p <PPA>, command always displays the displays the
applications and commands that use or are configured on the interface.
Lets take another example. Before deleting, the interface lan5001, check
if there are any applications running on it by typing:
lanadmin -p 5001
ifconfig
ifconfig
mib2agt
scopeux
In addition to IP and ARP being configured on the interface, two
applications, mib2agt and scopeux, are using the interface. These
applications are started during system bootup via the startup scripts
/sbin /r c2.d /S565Sn m p Mib2 and /sbin /r c2.d /S810m w a respectively. To
stop these utilities, run the stopsequence of the scripts. To delete the
lan5001 interface, type the following commands:
ifconfig lan5001 unplumb
/sbin/rc2.d/S565SnmpMib2 stop
/sbin/rc2.d/S810mwa stop
Now, lanadmin -p 5001will not display anything, and the interface can
be deleted using lanadmin -V delete vppa.
Once the interface is deleted, you can restart the script by issuing the
startsequence:
/sbin/rc2.d/S565SnmpMib2 start
/sbin/rc2.d/S810mwa start
NOTE: The startand stopsequence of the startup scripts will affect all
the interfaces on the system, and they must be restarted once the delete
operation is completed.
The output from the commands just described may not look exactly the
same on your system. The output can vary depending on the applications
using the interfaces in your environment.
Chapter 5
53
Download from Www.Somanuals.com. All Manuals Search And Download.
Using lanadmin -V to Administer VLANs
Using the lanadmin -V Command for Administering VLANs
54
Chapter 5
Download from Www.Somanuals.com. All Manuals Search And Download.
Troubleshooting
This chapter provides guidelines for troubleshooting VLANs. It contains
the following sections:
•
•
Diagnostic Flowcharts.
Use of lanadminand lanscancommands and scripts for testing or
troubleshooting VLANs.
56
Appendix A
Download from Www.Somanuals.com. All Manuals Search And Download.
Troubleshooting
Diagnostic Flowcharts
Dia gn ostic F low ch a r ts
Table A-1 summarizes the types of network tests in the diagnostic
flowcharts. Follow the flowcharts in sequence beginning with Flowchart
1.
Ta ble A-1
F low ch a r t Descr ip tion s
Ch a r t
Typ e of Test
P u r p ose
1
Link Level Tests
linkloop Test
Checks communications between link levels. Verifies VLAN
creation.
1a
1b
Verifies link-level address of remote hosts.
Verifies VLAN IDs and tests VLAN creation.
lanscan,
lanadmin Tests
2
Network Level
Tests
Validate ARP(1M) entries and remote host availability.
Check communication between network layers on source
and target host.
2a
2b
ARP Test
ping Test
Verifies that an entry exists for the remote host in your
system's ARP cache.
Checks roundtrip communication between Network Layers
on the source and target host.
Appendix A
57
Download from Www.Somanuals.com. All Manuals Search And Download.
Troubleshooting
Flowchart 1: Link Level Tests
F low ch a r t 1: Lin k Level Tests
Check communications between link levels on the source and target host
using the linkloop, lanscan, and lanadmincommands. The source
interface should be a VPPA, that is, a PPA corresponding to a VLAN
interface. The destination MAC address is the remote VPPA’s MAC
address.
58
Appendix A
Download from Www.Somanuals.com. All Manuals Search And Download.
Troubleshooting
Flowchart 1: Link Level Tests
F low ch a r t 1a : Lin k loop Test
Figu r e A-2
F low ch a r t 1a
Linkloop
Test
YES
Execute
linkloop to
remote host
Linkoop
successful?
Network-Level
Tests
NO
Loopback FAILED;
remote host fails
to respond
Loopback FAILED;
Address has bad
format or
Not an individual
address
Re-check remote host address
and if
same VLAN ID is enabled,
choose a different
remote host and
re-execute linkloop
Correct the link
address parameter
NO
Linkoop
successful?
lanscan/lanadmin
Tests
Link Level
Test
YES
Network
Test
60
Appendix A
Download from Www.Somanuals.com. All Manuals Search And Download.
Troubleshooting
Flowchart 1: Link Level Tests
F low ch a r t 1a P r oced u r es
•
Execute linkloop to remote host. If linkloop is successful, continue
to Network Test. Else if linkloop fails note which error was returned.
•
If loopback failed error = “Address has bad format” or “not an
individual address” then correct the link level address with the
proper station address format/value and repeat the Link Level Test.
•
Otherwise, loopback failed because the remote host did not respond.
Double check the remote host address and VLAN ID, or choose
another remote host and re-execute linkloop.
— Ensure VLAN IDs are the same by using lanadmin -V scanon
both the source and destination.
— Ensure switches along the path are configured with the correct
VLAN ID and marked “tagged” or “untagged” as appropriate.
— Ensure MTUs match as well.
— Ensure that link parameters for autonegotiation, flow control
speed and duplexity are compatible.
— Ensure that the link is up. Refer to the documentation for each
specific link for details.
If linkloop is successful, continue to Network Test. You may also
want to contact the node manager of the remote that did not respond
(if this was the case).
Appendix A
61
Download from Www.Somanuals.com. All Manuals Search And Download.
Troubleshooting
Flowchart 1: Link Level Tests
F low ch a r t 1b: la n sca n a n d la n a d m in Test
F low ch a r t 1b
Figu r e A-3
lanscan
and
lanadmin
Test
Run
Is your interface
displayed after
YES
YES
lanscan -v
Network-Level
Tests
Is VLAN ID
correct?
executing
lanscan?
NO
NO
Create VLAN
by running
lanadmin -V create
Modify VLAN
by running
lanadmin -V modify
Any
error
messages?
NO
NO
Network-Level
Tests
Problem
fixed?
YES
YES
Correct
the
problem
Stop
62
Appendix A
Download from Www.Somanuals.com. All Manuals Search And Download.
Troubleshooting
Flowchart 1: Link Level Tests
F low ch a r t 1b P r oced u r es
•
Execute lanscancommand and verify your interface is displayed by
the system.
— If it is displayed, run lanscan -v to ensure the VLAN ID is
correct. If so, return to the network Test. If not, modify the
VLAN to the correct one by running the command
lanadmin -V modify.
— If the interface is not displayed, run lanadmin -V createto
create the VLAN.
•
If the problem is fixed, Stop. Else, check for any error messages.
— If there are error messages correct them according to the error
message.
— If there are no error messages, return to the network Test.
Appendix A
63
Download from Www.Somanuals.com. All Manuals Search And Download.
Troubleshooting
Flowchart 2: Network Level Tests
F low ch a r t 2 P r oced u r es
•
See Flowchart 2a to validate ARPentries and remote host
availability.
•
See Flowchart 2b to check communication between network layers on
source and target host using ping.
Appendix A
65
Download from Www.Somanuals.com. All Manuals Search And Download.
Troubleshooting
Flowchart 2: Network Level Tests
F low ch a r t 2a : ARP Test
Figu r e A-5
F low ch a r t 2a
ARP Test
YES
NO
Remote
host up?
Is remote host
entry in ARP
cache?
NO
YES
Bring up
remote host
Use ARP to
correct and
complete the
entry
Is the ARP
entry correct
and complete
?
NO
YES
ping Test
66
Appendix A
Download from Www.Somanuals.com. All Manuals Search And Download.
Troubleshooting
Flowchart 2: Network Level Tests
F low ch a r t 2a P r oced u r es
•
•
Use ARP to verify that an entry exists for the remote host in your
system's ARP cache by executing arp hostname
If there is no ARP entry for the remote host, check to see if the
remote host is up. If not, bring up remote host and continue to ping
Test.
•
If the ARP entry is incorrect or not complete, use ARPto enter the
correct station address of the remote system and continue to ping
Test. Otherwise, continue to ping Test.
Appendix A
67
Download from Www.Somanuals.com. All Manuals Search And Download.
Troubleshooting
Flowchart 2: Network Level Tests
F low ch a r t 2b: p in g Test
F low ch a r t 2b
Figu r e A-6
ping Test
Execute
ping remotehost
YES
Validate network,
remote host, and
configuration
settings
NO
ping
successful?
YES
con tin u ed
Stop
68
Appendix A
Download from Www.Somanuals.com. All Manuals Search And Download.
Troubleshooting
Flowchart 2: Network Level Tests
F low ch a r t 2b P r oced u r es
•
•
Execute ping to remote host using ping.
If ping is successful, stop. If not, validate network, remote host, and
configuration settings. Verify the routing tables using the netstat
-rncommand.
Appendix A
69
Download from Www.Somanuals.com. All Manuals Search And Download.
Troubleshooting
Flowchart 2: Network Level Tests
F low ch a r t 2b (con tin u ed ):
Figu r e A-7
F low ch a r t 2b (con tin u ed )
ping not
successful
YES
Network
unreachable?
error?
Network-Level
Tests
NO
YES
No response
from ping?
Link-Level
Tests
NO
YES
Unknown host
error?
Correct BIND, YP,
or /etc/hosts
configuration
NO
ping
Test
YES
No route to
host error?
Add route
table entry
NO
Call HP
70
Appendix A
Download from Www.Somanuals.com. All Manuals Search And Download.
Troubleshooting
Flowchart 2: Network Level Tests
F low ch a r t 2b (con tin u ed ) P r oced u r es
•
•
If network unreachable error, go to the Configuration Tests.
If no response from ping, validate switches in path support VLANs
and remote host supports them as well. Otherwise, reconfigure
network path, or configure VLANs on remote host and/or switches
then repeat pingTest. Return to linkloop test.
•
•
If you receive an unknown hosts error, add the missing host name
and repeat pingTest.
If you receive “error=SendTo: No route to host”, then using route
add route table entry for the missing host and repeat ping Test.
Otherwise, call HP.
Appendix A
71
Download from Www.Somanuals.com. All Manuals Search And Download.
Troubleshooting
NetTL Trace and Log of VLANs
NetTL Tr a ce a n d Log of VLANs
The nettl tool can be used to troubleshoot VLANs. Following is a sample
trace output from a Gigabit Ethernet card:
Tr a cin g Ou tp u t fr om a Giga bit Eth er n et Ca r d
^^^^^^^^^^^^^^^^^^^^^^Gigabit Ethernet LAN/9000 Networking^^^^^^^^^^^^^^^^^^
Timestamp
: Wed Nov 07 PST 2001 11:08:03.961449
Process ID
User ID ( UID )
Device ID
: [ICS]
: -1
: 1
Subsystem
Trace Kind
Path ID
: GELAN
: PDU IN TRACE
: -1
Connection ID
Location
: 0
: 00123
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
=================================== Ethernet====================================
Source : 00-10-83-05-16-7e [I] [
Dest : 00-10-83-05-16-7d [I] [
]
] TRACED LEN: 1480
VLAN ID: 0x4
Priority: 0x2
CFI: 0x0
Date : Wed Nov 07 11:08:03.961449 PST 2001
================================ IP Header (inbound -- [ICS]) ================
Source: 101.3.102.47(A) Dest: 101.3.102.61(A)
len: 1462
flags: DF
ttl: 255 proto: 1
tos: 0x0 hdrlen: 20
cksum: 0x218a
offset: 0x0
id: 0xbe49
optlen: 0
-------------------------------- ICMP Header ---------------------------------
type: ECHOREPLY
code: none
chksum: 0x779c
id: 29129
seq: 2
-------------------------------- User Data -----------------------------------
0: 3b e9 86 6d 00 06 ab cc 08 09 0a 0b 0c 0d 0e 0f ;..m............
16: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f ................
32: 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f !"#$%&'()*+,-./
48: 30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f 0123456789:;<=>?
64: 40 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f @ABCDEFGHIJKLMNO
80: 50 51 52 53 54 55 56 57 58 59 5a 5b 5c 5d 5e 5f PQRSTUVWXYZ[\]^_
96: 60 61 62 63 64 65 66 67 68 69 6a 6b 6c 6d 6e 6f `abcdefghijklmno
112: 70 71 72 73 74 75 76 77 78 79 7a 7b 7c 7d 7e 7f pqrstuvwxyz{|}~.
128: 80 81 82 83 84 85 86 87 88 89 8a 8b 8c 8d 8e 8f ................
.........
.......
1424: 90 91 92 93 94 95 96 97 98 99 -- -- -- -- -- -- ................
^^^^^^^^^^^^^^^^^^^^^^Gigabit Ethernet LAN/9000 Networking^^^^^^^^^^^^^^^^^^
Timestamp
: Wed Nov 07 PST 2001 11:08:03.961449
Process ID
User ID ( UID )
: [ICS]
: -1
Subsystem
Trace Kind
: GELAN
: PDU IN TRACE
72
Appendix A
Download from Www.Somanuals.com. All Manuals Search And Download.
Troubleshooting
NetTL Trace and Log of VLANs
Device ID
: 1
Path ID
: -1
Connection ID
Location
: 0
: 00123
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Received 1480 bytes via Ethernet Wed Nov 07 11:08:03.961449 PST 2001
pid=[ICS] interface=[1]
Dest: 00-10-83-05-16-7d Source: 00-10-83-05-16-7e
00-10-83-05-16-7e VLAN Tag: 0x4004
0: 45 00 05 b6 be 49 40 00 ff 01 21 8a 65 03 66 2f E....I@...!.e.f/
16: 65 03 66 3d 00 00 77 9c 71 c9 00 02 3b e9 86 6d e.f=..w.q...;..m
32: 00 06 ab cc 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 ................
48: 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 ............ !"#
64: 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 $%&'()*+,-./0123
80: 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f 40 41 42 43 456789:;<=>?@ABC
96: 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 51 52 53 DEFGHIJKLMNOPQRS
112: 54 55 56 57 58 59 5a 5b 5c 5d 5e 5f 60 61 62 63 TUVWXYZ[\]^_`abc
128: 64 65 66 67 68 69 6a 6b 6c 6d 6e 6f 70 71 72 73 defghijklmnopqrs
.........
.........
864: 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 51 52 53 DEFGHIJKLMNOPQRS
1456: 94 95 96 97 98 99 -- -- -- -- -- -- -- -- -- -- ................
Loggin g Exa m p le
If you try to create a VLAN with a VLANID that is already present on
the physical PPA you get the following output in verbose formatting
mode:
*********************************VLAN Subsystem*****************************
Timestamp
: Wed Nov 07 PST 2001 11:23:44.311001
Process ID
User ID ( UID )
Device ID
: 8631177
: 0
: -1
Subsystem
Log Class
Path ID
: VLAN
: ERROR
: 0
Connection ID
: 0
Log Instance
: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
<2003> Create: User specified VLANID 53 is already in use by another VLAN.
(Error) The VLANID specified is already in use by another
VLAN created on the same physical interface(PPA). Choose
another VLANID or try creating the VLAN on another
physical interface(PPA).
Appendix A
73
Download from Www.Somanuals.com. All Manuals Search And Download.
Troubleshooting
NetTL Trace and Log of VLANs
74
Appendix A
Download from Www.Somanuals.com. All Manuals Search And Download.
Glossa r y
802.1p : IEEE Standard supplement, now
incorporated in IEEE 802.1D. Defines 8
priority levels for traffic classification at the
data link level and suggests how they might
be used.
Destin a tion Ad d r ess: A field in the
message packet format identifying the end
node(s) to which the packet is being sent.
Eth er n et: A 10 Mbit/s LAN, developed by
Digital Equipment Corporation, Intel, and
Xerox Corporation, upon which the IEEE
802.3 network is based.
802.1Q: IEEE Standard that specifies the
architecture for VLAN tagging, association,
and VLAN-capable bridges.
Fa st Eth er n et: A commonly used name
100Ba se-T: A 100 Mbit/s communication
method specified in the IEEE 802.3u-1995
standard. The official name for Fast
Ethernet.
applied to 100Base-T.
HSC: High speed connect bus.
Ha r d w a r e Pa th : An identifier assigned by
the system according to the physical location
(slot) of a card in the hardware backplane.
Alia s: Name of the interface that
corresponds to a given Internet address on a
system.
Hostn a m e: Name of system on the network.
Ca n on ica l for m a t in d ica tor : The CFI bit
indicates that all MAC addresses present in
the MAC data field are in canonical
Hu b: A network interconnection device that
allows multiple devices to share a single
logical link segment. Hubs are generally
either 10 Mbit/s or 100 Mbit/s devices.
format.HP-UX always transmits a CFI of 0.
Ca r d In sta n ce Nu m ber : A number that
uniquely identifies a device within a class. A
class of devices is a logical grouping of
similar devices.
IEEE: The Institute of Electrical and
Electronics Engineers. A national
association, whose activities include
publishing standards applicable to various
electronic technologies. The IEEE technical
committees are numbered and grouped by
area. For example, the 800 committees study
local area network technologies. The 802.3
committee produced the standard for a
CSMA/CD local area network, which has
been adopted by ANSI.
CoS: Class of Service. The ability to provide
different levels of service to various traffic
flows. A flow may be determined explicitly
via tags or implicitly from the frame
contents (such as the IP address or ToS
field). Class of Service (CoS) network
management is when similar types of traffic
(for example, voice, video, or data) are
grouped together and assigned a priority.
Unlike Quality of Service (QoS) traffic
management, CoS does not guarantee a level
of service in terms of bandwidth and delivery
time.
In ter n et Ad d r ess: The network address of
a computer node. This address identifies
both which network the host is on and which
host it is. Refer to the Installing and
Administering LAN/ 9000 Software manual
for detailed information about network
addressing.
Glossary
75
Download from Www.Somanuals.com. All Manuals Search And Download.
Glossary
IP:
IP : Internet protocol.
QoS: Quality of Service. The ability to
provide guarantees for data transfer -- for
example, latency, throughput, and discard
priority.
IP Ad d r ess: See Internet Address glossary
entry.
LAN: See Local Area Network.
SAM: System admin manager. GUI-based
HP tool for system configuration and
management.
Loca l Ar ea Netw or k (LAN): A data
communications system that allows a
number of independent devices to
communicate with each other.
Sh a r ed m ed ia LAN: A local area network
(LAN) that shares all its bandwidth among
all stations.
Loca l Netw or k : The network to which a
node is directly attached.
Sw itch : A network interconnection device
that allows multiple connected senders and
receivers to communicate simultaneously in
contrast to a hub (repeater) where only one
device can send at a time. Some switches
have fixed port speeds (10 Mbit/s or 100
Mbit/s) while others allow port speeds to be
configured or autonegotiated.
Ma xim u m Tr a n sm ission Un it (MTU).
Largest amount of data that can be
transmitted through that interface. This
value does not include the LLC or MAC
headers.
NetTL. HP’s tracing and logging facility for
HP-UX networking.
Ta g a w a r e: Devices such as switches,
routers, and end-stations that can interpret
VLAN tags. See also VLAN-aware.
Netw or k In ter fa ce: A communication path
through which messages can be sent and
received. A hardware network interface has
a hardware device associated with it, such as
a LAN card. A software network interface
does not include a hardware device, for
example the loopback interface. For every IP
address instance, there must be one network
interface configured.
TCP : Transmission control protocol.
Top ology: The physical and logical
geometry governing placement of nodes in a
computer network. Also, the layout of the
transmission medium for a network.
ToS: IPv4 Type of Service field which
indicates the desired service expected by an
IP packet for delivery through routers across
the IP internetwork. The size of this field is 8
bits, which contain bits for precedence, delay,
throughput, and reliability characteristics.
NIC: Network interface card.
P CI: Peripheral component interconnect.
P PA: Physical point of attachment. A PPA is
the point at which a system is attached to a
physical communications medium. All
communication on that physical medium
funnels through the PPA.
UTP (Un sh ield ed Tw isted Pa ir )
Ca blin g: A data cable type consisting of
pairs of wires twisted together without an
electrically shielding jacket.
76
Glossary
Download from Www.Somanuals.com. All Manuals Search And Download.
Glossary
VPPA:
Vir tu a l P PA or VP PA: Virtual Interfaces
which are dynamically created by you (using
lanadmin or SAM). The interfaces are
“virtual” because they do not have a unique
hardware instance. A virtual PPA is the PPA
associated with a VLAN.
VLAN: Virtual LAN.VLANs, are a
mechanism to determine which end stations
should receive broadcast traffic, since it
should not be sent arbitrarily to every
connected user. Each packet transmitted by
an end-station is assigned to a VLAN. An
end-station only receives all the multicast
and broadcast traffic on the LANs to which it
belongs, and an end-station receives unicast
traffic addressed to it on the VLAN to which
it belongs.
VLAN-a w a r e: Devices such as switches and
end-stations that can recognize VLAN tags,
but they do not actually interpret them. See
also tag-aware.
VLAN ID: A VLAN ID uniquely identifies
the VLAN to which a frame belongs.
VLAN ta g: A 4-byte extension to the MAC
header consisting of a 2-byte VLAN protocol
ID (0x8100) and 2-bytes of tag control
information. VLAN tags enable traffic from
more than one VLAN to use the same port.
VP PA: see Virtual PPA.
Glossary
77
Download from Www.Somanuals.com. All Manuals Search And Download.
Glossary
Virtual PPA or VPPA:
78
Glossary
Download from Www.Somanuals.com. All Manuals Search And Download.
|