Table of Contents

HP A-Series

Product Overview

Switche:

Vlastnosti L3 switchů:

Routery:

Wireless:

CLI Priviledge levels:

Users:

CLI:

<HP Switch>          // User-view (restart, update systemu, mazani a ukladani konfiguraci)
[HP Switch]          // System-view (konfiguracni)
[HP Switch-<view>]   // Other command views

PRIKLAD Promptu:

<Router>system-view
[Router]ospf
[Router-ospf-1]area 0.0.0.0
[Router-ospf-1-area 0.0.0.0]display this
# Prepnuti do system-view (konfiguracniho modu)
<sw>system-view
[sw]
# Návrat o jednu úroveň výš
quit
# Navrat do user-view
Ctrl+Z
# zobrazeni konfigurace aktualniho view
display this
# Napověda
?
TAB

Pozor při vytváření uživatele je nutné nastavit mu nějaký privilege level, jinak bude mít def.0 a nebude mít žádná práva. Záchranou může být heslo “super”.

# Super password
<R>system-view
[R]super password level 3 cipher secret2
# Změna levelu
super <level>
super 3 <password>

CTRL Keys

FIXME

Console

Console na Routeru:

[R]user-interface console 0
[R-ui-con0]authentication-mode password
[R-ui-con0]set authentication password cipher secret34

Console na switchi, AUX na Routeru:

[R]user-interface aux0
[R-ui-aux0]authentication-mode password
[R-ui-aux0]set authentication password cipher secret34

Telnet

<R>system-view

# Enable telnet server
[R]telnet server enable

# Set username, password and allowed access
[R]local-user admin1
[R-local-user-admin1]service-type telnet - (pozor povoluje i pouziti webu)
[R-local-user-admin1]password cipher 3com

# Set user/password auth. to telnet
[R]user-interface vty 0 4
[R-ui-vty0-4]authentication-mode scheme
[R-ui-vty0-4]protocol inbound telnet

[R-ui-vty0-4]user priviledge level 3

SSH

# Enable ssh server
[R]ssh server enable

# Generate public key for SSH
[R]public-key local create dsa
[R]public-key local create rsa

# Set username, password and allowed access
[R]local-user admin1
[R-local-user-admin1]service-type ssh
[R-local-user-admin1]password cipher 3com

# Set user/password auth. to telnet
[R]user-interface vty 0 4
[R-ui-vty0-4]authentication-mode scheme
[R-ui-vty0-4]protocol inbound ssh

[R-ui-vty0-4]user priviledge level 3

Save / Delete Config

# Uložení konfigurace
<Router>save
# Smazání aktivní konfigurace
<Router>reset saved-configuration
<Router>reset saved-configuration <filename>
# Nastavení defaultní startovací konfigurace
<Router>startup saved-configuration <filename> main
display startup
backup
restore

Flash (dir,delete)

Vypis obsahu flash:/ vcetne souboru v kosi
<sw>dir /all
# Smazani souboru z flash bez kose
<sw>delete /unreserved <filename>

# Smazani souboru do kose
<sw>delete <filename>

System Upgrade:

# Nastavení def. boot souboru
<Router>boot-loader file CF:/filename.bin main
display boot-loader
# Nastaveni def.konfigurace
<Router> startup saved-configuration config.cfg main
# Vypis verze systemu (HW,SW)
[sw]display version
# Zobrazí aktuální startovací informace systému
[sw]display reboot-type
# Zobrazení diagnostických informací
[sw]display diagnostic-information
[sw]reboot

Password recovery

Boot menu:

   BOOT MENU

1. Download application file to flash
2. Select application file to boot
3. Display all files in flash
4. Delete file from flash
5. Modify BootRom password
6. Enter BootRom upgrade menu
7. Skip current system configuration
8. Set BootRom password recovery
9. Set switch startup mode
0. Reboot

Enter your choice(0-9): 

Time

[Router]clock datetime HH:MM:SS {YYYY/MM/DD | MM/DD/YYYY}
[Router]clock timezone zone-name {add | minus} HH:MM:SS

Hostname

[Router]sysname sysname

Interface IP

Port-ID: 1/0/1 - unit-id ve stohu / id backplane(0=front,1=back) / module-id

[Router]interface GigabitEthernet 0/0
[Router-GigabitEthernet0/0]ip address x.x.x.x yy

Debuging

<router>debuging module-name [debugung-option]

# Zapnuti vypisovani debugu do session
<router>terminal debuging
<router>terminal monitor - telnet,ssh
<router>undo terminal monitor - vypnuti vypisu logu

Troubleshooting tools

[router]ping [-a ip-address]
[router]tracert [-a source-ip]

Switch port config

[sw]interface gigabitethernet 0/1
[sw-gigabitethernet0/1]description descr
[sw-gigabitethernet0/1]undo shutdown
[sw-gigabitethernet0/1]mdi [normal | across | auto]
[sw-gigabitethernet0/1]duplex {auto | full | half}
[sw-gigabitethernet0/1]speed {10 | 100 | 1000 | 10000 | auto}
[sw-gigabitethernet0/1]undo jumboframe emable
[sw-gigabitethernet0/1]virtual-cable-test

# Omezeni broadcastového provozu na portu (% | PPS | BPS)
[sw-gigabitethernet0/1]broadcast-suppresion 5
[sw-gigabitethernet0/1]display this
[sw]display interface brief
[sw]display interface brief | include up
[sw]display interface brief | include trunk
[sw]display interface brief | exclude auto
[sw]display interface brief | begin 2/0/1
[sw]display counters [*inbound* | *outbound*] interface <int-type>

VLANy

Port-types:

VLAN config

[sw]vlan 100
[sw-vlan100]description <desc>
[sw-vlan100]name <name>
# založení více VLAN najednou
[sw]vlan 100 to 110
[sw]display vlan
[sw]display vlan 100
[sw]display vlan all

Access Porty

# Přiřazení více access portů do VLAN najednou
[sw]vlan 100
[sw-vlan100]port gig 1/0/1 to gig 1/0/20
# Přiřazení access portu do VLAN
[sw]interface gi 1/0/0
[sw-gigabitethernet1/0/1]port link-type access
[sw-gigabitethernet1/0/1]port access vlan 100
# Editace skupiny portů
[sw]port-group manual edge-1
[sw-port-group-manual-edge-1]group-member gi 1/0/1 to gi 1/0/10
[sw-port-group-manual-edge-1]port link-type access
[sw-port-group-manual-edge-1]port access vlan 100

[sw]display port-group manual <name>

Trunk

[sw]interface gi 1/0/0
[sw-gigabitethernet1/0/1]port link-type trunk
# povolení vlan
[sw-gigabitethernet1/0/1]port trunk permit vlan all
nebo
[sw-gigabitethernet1/0/1]port trunk permit vlan 100 200
# zakázání vlan
[sw-gigabitethernet1/0/1]undo port trunk permit vlan 1
# nativní vlan
[sw-gigabitethernet1/0/1]port trunk PVID 99
[sw]display port trunk

Hybrid ports

FIXME

L3 VLAN interface

[sw]interface vlan-interface 1
[sw-vlan-interface1]ip address a.a.a.a yy
[sw-vlan-interface1]ip address b.b.b.b yy sub
[sw]display ip int bref

Static

[sw] interface bridge-aggregation 1
[sw-Bridge-Aggregation1]description <desc>
[sw-Bridge-Aggregation1]quit
[sw] interface gi 1/0/1
[sw-gigabitethernet1/0/1]port link-aggregation group 1
[sw-gigabitethernet1/0/1]quit

[sw]interface gi 1/0/2
[sw-gigabitethernet1/0/2]port link-aggregation group 1
[sw-gigabitethernet1/0/2]quit
[sw]interface bridge-aggregation 1
[sw-Bridge-Aggregation1]port link-type trunk
[sw-Bridge-Aggregation1]port trunk permit vlan all

Dynamic

[sw-Bridge-Aggregation1]link-aggregation mode dynamic

Load-balancing (globalne i per. bundle)

[sw]link-aggregation load-sharing mode {destination-ip|destination-mac|destination-port|ingress-port|source-ip|source-mac|source-port}
display link-aggregation summary
display link-aggregation verbose bridge-aggregation 1

Statistiky na portu: flow-interval <5-300>

STP Spanning Tree Protocol

MSTP

Všechny sw musí mít stejné:

Postup konfigurace:

  1. enable STP
  2. nastavit MSTP region na všech switchích
  3. nastavit root a secondary root pro všechny instance
  4. nastavit edge (access) a non-edge (uplinky) porty
  5. aplikovat BPDU protection, root guard a loop protection
[SW] stp enable
[SW] stp region-configuration
[SW-mst-region] region-name name
[SW-mst-region] revision-level 1
[SW-mst-region] instance 1 vlan 1 to 999
[SW-mst-region] instance 2 vlan 1000 to 1999
[SW-mst-region] active region-configuration

Modulo mapping

<SW> system-view
[SW] stp region-configuration
[SW-mst-region] vlan-mapping modulo [1-32]
[SW-mst-region] display stp region-configuration
[SW-mst-region] display stp region-configuration
Oper configuration
   Format selector   :0
   Region name       :test
   Revision level    :1
   
   Instance   Vlans Mapped
      0       2000 to 4094
      1       1 to 999
      2       1000 to 1999

Root a secondary root:

[CoreSW1] stp instance 1 root primary
[CoreSW2] stp instance 1 root secondary

Priorita pro spolupraci MST s CST:

[CoreSW1] stp instance 1 priority 0
[CoreSW1] display stp inst 1
[CoreSW1] display stp inst 1
-------[MSTI 1 Global Info]-------
MSTI Bridge ID     :0.001c-c5bc-2b11
MSTI RegRoot/IRPC  :0.001c-c5bc-2b11 / 0
MSTI RootPortId    :0.0
MSTI Root Type     :PRIMARY root
Master Bridge      :0.001c-c5bc-2b11
Cost to Master     :0
TC recieved        :4
[SW] display stp brief
[SW] display stp brief
VLAN      Port                         Role  STP State     Protection
   2      GigabitEthernet3/0/1         ALTE  DISCARDING    LOOP
   2      GigabitEthernet3/0/2         DESI  FORWARDING    NONE
   2      GigabitEthernet3/0/3         DESI  FORWARDING    NONE
   2      GigabitEthernet3/0/4         DESI  FORWARDING    NONE

Edge / non-Edge: FIXME

IRF

FIXME

Static Routing

FIXME

RIP Routing

FIXME