Home > HP > Printer > HP 5500 Ei 5500 Si Switch Series Configuration Guide

HP 5500 Ei 5500 Si Switch Series Configuration Guide

Download as PDF Print this page Share this page

Have a look at the manual HP 5500 Ei 5500 Si Switch Series Configuration Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 1114 HP manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

$Page 2378 77 Figure 30 Network diagram Configuration procedure # Configure the RMON history group on the RMON agent to gather traffic statistics every one minute for GigabitEthernet 1/0/1. Retain up to eight records for the interface in the history statistics table. system-view [Sysname] interface gigabitethernet 1/0/1 [Sysname-GigabitEthernet1/0/1] rmon history 1 buckets 8 interval 60 owne\ r user1 # Display the history data collected for GigabitEthernet 1/0/1. [Sysname-GigabitEthernet1/0/1]...$

2378

2379

$Page 2380 79 Figure 31 Network diagram Configuration procedure # Configure the SNMP agent with the same SNMP settings as the NMS at 1.1.1.2. This example uses SNMPv1, read community public, and write community private. system-view [Sysname] snmp-agent [Sysname] snmp-agent community read public [Sysname] snmp-agent community write private [Sysname] snmp-agent sys-info version v1 [Sysname] snmp-agent trap enable [Sysname] snmp-agent target-host trap address udp-domain 1.1.1.2 params \ securityname...$

Add page 2381 to Favourites

image text

Enable zoom

							 80 
  etherStatsUndersizePkts  : 0         , etherStatsOversizePkts  : 0 
  etherStatsFragments      : 0         , etherStatsJabbers       : 0 
  etherStatsCRCAlignErrors : 0         , etherStatsCollisions    : 0 
  etherStatsDropEvents (insufficient resources): 0 
  Packets received according to length: 
  64     : 7         ,  65-127  : 413       ,  128-255  : 35 
  256-511: 0         ,  512-1023: 0         ,  1024-1518: 0 
# Query alarm events on the NMS. (Details not shown.)  
On the RMON agent, alarm event messages are displayed when events occur. The following is a sample 
output: 
[Sysname] 
#Jan 27 16:31:34:12 2011 Sysname RMON/2/ALARMFALL:Trap 1.3.6.1.2.1.16.0.2 Alarm table 1 
monitors 1.3.6.1.2.1.16.1.1.1.4.1 with sample type 2,has sampled alarm value 0 less than(or 
=) 50.

Add page 2382 to Favourites

image text

Enable zoom

81
Configuring port mirroring
Both bridge mode (Layer 2) and route mode (Layer 3) Ethernet ports support port mirroring. The term
interface in this chapter collectively refers to these two types of ports. You can use the port link-mode
command to set an Ethernet port to operate in bridge or route mode (see Layer 2—LAN Switching
Configuration Guide ).
Only the HP 5500 EI switch series supports configuring port mirroring on Layer 3 Ethernet interfaces.
Introduction to port mirroring
Port mirroring is the process of copying the packets passing through a port to the monitor port connecting
to a monitoring device for packet analysis.
Terminologies of port mirroring
Mirroring source
The mirroring source can be one or more monitored ports. Packets (called mirrored packets) passing
through them are copied to a port connecting to a mo nitoring device for packet analysis. Such a port is
called a source port and the device where the port resides is called a source device.
Mirroring destination
The mirroring destination is the destination port (also known as the monitor port) of mirrored packets and
connects to the data monitoring device. The device where the monitor port resides is called the
destination device. The monitor port forwards mirr ored packets to its connected monitoring device.
A monitor port may receive multiple duplicates of a packet in some cases because it can monitor multiple
mirroring sources. For example, assume that Port 1 is monitoring bidirectional traffic on Port 2 and Port
3 on the same device. If a packet travels from Port 2 to Port 3, two duplicates of the packet will be
received on Port 1.
Mirroring direction
The mirroring direction indicates that the inbound, outbound, or bidirectional traffic can be copied on a
mirroring source.
• Inbound: Copies packets received on a mirroring source.
• Outbound: Copies packets sent out of a mirroring source.
• Bidirectional: Copies packets both rece ived and sent on a mirroring source.
Mirroring group
Port mirroring is implemented through mirroring groups, which fall into local, remote source, and remote
destination mirroring groups. For more information about the mirroring groups, see Po r t m i r ro ri n g
c

lassification and implementation .
Reflector port, egress port, and remote probe VLAN
The reflector port, remote probe VLAN, and egress port are used for Layer 2 remote port mirroring. The
remote probe VLAN specially transmits mirrored packets to the destination device. Both the reflector port
and egress port reside on a source device and send mirrored packets to the remote probe VLAN. The

Add page 2383 to Favourites

image text

Enable zoom

82
egress port must belong to the remote probe VLAN while the reflector port may not. For more information
about the source device, destination device, reflector port, egress port, and remote probe VLAN, see
Port mirroring classification and implementation .

NOTE:
The reflector port is used to enable local mirroring to support multiple monitor ports.

Port mirroring classification and implementation
According to the locations of the mirroring source and the mirroring destination, port mirroring falls into
local port mirroring and remote port mirroring.
Local port mirroring
In local port mirroring, the mirroring source and the mirroring destination are on the same device. A
mirroring group that contains the mirroring source an d the mirroring destination on the device is called
a local mirroring group.
Figure 32 Local port mirroring implementation

As shown in Figure 32, the source port GigabitEthernet 1/0/1 and monitor port GigabitEthernet 1/0/2
reside on the same device. Packets of GigabitEthernet 1/0/1 are copied to GigabitEthernet 1/0/2,
which then forwards the packets to the data monitoring device for analysis.
Remote port mirroring
In remote port mirroring, the mirroring source and the mirroring destination reside on different devices
and in different mirroring groups. The mirroring group that contains the mirroring source or the mirroring
destination is called a remote source/destination group. The devices between the source devices and
destination device are intermediate devices.
Because the source and destination devices are on th e same Layer 2 network, remote port mirroring is
also referred to Layer 2 remote port mirroring.

Add page 2384 to Favourites

image text

Enable zoom

83
Figure 33 Layer 2 remote port mirroring implementation

On the network shown in Figure 33,
The source device does the following:
1. Copies the packets received on the source po rt GigabitEthernet 1/0/1 to the egress port
GigabitEthernet 1/0/2.
2. Forwards the packets to the intermediate device, which then broadcasts the packets in the remote
probe VLAN.
3. Transmits the packets to the destination device via the inte rmediate device.
Then, the destination device does the following:
4. Receives the mirrored packets.
5. Compares their VLAN IDs to the ID of the remote probe VLAN configured in the remote destination
group.
6. If the VLAN IDs of these mirrored packets match the remote probe VLAN ID, the device forwards
them to the data monitoring device through the monitor port GigabitEthernet 1/0/2.
Allow remote probe VL AN to pass through the intermediate devices to make sure the source device and
the destination device can communicate at Layer 2 in the remote probe VLAN.
For a mirrored packet to successfully arrive at the remote destination device, make sure the VLAN ID of
the mirrored packet is not removed or changed. Otherwise, the Layer 2 remote port mirroring
configuration will fail.
To monitor both the received and sent packets of a port in a mirroring group, you must use the
mac-address mac-learning disable command on the source, intermediate, and destination devices to
disable MAC address learning of the remote probe VLAN. For more information about the mac-address
mac-learning disable command, see Layer 2—LAN Switch Command Reference .

Add page 2385 to Favourites

image text

Enable zoom

84
Configuring local port mirroring
Local port mirroring configuration task list
Configure a local mirroring group and then configure one or more source ports and a monitor port for
the local mirroring group.
Complete these tasks to configure local port mirroring:

Task Remarks
Creating a local mirroring group Required
Configuring source ports for the local mirroring group Required
Configuring the monitor port for the local mirroring group Required
Using the remote probe VLAN to enable local mirroring to support
multiple monitor ports Optional

Creating a local mirroring group
Step Command Remarks
1.
Enter system view.
system-view N/A
2. Create a local mirroring
group. mirroring-group
group-id local No local mirroring group
exists by default.

NOTE:
A local mirroring group takes effect only after you configure a monitor port and source ports for it.
Configuring source ports for the local mirroring group
If you use system view, you can use a list to configure multiple source ports for a mirroring group at one
time. If you use interface view, you can assign only the current port to the group as a source port, so you
must repeat the step for each additional port.
Configuration restrictions and guidelines
• A mirroring group can contain multiple source ports.
• A port can belong to only one mirroring group.
Configuring source ports in system view

Step Command Remarks
1. Enter system view.
system-view N/A
2. Configure source ports. mirroring-group
group-id
mirroring-port mirroring-port-list
{ both | inbound | outbound } By default, no source port is configured
for a local mirroring group.

Add page 2386 to Favourites

image text

Enable zoom

85
Configuring a source port in interface view

Step Command Remarks
1. Enter system view.
system-view N/A
2. Enter interface view. interface
interface-type
interface-number N/A
3.
Configure the current
port as a source port. [
mirroring-group group-id ]
mirroring-port { both | inbound |
outbound } By default, a port does not serve as a
source port for any local mirroring group.

Configuring the monitor port
for the local mirroring group
You can configure the monitor port for a mirroring grou p in system view, or assign the current port to a
mirroring group as the monitor port in interfac e view. The two methods lead to the same result.
Configuration restrictions and guidelines
• A mirroring group contains only one monitor port.
• To make sure that the mirroring function works properly, do not assign the monitor port to a source
VLAN, or enable the spanning tree feature on the monitor port.
• HP recommends you use a monitor port for port mirroring only. This is to make sure that the data
monitoring device receives and analyzes only the mirrored traffic rather than a mix of mirrored
traffic and normally forwarded traffic.
• You cannot configure the monitor port in a mirroring group as a port in a RRPP ring.
Configuring the monitor port in system view

Step Command Remarks
1. Enter system view.
system-view N/A
2. Configure the monitor
port. mirroring-group
group-id
monitor-port monitor-port-id By default, no monitor port is configured
for a local mirroring group.

Configuring the monitor port in interface view

Step Command Remarks
1.
Enter system view.
system-view N/A
2. Enter interface view. interface
interface-type
interface-number N/A
3.
Configure the current
port as the monitor
port. [
mirroring-group group-id ]
monitor-port By default, a port does not serve as the
monitor port for any local mirroring group.

Add page 2387 to Favourites

image text

Enable zoom

86
Using the remote probe VLAN to enable local mirroring to
support multiple monitor ports
In typical local port mirroring configuration, you can configure only one monitor port in a local mirroring
group. As a result, you cannot monitor traffic of a local device on multiple data monitoring devices. To
do that, you can take advantage of the remote probe VLAN used in Layer 2 remote mirroring.
In Layer 2 remote port mirroring, a remote probe VLAN is configured, and the mirrored packets are
broadcast within the remote probe VLAN. By connectin g multiple data monitoring devices to the member
ports of the remote probe VLAN, you can monitor the traffic of the local device on multiple data
monitoring devices.
Configure this feature in the following steps:
1. Configure a remote source mirrori ng group on the local device
2. Configure the monitored ports on the device as source ports of this mirroring group
3. Configure a remote probe VLAN for this mirroring group
4. Assign the ports connecting the data monito ring devices to the remote probe VLAN
In this way, when packets mirrored on the monitored ports are broadcast in the remote probe VLAN, they
will be sent out of the ports conne cting the data monitoring devices, and all the data monitoring devices
can thus receive these mirrored packets.
Configuration restrictions and guidelines
• The reflector port of a remote source mirroring group must be an access port and belong to the
default VLAN, VLAN 1.
• HP recommends that you configure an unused port as the reflector port of a remote source mirroring
group and disable STP on it.
• A mirroring group can contain multiple source ports.
• To make sure that the port mirroring function works properly, do not assign a source port to the
remote probe VL AN.
• If you have already configured a reflector port for a remote source mirroring group, you can no
longer configure an egress port for it.
• A VLAN can serve as the remote probe VLAN for only one remote source mirroring group. HP
recommends you use the remote probe VLAN for port mirroring exclusively. Do not create a VLAN
interface for the VLAN or configure any other features for the VLAN.
• A remote probe VL AN must be a static VLAN. To remove the VL AN configured as a remote probe
VLAN, you must first remove the remote probe VLAN with the undo mirroring-group remote-probe
vlan command.
• If the remote probe VLAN of a remote mirroring gr oup is removed, the remote mirroring group will
become invalid.
• The link type of monitor ports configured for port mirroring must be access.
Configuration procedure
To configure local port mirroring with multiple monitor ports:
Step Command Remarks
1. Enter system view.
system-view N/A

Add page 2388 to Favourites

image text

Enable zoom

							 87 
Step Command Remarks 
2.  Create a remote source 
mirroring group.  mirroring-group
 group-id 
remote-source  By default, no mirroring group exists 
on a device. 
3.
  Configure source ports 
for the remote source 
mirroring group. 
• (Approach 1) In system view: 
mirroring-group  group-id 
mirroring-port  mirroring-port-list  
{  both  | inbound  | outbound  } 
•  (Approach 2) In interface view:  
a.  interface  interface-type 
interface-number 
b.  [ mirroring-group  group-id ] 
mirroring-port  { both | 
inbound  | outbound  } 
c.   quit   Use either approach. 
By default, no source port is 
configured for a mirroring group. 
4.
  Configure the reflector 
port for the remote 
source mirroring group.  mirroring-group 
group-id reflector-port 
reflector-port   By default, no reflector port is 
configured for a mirroring group. 
5.
  Create the remote 
probe VLAN and enter 
VLAN view.  vlan 
vlan-id   B y  d e f a u l t ,  n o  r e m o t e  p r o b e  V L A N  i s  
configured for a mirroring group. 
6.
  Assign monitor ports to 
the remote probe 
VLAN.  port 
interface-list   By default, a newly-created VLAN 
does not have any member port. 
7.
  Return to system view. 
quit  N/A 
8.  Configure the remote 
probe VLAN for the 
remote source mirroring 
group.  mirroring-group 
group-id 
remote-probe vlan  rprobe-vlan-id B y  d e f a u l t ,  n o  r e m o t e  p r o b e  V L A N  i s  
configured for a mirroring group. 
 
Configuring Layer 2 remote port mirroring 
Layer 2 remote port mirroring configuration task list 
Configuring Layer 2 remote port mirroring is to conf
igure remote mirroring groups. To do that, configure 
the remote source group on the source device and  configure the cooperating remote destination group 
on the destination device. If an intermediate device  exists, allow the remote probe VLAN to pass through 
the intermediate device.  
 
  NOTE: 
HP recommends you not enable GARP VLAN Registrati on Protocol (GVRP). If GVRP is enabled, GVRP 
may register the remote probe VLAN to unexpected  ports, resulting in undesired duplicates. For more 
information about GVRP, see 
Layer 2—LAN Switching Configuration Guide.  
Configure the following on the source device: 
•   Source ports 
•   Remote probe VLAN 
•   The egress port

Add page 2389 to Favourites

image text

Enable zoom

88
Then, configure the following on the destination device:
• Remote probe VLAN
• Monitor port
Complete these tasks to configure Layer 2 remote port mirroring:

Task Remarks
Configuring a
remote source group Creating a remote source group
Required Configuring source ports for the remote source group Required
Configuring the egress port for the remote source group Required
Configuring the remote probe VLAN for the remote source group Required
Configuring a
remote destination
group Creating a remote destination group
Required Configuring the monitor port for the remote destination group Required
Configuring the remote probe VLAN for the remote destination
group Required
Assigning the monitor port to the remote probe VLAN
Required

Configuring a remote source group (on the source device)
Creating a remote source group

Step Command Remarks
1. Enter system view.
system-view N/A
2. Create a remote source
group. mirroring-group
group-id remote-source By default, no remote source
group exists on a device.

Configuring source ports for the remote source group
If you use system view, you can use a list to configure multiple source ports for a mirroring group at one
time. If you use interface view, you can assign only the current port to the group as a source port, so you
must repeat the step for each additional port.
1.
Configuration restrictions and guidelines:
{ A mirroring group can contain multiple source ports.
{ A port can belong to only one mirroring group.
2. Configuration procedure:
To configure source ports for the remote source group in system view:

Step Command Remarks
1. Enter system view.
system-view N/A
2. Configure source ports
for the remote source
group. mirroring-group
group-id
mirroring-port mirroring-port-list
{ both | inbound | outbound } By default, no source port is configured
for a remote source group.

To configure a source port for the remote source group in interface view:

Add page 2390 to Favourites

image text

Enable zoom

89
Step Command Remarks
1. Enter system view.
system-view N/A
2. Enter interface view. interface
interface-type
interface-number N/A
3.
Configure the current
port as a source port. [
mirroring-group group-id ]
mirroring-port { both | inbound |
outbound } By default, a port does not serve as a
source port for any remote source group.

Configuring the egress port for the remote source group
You can configure the egress por t for a mi rroring group in system view, or assign the current por t to it as
the egress port in interface view. The two configuration modes lead to the same result.
To make sure that the mirroring function works properly, disable these functions on the egress port: the
spanning tree feature, 802.1X, IGMP snooping, static ARP, and MAC address learning.
To configure the egress port for the remote source group in system view:

Step Command Remarks
1.
Enter system view.
system-view N/A
2. Configure the egress port for
the remote source group. mirroring-group
group-id
monitor-egress
monitor-egress-port By default, no egress port is configured for
a remote source group.

To configure the egress port for the remote source group in interface view:
Step Command Remarks
1.
Enter system view.
system-view N/A
2. Enter interface view. interface
interface-type
interface-number N/A
3.
Configure the current port as
the egress port. mirroring-group
group-id
monitor-egress By default, a port does not serve as the
egress port for any remote source group.

NOTE:
• A mirroring group contains only one egress port.
• A source port of an existing mirroring group cannot be configured as an egress port.

Configuring the remote probe VLAN for the remote source group
Before configuring a remote probe VLAN, create a stat ic VLAN that will serve as the remote probe VLAN
for the remote source group.
1. Configuration restrictions and guidelines:
{ A VLAN can serve for only one mirroring group.
{ When a VLAN is configured as a remote probe VLAN, you must remove the remote probe
VLAN configuration before deleting the VLAN.
{ When you remove the configuration of a remote probe VLAN, an active mirroring group
becomes inactive.

All HP manuals Comments (0)

Related Manuals for HP 5500 Ei 5500 Si Switch Series Configuration Guide

HP C4280 User Manual
155 pages | HP Printer
HP CM8060 User Manual
306 pages | HP Printer
HP Color LaserJet 1600 User Manual
142 pages | HP Printer
HP Business InkJet 1000 User Manual
96 pages | HP Printer
HP Business InkJet 1100 User Manual
102 pages | HP Printer
HP Business InkJet 1200D User Manual
112 pages | HP Printer
HP Business InkJet 2800 User Manual
114 pages | HP Printer
HP Business InkJet 2800dtn User Manual
114 pages | HP Printer
HP Business InkJet 3000 User Manual
114 pages | HP Printer
HP CM8050 User Manual
104 pages | HP Printer
HP Color LaserJet 2550L User Manual
176 pages | HP Printer