Home > HP > Printer > HP 5500 Ei 5500 Si Switch Series Configuration Guide

HP 5500 Ei 5500 Si Switch Series Configuration Guide

Add to Favourites
    Download as PDF Print this page Share this page

    Have a look at the manual HP 5500 Ei 5500 Si Switch Series Configuration Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 1114 HP manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    View all the pages
    Page
    of 2513
    Add page 591 to Favourites
    image text
    Enable zoom 
    							 109 
Configuring UDP helper 
Only the HP 5500 EI switches support configuring UDP helper on Layer 3 Ethernet interfaces. 
The term interface in this chapter refers to Layer 3 interfaces, including VLAN interfaces and 
route-mode (or Layer 3) Ethernet ports. You can set an Ethernet port to operate in route mode by using the 
port  link-mode  route  command (see  Layer 2—LAN Switching Configuration Guide ). 
Overview 
UDP helper functions as a relay agent that conver ts UDP broadcast packets into unicast packets and 
forwards them to a specified destination server. Th is is helpful when a host cannot obtain network 
configuration information or request device names thro ugh broadcasting because the server or host to be 
requested is located on  another broadcast domain. 
With UDP helper enabled, a device decides whether to forward a received UDP broadcast packet 
according to the UDP destination port number of the packet.  
•   If the destination port number of the packet matches the one pre-configured on the device, the 
device modifies the destination IP address in th e IP header, and then sends the packet to the 
specified destination server. 
•   If the destination port number of the packet does not match the one pre-configured on the device, 
the device sends the packet to the upper layer protocol for processing. 
Configuration restrictions and guidelines 
•  The receiving of directed broadcasts to a directly  connected network is disabled by default on the 
switch. As a result, UDP helper is available only when the  ip forward-broadcast command is 
configured in system view. For more information about reception and forwarding of directed 
broadcasts to a directly connected network, se e Configuring IP performance optimization. 
•   A UDP helper enabled device must not forward DHCP broadcast packets that use destination port 
67 or 68. Therefore, the UDP port numbers set with the udp-helper port  command must not include 
67 or 68. 
•   You can specify a port number or the corresponding parameter for a UDP port to forward packets. 
For example,  udp-helper port  53 and udp-helper port  dns  specify the same UDP port number. 
•   The configuration of all UDP ports is removed if you disable UDP helper. 
•   You can configure up to 256 UDP port numbers to enable the forwarding of packets with these UDP 
port numbers. 
•   You can configure up to 20 destination servers on an interface. 
Configuration procedure 
To configure UDP helper:  
Step Command Remarks 
1.  Enter system view. 
system-view  N/A
    Add page 592 to Favourites
    image text
    Enable zoom 
    							 110 
Step Command Remarks 
2.  Enable UDP helper. 
udp-helper enable  Disabled by default. 
3.  Enable the forwarding of 
packets with the specified 
UDP destination port 
number(s).  udp-helper port
 { port-number | dns | 
netbios-ds  | netbios-ns  | tacacs | tftp 
|  time  }  No UDP port number is specified 
by default. 
4.
  Enter interface view.  interface
 interface-type 
interface-number   N/A 
5.
  Specify the destination server 
to which UDP packets are to 
be forwarded.  udp-helper server
 ip-address   No destination server is 
specified by default. 
 
Displaying and maintaining UDP helper 
 
Task Command  Remarks 
Displays information about 
forwarded UDP packets.  display udp-helper server
 [ interface 
interface-type interface-number  ] [ | { begin  
|  exclude  | include  } regular-expression ]   Available in any view 
Clear statistics about packets 
forwarded. 
reset udp-helper packet 
Available in user view 
 
UDP helper configuration example 
Network requirements 
As shown in Figure 50, the IP address of VLAN-interface 1 of Switch A is 10.1 1 0 .1.1 / 16 ,  a n d  t h e  i n t e r f a c e  
connects to the subnet 10.1 10.0.0/16. 
Configure UDP helper to forward broadcast packets with UDP destination port number 55 and 
destination IP address 255.255.255.255 or 10.1 10.255.255 to the destination server 10.2.1.1/16 in 
public network.  
Figure 50  Network diagram 
 
 
Configuration procedure 
Verify that a route from Switch A to the subnet 10.2.0.0/16 is available. 
IP network
Vlan-int1
10.110.1.1/16 Vlan-int1
10.2.1.1/16
Switch A Switch BServer
    Add page 593 to Favourites
    image text
    Enable zoom 
    							 111 
# Enable Switch A to receive directed broadcasts. 
 system-view 
[SwitchA] ip forward-broadcast 
# Enable UDP helper. 
[SwitchA] udp-helper enable 
# Enable the forwarding broadcast packets with the UDP destination port 55. 
[SwitchA] udp-helper port 55 
# Specify the destination server 10.2.1.1 on VLAN-interface 1 in public network. 
[SwitchA] interface vlan-interface 1 
[SwitchA-Vlan-interface1] ip address 10.110.1.1 16 
[SwitchA-Vlan-interface1] udp-helper server 10.2.1.1
    Add page 594 to Favourites
    image text
    Enable zoom 
    							 112 
Configuring IPv6 basics 
Only the HP 5500 EI switches support configuring IPv6 basics on Layer 3 Ethernet interfaces. 
The term interface in this chapter refers to Layer 3 interfaces, including VLAN interfaces and 
route-mode (or Layer 3) Ethernet ports. You can set an  Ethernet port to operate in route mode by using the 
port  link-mode  route  command (see  Layer 2—LAN Switching Configuration Guide ). 
Overview 
Internet Protocol Version 6 (IPv6), also called IP next generation (IPng), was designed by the Internet 
Engineering Task Force (IETF) as the successor to Internet Protocol version 4 (IPv4). The significant 
difference between IPv6 and IPv4 is that IPv6 increases the IP address size from 32 bits to 128 bits.  
IPv6 features 
Header format simplification 
IPv6 removes several IPv4 header fields or moves them  to the IPv6 extension headers to reduce the length 
of the basic IPv6 packet header. The basic IPv6 packet header has a fixed length of 40 bytes to simplify 
IPv6 packet handling and to improve forwarding effi ciency. Although IPv6 address size is four times 
larger than IPv4 address size, the basic IPv6 packet header size is only twice the size of the option-less 
IPv4 packet header.  
Figure 51  IPv4 packet header format and bas ic IPv6 packet header format 
 
 
Larger address space 
The source and destination IPv6 addresses are 128 bits (or 16 bytes) long. IPv6 can provide 3.4 x 1038 
addresses to meet the requirements of hierarchical address division and the allocation of public and 
private addresses.
    Add page 595 to Favourites
    image text
    Enable zoom 
    							 113 
Hierarchical address structure 
IPv6 uses hierarchical address structure to speed up route lookups and reduce the IPv6 routing table size 
through route aggregation. 
Address autoconfiguration 
To simplify host configuration, IPv6 supports  stateful and stateless address autoconfiguration. 
•   Stateful address autoconfiguration enables a host to acquire an IPv6 address and other 
configuration information from a server (for example, a DHCP server). 
•   Stateless address autoconfiguration enables a host  to automatically generate an IPv6 address and 
other configuration information by using its link-layer address and the prefix information advertised 
by a router. 
To communicate with other hosts on the same link,  a host automatically generates a link-local address 
based on its link-layer address and the link-local address prefix (FE80::/10). 
Built-in security 
IPv6 defines extension headers to support IPsec. IPsec provides end-to-end security for network security 
solutions and enhances interoperability among different IPv6 applications. 
QoS support 
The Flow Label field in the IPv6 header allows the device to label the packets and facilitates the special 
handling of a flow. 
Enhanced neighbor discovery mechanism 
The IPv6 neighbor discovery protocol is implemen ted through a group of Internet Control Message 
Protocol version 6 (ICMPv6) messages to manage  the information exchange among neighboring nodes 
o n  t h e  s a me  l i n k.  Th e  g rou p  of  I C M P v 6  mess a g e s  re places Address Resolution Protocol (ARP) messages, 
Internet Control Message Protocol version 4 (ICMPv4)  Router Discovery messages, and ICMPv4 Redirect 
messages and provides a series of other functions. 
Flexible extension headers 
IPv6 eliminates the Options field in the header and  introduces optional extension headers to provide 
scalability and improve efficiency. The Options field in the IPv4 packet header contains a maximum of 
40 bytes, whereas the IPv6 extension headers are restricted to the maximum size of IPv6 packets only. 
IPv6 addresses 
IPv6 address format 
An IPv6 address is represented as a set of 16-bit hexadecimals separated by colons. An IPv6 address is 
divided into eight groups, and each 16-bit group is represented by four hexadecimal numbers, for 
example, 2001:0000:130F:0000:0000:09C0:876A:130B. 
To simplify the representation of IPv6 addresses, you can handle zeros in IPv6 addresses by using the 
following methods: 
•   The leading zeros in each group can be removed. For example, the previous address can be 
represented in a shorter format as 2001:0:130F:0:0:9C0:876A:130B. 
•   If an IPv6 address contains two or more consecut ive groups of zeros, they can be replaced by a 
double colon (::). For example, the previous addres s can be represented in the shortest format as 
2001:0:130F::9C0:876A:130B.
    Add page 596 to Favourites
    image text
    Enable zoom 
    							 114 
A double colon may appear once or not at all in an IPv6 address. This limit allows the device to 
determine how many zeros the double colon represen ts, and correctly convert it to zeros to restore 
a 128-bit IPv6 address. 
An IPv6 address consists of an address prefix and an interface ID, both of which are equivalent to the 
network ID and the host ID of an IPv4 address, respectively. 
An IPv6 address prefix is written in IPv6-address/prefix-length notation where the IPv6-address is 
represented in any of the formats previously mentioned and the prefix-length is a decimal number 
indicating how many leftmost bits of the IPv6 address comprises the address prefix. 
IPv6 address types 
IPv6 addresses fall into the following types: 
•   Unicast address —An identifier for a single interface, simi lar to an IPv4 unicast address. A packet 
sent to a unicast address is delivered to the interface identified by that address. 
•   Multicast address —An identifier for a set of interfaces (typically belonging to different nodes), 
similar to an IPv4 multicast address. A packet se nt to a multicast address is delivered to all 
interfaces identified by that address. 
•   Anycast address —An identifier for a set of interfaces (t ypically belonging to different nodes). A 
packet sent to an anycast address is delivered to th e nearest one of the interfaces identified by that 
address. The nearest interface is chosen according  to the routing protocols measure of distance. 
 
 NOTE: 
There are no broadcast addresses  in IPv6. Their function is replaced by multicast addresses. 
 
The type of an IPv6 address is designated by the first several bits, the format prefix.  Tabl e  6 lists the  
mappings between address types and format prefixes. 
Table 6  Mappings between address type s and format prefixes 
T
ype Format prefix (binary) IPv6 prefix ID 
Unicast 
address  Unspecified address  00...0 (128 bits) 
::/128 
Loopback address  00...1 (128 bits)  ::1/128 
Link-local address  1111111010 FE80::/10 
Site-local address  1111111011 FEC0::/10 
Global unicast address Other forms N/A 
Multicast address  11111111 FF00::/8 
Anycast address  Anycast addresses use the unicast address space and have the 
identical structure of unicast addresses. 
 
Unicast addresses 
Unicast addresses comprise global unicast addresses, 
link-local unicast addresses, site-local unicast 
addresses, the loopback address, and the unspecified address. 
•   Global unicast addresses, equivalent to public IPv4 addresses, are provided for network service 
providers. This type of address allows efficient prefix aggregation to restrict the number of global 
routing entries.
    Add page 597 to Favourites
    image text
    Enable zoom 
    							 115 
•  Link-local addresses are used for communication among link-local nodes for neighbor discovery 
and stateless autoconfiguration. Packets with li nk-local source or destination addresses are not 
forwarded to other links. 
•   Site-local unicast addresses are similar to private IP v4 addresses. Packets with site-local source or 
destination addresses are not forwarded out of the local site (or a private network). 
•   A loopback address is 0:0:0:0:0:0:0:1 (or ::1). It cannot be assigned to any physical interface and 
can be used by a node to send an IPv6 packet  to itself in the same way as the loopback address 
in IPv4. 
•   An unspecified address is 0:0:0:0:0:0:0:0 (or ::). It cannot be assigned to any node. Before 
acquiring a valid IPv6 address, a node fills this  address in the source address field of IPv6 packets. 
The unspecified address cannot be used as a destination IPv6 address. 
Multicast addresses 
IPv6 multicast addresses listed in  Tabl e  7 are reserved for special purposes. 
Table 7  Reserved IPv6 multicast addresses 
Address Application 
FF01::1  Node-local scope all-nodes multicast address 
FF02::1  Link-local scope all-nodes multicast address 
FF01::2  Node-local scope all-routers multicast address 
FF02::2 Link-local scope all-routers multicast address 
FF05::2  Site-local scope all-routers multicast address 
 
Multicast addresses also include solicited-node addr esses. A node uses a solicited-node multicast 
address to acquire the link-layer address of a neighborin g node on the same link and to detect duplicate 
addresses. Each IPv6 unicast or anycast address has a corresponding solicited-node address. The format 
of a solicited-node multicast address is: FF02:0:0:0:0:1:FFXX:XXXX where FF02:0:0:0:0:1:FF is fixed 
and consists of 104 bits, and XX:XXXX is the last 24 bits of an IPv6 unicast address or anycast address. 
EUI-64 address-based interface identifiers 
An interface identifier is 64 bits and uniq uely identifies an interface on a link. 
Interfaces generate EUI-64 address-based interface identifiers differently. 
•   On an IEEE 802 interface (such as a VLAN interface) 
The interface identifier is derived from the li nk-layer address (typically a MAC address) of the 
interface. The MAC address is 48 bits long. To obtain an EUI-64 address-based  interface identifier, 
you must insert the hexadecimal number FFFE  (16 bits of 1111111111111110) into the MAC 
address (behind the 24th high-order bit), and set the  universal/local (U/L) bit (which is the seventh 
high-order bit) to 1, to make sure that the obtained EUI-64 address-based interface identifier is 
globally unique. 
Figure 52  shows how an EUI-64 address-based interfa
 ce identifier is generated from a MAC 
address.
    Add page 598 to Favourites
    image text
    Enable zoom 
    							 116 
Figure 52 Converting a MAC address into an EUI-64 address-based interface identifier 
 
 
•  On a tunnel interface 
The lower 32 bits of the EUI-64 address-based interf ace identifier are the source IPv4 address of 
the tunnel interface. The higher 32 bits of the  EUI-64 address-based interface identifier of an 
ISATAP tunnel interface are 0000:5EFE, whereas those  of other tunnel interfaces are all zeros. For 
more information about tunnels, see Configuring tunneling.  
•   On an interface of another type 
The EUI-64 address-based interface identifier  is generated randomly by the device.  
IPv6 neighbor discovery protocol 
The IPv6 Neighbor Discovery (ND) protocol uses five types of ICMPv6 messages to implement the 
following functions: 
•  Address resolution 
•   Neighbor reachability detection 
•   Duplicate address detection 
•   Router/prefix discovery and address autoconfiguration 
•   Redirection 
Table 8  ICMPv6 mess

ages used by ND 
ICMPv6 messa
ge Type Function 
Neighbor Solicitation (NS) 
message  135 Acquires the link-layer 
address of a neighbor. Verifies whether a neighbor is reachable. 
Detects duplicate addresses. 
Neighbor Advertisement 
(NA) message  136 Responds to an NS message. 
Notifies the neighboring nodes of link layer changes. 
Router Solicitation (RS) 
message 
133 Requests an address prefix and ot
her configuration information for 
autoconfiguration after startup. 
Router Advertisement (RA) 
message  134 Responds to an RS message. Advertises information such as the Prefix Information options and flag 
bits. 
Redirect message 
137 Informs the source host of a better next hop on the path to a particular 
destination when certain conditions are satisfied.
    Add page 599 to Favourites
    image text
    Enable zoom 
    							 117 
Address resolution 
This function is similar to the ARP function in IPv4. An IPv6 node acquires the link-layer addresses of 
neighboring nodes on the same link through NS and NA message exchanges.  Figure 53 sh
 ows how 
Host A acquires the link-layer address of Host B on a single link. 
Figure 53  Address resolution 
 
 
The address resolution operates in the following steps: 
1. Host A multicasts an NS message. The source addr ess of the NS message is the IPv6 address of the 
sending interface of Host A and the destination  address is the solicited-node multicast address of 
Host B. The NS message contains  the link-layer address of Host A. 
2. After receiving the NS message,  Host B determines whether the destination address of the packet 
is its solicited-node multicast addr ess. If yes, Host B learns the link-layer address of Host A, and 
then unicasts an NA message co ntaining its link-layer address. 
3. Host A acquires the link-layer addre ss of Host B from the NA message. 
Neighbor reachability detection 
After Host A acquires the link-layer address of its neighbor Host B, Host A can use NS and NA messages 
to check whether Host B is reachable. 
1. Host A sends an NS message whose destinat ion address is the IPv6 address of Host B. 
2. I f  H o s t  A  r e c e i v e s  a n  N A  m e s s a g e  f r o m  H o s t  B ,  H o st A decides that Host B is reachable. Otherwise, 
Host B is unreachable. 
Duplicate address detection 
After Host A acquires an IPv6 address, it performs Duplicate Address Detection (DAD) to check whether 
the address is being used by any other node (similar  to the gratuitous ARP function in IPv4). DAD is 
accomplished through NS and NA message exchanges.  Figure 54 sh
 ows the DAD process. 
Figure 54  Duplicate address detection
    Add page 600 to Favourites
    image text
    Enable zoom 
    							 118 
1.
 
Host A sends an NS message whose source  address is the unspecified address and whose 
destination address is the corresponding solicited- node multicast address of the IPv6 address to be 
detected. The NS message co ntains the IPv6 address. 
2. If Host B uses this IPv6 address, Host B returns  an NA message. The NA message contains the IPv6 
address of Host B. 
3.  Host A learns that the IPv6 address is being used  by Host B after receiving the NA message from 
Host B. If receiving no NA message, Host A decide s that the IPv6 address is not in use and uses this 
address. 
Router/prefix discovery and address autoconfiguration 
Router/prefix discovery enables a node to locate the neighboring routers and to learn from the received 
RA message configuration parameters such as the prefix of the network where the node is located. 
Stateless address autoconfiguration enables a node to generate an IPv6 address automatically 
according to the information obtained through router/prefix discovery. 
Router/prefix discovery is implemented through  RS and RA messages in the following steps: 
1. At startup, a node sends an RS message to re quest the address prefix and other configuration 
information for autoconfiguration. 
2.  A router returns an RA message containing inform ation such as Prefix Information options. (The 
router also periodically sends an RA message.  In addition to an address prefix, the Prefix 
Information option also contains the preferred lifetime and valid lifetime  of the address prefix. 
Nodes update the preferred lifetime and valid  lifetime accordingly through periodic RA 
messages.) 
3.  The node automatically generates an IPv6 addre ss and other configuration information according 
to the address prefix and other configuration param eters in the RA message. (The automatically 
generated address is applicable within the valid life time and is removed when the valid lifetime 
expires.) 
Redirection 
A newly started host may contain only a default route to the gateway in its routing table. When certain 
conditions are satisfied, the gateway sends an ICMPv6 Redirect message to the source host, so the host 
can select a better next hop to forward packets (sim ilar to the ICMP redirection function in IPv4). 
The gateway sends an ICMPv6 Redirect message when the following conditions are satisfied. 
•   The receiving interface is the forwarding interface. 
•   The selected route itself is not created or modified by an ICMPv6 Redirect message. 
•   The selected route is not the default route. 
•   The IPv6 packet to be forwarded do es not contain any routing header. 
IPv6 path MTU discovery 
The links that a packet passes from a source to a destination may have different MTUs. In IPv6, when the 
packet size exceeds the path MTU of a link, the packet is fragmented at the source end of the link to 
reduce the processing pressure on intermediate devices and to use network resources effectively. 
The path MTU discovery mechanism is designed to  find the minimum MTU of all links in the path 
between a source and a destination.  Figure 55 sho
 ws how a source host discovers the path MTU to a 
destination host.
    All HP manuals Comments (0)

    Related Manuals for HP 5500 Ei 5500 Si Switch Series Configuration Guide