HP Procurve

Note: dhcp is enabled by default on vlan1(it will grab any ip)

Connect console: Rate 38400
Erase start-config
Show running-config
Reload
Ping
Write memory
Show arp #show arp

Enable # manager level

Exit # exit
? #show available commands
Conf t # configure terminal
int e 1 # go to interface 1
Show int brief # will show interfaces
Show interfaces # show data flowing
Show interfaces [local port] # it will show it in details

Show cdp mei #show switch neighbors Or

Show lldp info remote-device [local port(1 or a1)]

Basic config
Hostname [word]

- Assigned ip Configure -

- Vlan -
Vlan 1
Ip address a.b.c.d a.b.c.d # if you add ip it is equal to (int vlan 1)
Ip default-gateway a.b.c.d
Write memory # equal to copy run start

- For SVI -

Vlan 20
Ip address a.b.c.d a.b.c.d # equal int vlan 200
Write

- Enable routing -
Show ip
#Ip routing should : IP Routing : Disabled

- Vlan -
Show vlan # check the number of vlans

- Enable or disable interfaces -

Int a2
eth-a2: Enable # enable interface
eth-a2: Disable # disable interface

Eth-a2: speed-duplex [duplex mode]

Eth-a2: mdix-mode [mdi(crossover) or mdix (straight)

Eth-a2: name [word(specify a name of interface)]

- History -
Show history

Repeat [no]

Repeat [no] count [no(how many times to repeat)]

Repeat [no] delay [no(ms] count [no]

- Menu -
#Menu #manager mode
Press the numbers or use arrow keys
1. Go to status and counters> 5. port counters

2. Switch configuration> 7. vlan menu> 3. vlan port assignments

- Upgrade image -
Show flash # it will show primary and secondary flash

To upgrade using tftp:

Copy tftp flash 10.0.0.249 filename.file [secondary or primary]

Enter “yes”

Boot system flash [primary or secondary ] # the system will reboot after
Sh version

Boot set-default flash [primary or secondary]

Backup through tftp server:

Copy running-config tftp 10.0.0.249 run5406.cfg

- Configuration files -
-
Show config config1 [filename] config [testconfig] # will add another config

Startup-default config testconfig # it will use the testconfig in startup

Startup-default primary config testconfig # will use “testconfig” as primary if primary flash image is
used

- Logs -

Sh logging -w #shows warning

Sh logging -m #shows major events
Sh logging -i #shows information
Sh logging -d #shows debug
Sh logging -r #shows events in reverse or recent change by the cli

- Vlan -
Vlan 2 # create a vlan
Untagged 24 #equal to switchport mode access & switchport access vlan 5 on port 24
Tagged 1 # trunk interface on port 1

- Svi -
Vlan 2
Ip address a.b.c.d a.b.c.d # equal int vlan 2
Tagged 1 #trunk interface

Config: Ip routing # to enable ip routing:

 - Trunk(tagged interface) -

Vlan 1 = untagged vlan = native VLAN #for all switch

Vlan 10 = tagged vlan
Vlan 20 = tagged vlan
Vlan 2 = tagged vlan

Vlan 10
Ip address a.b.c.d a.b.c.d # should be configured on L3 switch
Tagged port 24 # trunk
Untagged 5,8-10

Show trunks vlan ports a2

Show vlan 10

------

Copy command-output ‘show tech’ tftp a.b.c.d filename.cfg

-------

- Spanning tree -
To enable spanning tree

Config: spanning-tree

Show spanning-tree

- Multiple spanning tree -

Topology sw3 ⇐ sw1 ⇒ swR ⇐ sw2 ⇐ sw3 ⇒ Sw1

Config-name and revision should be the same

Sw3: Spanning-tree config-name [word (case sensitive)] #region name

Sw3: Spanning-tree config-revision 1
Sw3: Spanning-tree instance 1 vlan 1 2
Sw3: Spanning-tree instance 2 vlan 10 20

Show spanning-tree mst-config

Show spanning-tree instance 1 # to check on mapped vlans

Sw1: Spanning-tree config-name [word (case sensitive)]

Sw1: Spanning-tree config-revision 1
Sw1: Spanning-tree instance 1 vlan 1 2
Sw1: Spanning-tree instance 2 vlan 10 20

Sw2: Spanning-tree config-name [word (case sensitive)]

Sw2: Spanning-tree config-revision 1
Sw2: Spanning-tree instance 1 vlan 1 2
Sw2: Spanning-tree instance 2 vlan 10 20

SwR: Spanning-tree config-name [word (case sensitive)]

SwR: Spanning-tree config-revision 1
SwR: Spanning-tree instance 1 vlan 1 2
SwR: Spanning-tree instance 2 vlan 10 20

- Changing a switch to a root -

SwR: spanning-tree instance 1 priority 1 (1*4096)

Sw3: spanning-tree instance 2 priority 2 (2*4096)

Sh spanning-tree instance ist #ist is other vlans

- Linked aggregation (redundancy & increase throughput)-

Dynamic lacp #dynamic joining of links when one of the physical int is down #cons you cannot
control vlans that can traverse

Static lacp

Topology SW1 1,3 ⇒ a2,a4 SW3 a3,a6 ⇐1,3 SW2

SW1: trunk 1,3 trk1 trunk # no negotiation

!
Sw2: trunk 1,3 trk1 lacp #dynamic negotiation
!
Sw3: trunk a2,a4 trk1 trunk
Sw3: trunk a3,a6 trk2 lacp
!

Show trunks
Show interface brief a2

Tagged is not assigned on trk since it’s a new interface

Sw3: show vlan ports trk1

Sw3:Vlan 10 tagged trk 1

Sw3:Vlan 20 tagged trk 2
!
SW1: vlan 10 tagged trk1
!
SW2: vlan 20 tagged trk1

- security -

- Creating username -
Conf t
Password operator user-name operator #can still be able to config
Type the password:

Note: To secure device add a manager account to be able to config global config

Password manager user-name manager

Type the password:

- Secure http through https with encryption -

Conf t
Config: crypto key generate cert rsa bits 1024

Crypto host-cert generate self-signed

Fill out the things:

Then it will generate certificate

config:Web management ssl # to enable https

Config:No web-management # to remove http management

- Enable ssh -
Config: Crypto key generate ssh rsa bits 1024
Config: ip ssh

Connect using ssh port 22

- Authorized managers on a specific network -

Config: ip authorized-managers 10.0.0.0 255.255.255.0

To remove: no ip authorized-managers 10.0.0.0 255.255.255.0

- Isolate vlan management -

Management-vlan 1 # creates a hidden acl blocking connection from other vlans
To disable just put. No management-vlan

- Static routing -

Sh ip route
Setup dns ip dns server-address priority 1 208.67.222.222

Ip route 0.0.0.0 0.0.0.0 10.0.0.254

AMACC Config using L3 Switch (Intervlan Routing)

Devices:
HP 2920 (L3) SD1 & SD2
V1910 (L2) AS1 & AS2
Topology:
Switch

Assign first ip to be able to telnet do this for all switch:

Note: ip should be unique

SD1(config)#: Vlan 1
SD1(config)#:ip address 192.168.1.20 255.255.255.0

SD2(config)#: Vlan 1
SD2(config)#:ip address 192.168.1.21 255.255.255.0
Do this for all switch!!!

Create a Vlan:

SD1(config)#: Vlan 10
SD1(config)#: Vlan 20
SD1(config)#: Vlan 30
SD1(config)#: Vlan 40

SD2(config)#: Vlan 10
SD2(config)#: Vlan 20
SD2(config)#: Vlan 30
SD2(config)#: Vlan 40

- SVI -

Assign an ip to the layer 3 switch

SD1(config)#:Vlan 10
SD1(config)#:ip address 192.168.10.1 255.255.255.0

SD1(config)#:Vlan 20
SD1(config)#:ip address 192.168.20.1 255.255.255.0

When you do show run, it should look like this. Same goes for the other switch
Please note if you want to balance it on the other switch, Do not assign an ip. Assign if you only
have one L3 switch.

Go to the other L3 switch and do the also this

SD2(config)#:Vlan 30
SD2(config)#:ip address 192.168.30.1 255.255.255.0
SD2(config)#:Vlan 40
SD2(config)#:ip address 192.168.40.1 255.255.255.0

Creating trunks

SD1(config)#:Vlan 10
SD1(config)#:Tagged e 20-24

SD1(config)#:Vlan 20
SD1(config)#:Tagged e 20-24

SD1(config)#:Vlan 30
SD1(config)#:Tagged e 20-24

SD1(config)#:Vlan 40
SD1(config)#:Tagged e 20-24

This means it will vlans 10, 20, 30, 40 will traverse on ports 20-24

- Access ports (optional) -

If you want to assign ports on your L3 Switch

SD1(config)# Vlan 10
SD1(config)# Untagged 10
This will change the port to an access port

- Linked aggregation (redundancy & increase throughput)-

Dynamic lacp #dynamic joining of links when one of the physical int is down #cons you cannot
control vlans that can traverse

We’ll use LACP

SD1(config)#Trunk e 23-24 trk1 lacp

SD2(config)# Trunk e 23-24 trk1 lacp

Have the vlans traverse the newly created aggregated ports

SD1(config)# Vlan 10 Tagged trk1

SD1(config)# Vlan 20 Tagged trk1
SD1(config)# Vlan 30 Tagged trk1
SD1(config)# Vlan 40 Tagged trk1

SD2(config)# Vlan 10 Tagged trk1

SD1(config)# Vlan 20 Tagged trk1
SD1(config)# Vlan 30 Tagged trk1
SD1(config)# Vlan 40 Tagged trk1

If you show run