Your SlideShare is downloading. ×

Pro curve cisco

362
views

Published on

Command line convert from cisco to HP

Command line convert from cisco to HP

Published in: Technology

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
362
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
18
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. ProCurve NetworkingProCurve / Cisco InteroperabilityGuide Introduction........................................................................................ 3 Discovery protocols: LLDP & CDP ........................................................... 4 VLAN configuration .............................................................................. 7 Introduction ..................................................................................... 7 VLAN configuration on Cisco Catalyst ................................................... 8 VLAN configuration on HP ProCurve ....................................................10 Checking VLANs status and connectivity ..............................................11 Additional info about VLANs...............................................................14 Link aggregation ................................................................................19 Introduction ....................................................................................19 A Static Trunk/Channel .....................................................................21 LACP Trunk/Channel.........................................................................24 Spanning-Tree ...................................................................................29 Introduction ....................................................................................29 MSTP Configuration ..........................................................................31 Cisco as Core running PVST+, HP ProCurve as Edge running RSTP ..........41 HP ProCurve as Core running RSTP, Cisco as Edge running PVST+ ..........47 IP routing Interoperability....................................................................55 Sample topology ..............................................................................55 RIP configuration .............................................................................55 Other RIP features ...........................................................................58
  • 2. OSPF Single Area .............................................................................60 Redistribution into OSPF ...................................................................64 Configuration of Multiple OSPF areas ..................................................70 Other OSPF features.........................................................................77IP Multicast interoperability..................................................................80 Introduction ....................................................................................80 PIM DENSE Mode .............................................................................80 PIM SPARSE Mode............................................................................86
  • 3. IntroductionToday’s multi-vendor environments present many challenges toadministrators trying to configure dissimilar (proprietary vs. standard)protocols. In an effort to accommodate the needs for many of ourpartners and customers, ProCurve networking has written this guide toassist in the configuration and deployment of ProCurve and Ciscoenvironments.The intent of this document isn’t to describe why you should do thesethings, nor does it argue what the benefits are. It merely goesthrough how to accomplish the necessary configurations to get theCisco and ProCurve switches configured so that they will worktogether.While the testing conducted was extensive, it is impossible that allpossible configurations and scenarios were captured. This documenttherefore, can not be assumed to be perfect as it applies to everyenvironment. Please consider carefully the implications of some ofthese changes before instituting them.The recommendation is to test the new configurations in a controlledenvironment prior to rolling out changes that could impact yourproduction environment. Additionally, saving current configurationfiles for switches is a good practice for backup.Thank you
  • 4. Discovery protocols: LLDP & CDPProCurve is committed to standards. And it is logically that the proprietarydiscovery protocol CDP (Cisco Discovery protocol) has been replaced by theIEEE 802.1AB standard LLDP (Link Layer Discovery protocol) when this onewas released.If LLDP is enabled by default, CDP remains in Read-only mode (receive-only).Then ProCurve switches can discover LLDP neighbors as well as Cisco deviceneighbors.Note: Cisco does not support yet LLDP in its equipments.Cisco IP Phone could in a close future supports LLDP-MED (Media End-PointDiscovery) which will then allow automatic discovery and configuration of IPPhones.Some IP Phone vendors such as Avaya and Mitel are already committed toLLDP-MED.The network scheme used here is the same as in the MSTP example. e1 e2 Gi1/1 Procurve-Edge-1 Gi1/1 Gi1/3 Gi1/3 Gi1/2 Gi1/2 Cisco-Core-2 Cisco-Core-1 e1 e2 Procurve-Edge-2Discovery configurationWe simply use the default configuration regarding Discovery protocols.On ProCurve switches: LLDP is enabled in send and receive mode. CDP isenabled in received mode.On Cisco: CDP is enabled by default.
  • 5. Checking Discovery info on a ProCurve switchThe following command lists CDP neighbors. As expected, it displays the twoCatalyst 6500. ProCurve-Edge-1# show cdp neighbors CDP neighbors information Port Device ID | Platform Capability ---- ---------------------- + ---------------------------- ----- 1 Core-Cisco-1 | Cisco IOS Software, C6500... R S 2 Core-Cisco-2 | Cisco IOS Software, C6500... R SLLDP neighbors: the ProCurve switch displays the two Catalyst 6500 as wellbecause the LLDP display includes the CDP neighbors. ProCurve-Edge-1# show lldp info remote-device LLDP Remote Devices Information LocalPort | ChassisId PortId PortDescr SysName --------- + ------------------------- ------ --------- --------------- 1 | Core-Cisco-1 Gig... 2 | Core-Cisco-2 Gig...We display the LLDP neighbors attached to given ports. It shows detailsabout neighbors. ProCurve-Edge-1# show lldp info remote-device 1-2 LLDP Remote Device Information Detail Local Port : 1 ChassisType : local ChassisId : Core-Cisco-1 PortType : local PortId : GigabitEthernet0/1 SysName : System Descr : Cisco IOS Software, C6500 Software (C6500-IPSERVICESK9- M)... PortDescr : System Capabilities Supported : bridge, router System Capabilities Enabled : bridge, router Remote Management Address Type : ipv4 Address : 10.1.1.1 ------------------------------------------------------------------------- Local Port : 2 ChassisType : local ChassisId : Core-Cisco-2 PortType : local PortId : GigabitEthernet0/1 SysName : System Descr : Cisco IOS Software, C6500 Software (C6500-IPSERVICESK9- M)... PortDescr : System Capabilities Supported : bridge, router System Capabilities Enabled : bridge, router
  • 6. Remote Management Address Type : ipv4 Address : 10.1.1.2Checking Discovery info on a Cisco switchAs ProCurve switches do not send anymore CDP frames, a Cisco switch willnot recognize ProCurve neighbors.Let’s hope for a Cisco commitment to the IEEE LLDP standard. Core-Cisco-1#show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone Device ID Local Intrfce Holdtme Capability Platform Port ID Core-Cisco-2 Gig 0/3 171 R S I WS-C6500-4 Gig0/3
  • 7. VLAN configuration 11- Introduction 12- VLAN Configuration on Cisco Catalyst 13- VLAN configuration on HP ProCurve 14- Checking VLANs status and connectivity 15- Additional info about VLANs a. Native VLAN b. Configuring a “management” VLAN other than VLAN 1 c. Changing maximum number of VLANs d. Configuring ports for IP Phones e. VTP – GVRP f. Cisco Extended Range of VLANsIntroductionGlossaryThis chapter deals with port based VLANs that Cisco and HP ProCurve bothsupport. Different names are used to describe similar concepts on bothplatforms.Cisco HP ProCurve What is it?Trunk Tagged A port that “carries” multiple VLANs using the 802.1q tag, for example an uplink, an IP phone port.Access Untagged A port that belongs to a unique VLAN and is untaggedNative VLAN - Defines the untagged VLAN of a 802.1q - tagged port. Defaults to VLAN 1 on HP and Cisco
  • 8. Sample topology Edge/Access ports untagged in VLANs 10,20, 30 & 40 Vlan 40 Vlan 30 Vlan 20 10.1.40.1/24 Vlan 10 10.1.30.1/24 Vlan 1 10.1.20.1/24 10.1.10.1/24 10.1.1.1/24 Cisco-1 Uplink 802.1q port tagged in VLANs 10,20, 30 & 40 and untagged in vlan 1 Procurve-1 Vlan 40 Vlan 30 Vlan 20 10.1.40.2/24 Vlan 10 10.1.30.2/24 Vlan 1 10.1.20.2/24 10.1.10.2/24 10.1.1.2/24VLAN configuration on Cisco CatalystStep 1: VLAN Creation Conf t vlan 10, 20, 30, 40Step 2: Assignment of Access ports to VLANs interface range FastEthernet1/0/10 - 19 switchport access vlan 10 switchport mode access interface range FastEthernet1/0/20 - 29 switchport access vlan 20 switchport mode access interface range FastEthernet1/0/30 - 39 switchport access vlan 30 switchport mode access interface range FastEthernet1/0/40 - 48 switchport access vlan 40 switchport mode access
  • 9. Step 3: Creation of 802.1q links (Cisco “Trunk”) interface FastEthernet1/0/1The “encapsulation” method defines how multiple VLANs are carried on CiscoEthernet links. Cisco supports a proprietary method, ISL, and the IEEEstandard 802.1q (noted “dot1q”). switchport trunk encapsulation dot1q By default, a Cisco “trunk” carries all VLANs. The “allowed VLAN” restricts transport of VLANs to the specified VLANs. switchport trunk allowed vlan 1,10,20,30,40By default, a port is in ”access” mode, i.e. it belongs to one VLAN only. switchport mode trunkCisco also supports a proprietary negotiation protocol for the trunk namedDTP (Dynamic Trunk Protocol). When defined in “trunk” mode the portgenerates DTP frames. The following command disables generation of DTPframes. This is the recommended configuration when connected to ProCurveswitches. switchport nonegotiateStep 4: IP configurationIf the switch is a layer 2 switch, a unique IP address is usually defined in oneVLAN for management purpose only and a default gateway is configured foraccess from remote subnets. interface vlan1 ip address 10.1.1.2 255.255.255.0 no shutdown ip default-gateway 10.1.1.1In this sample, for testing connectivity, one IP address has been defined ineach VLAN. interface vlan10 ip address 10.1.10.2 255.255.255.0 no shutdown interface vlan20 ip address 10.1.20.2 255.255.255.0 no shutdown interface vlan30 ip address 10.1.30.2 255.255.255.0 no shutdown interface vlan40 ip address 10.1.40.2 255.255.255.0 no shutdown
  • 10. VLAN configuration on HP ProCurveStep1: VLAN creation and port assignmentVLAN creation ConfPorts 1 to 9 are assigned to VLAN 10 and removed from VLAN 1 (defaultVLAN).Port 45 (uplink) is tagged in VLAN 10 while remaining untagged member ofVLAN 1. vlan 10 name Test10 untagged 1-9 tagged 45 ExitPorts 10 to 19 are assigned to VLAN 20.Port 45 (uplink) is tagged in VLAN 20. vlan 20 untagged 10-19 tagged 45 exit vlan 30 untagged 20-29 tagged 45 exit vlan 40 untagged 30-44 tagged 45 exitStep2: IP addressOne or more IP address per VLAN can be configured. Usually on a L2 switch,one ip address in a VLAN and a default-gateway is defined.In this example, multiple IP addresses have been defined for testingconnectivity. vlan 1 ip address 10.1.1.1 255.255.255.0 exit vlan 10 ip address 10.1.10.1 255.255.255.0 exit vlan 20 ip address 10.1.20.1 255.255.255.0 exit vlan 30 ip address 10.1.30.1 255.255.255.0 exit
  • 11. vlan 40 ip address 10.1.40.1 255.255.255.0 exitChecking VLANs status and connectivityChecking VLANs on CiscoChecking ports assignment to VLANsThe following display shows the “access” ports and does not include the Cisco“trunk” (802.1q links) ports. Cisco-1#show vlan vlan Name Status Ports ---- -------------------------------- --------- ----------------------------- 1 default active Fa1/0/2, Fa1/0/3, Fa1/0/4 Fa1/0/5, Fa1/0/6, Fa1/0/7 Fa1/0/8, Fa1/0/9, Fa1/0/19 Fa1/0/45, Fa1/0/46, Fa1/0/47 Fa1/0/48, Gi1/0/1, Gi1/0/2 Gi1/0/3, Gi1/0/4 10 vlan0010 active Fa1/0/10, Fa1/0/11, Fa1/0/12 Fa1/0/13, Fa1/0/14, Fa1/0/15 Fa1/0/16, Fa1/0/17, Fa1/0/18 20 vlan0020 active Fa1/0/20, Fa1/0/21, Fa1/0/22 Fa1/0/23, Fa1/0/24, Fa1/0/25 Fa1/0/26, Fa1/0/27, Fa1/0/28 Fa1/0/29 30 vlan0030 active Fa1/0/30, Fa1/0/31, Fa1/0/32 Fa1/0/33, Fa1/0/34, Fa1/0/35 Fa1/0/36, Fa1/0/37, Fa1/0/38 Fa1/0/39 40 vlan0040 active Fa1/0/40, Fa1/0/41, Fa1/0/42 Fa1/0/43, Fa1/0/44 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup (skip…)Checking a Cisco “Trunk” (802.1q) port statusNote the operational mode, the encapsulation mode dot1q (802.1q), theNative VLAN (the untagged VLAN on the 802.1q link) and the allowed VLANson port. Cisco-1#show int fa1/0/1 switchport Name: Fa1/0/1 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: Off Access Mode vlan: 1 (default) Trunking Native Mode vlan: 1 (default) Administrative Native vlan tagging: enabled
  • 12. … (skip) Trunking vlans Enabled: 1,10,20,30,40 Pruning vlans Enabled: 2-1001 Capture Mode Disabled Capture vlans Allowed: ALL … (skip)Checking access port status Cisco-1#sh int fa1/0/10 switchport Name: Fa1/0/10 Switchport: Enabled Administrative Mode: static access Operational Mode: up Administrative Trunking Encapsulation: negotiate Negotiation of Trunking: Off Access Mode vlan: 10 (vlan0010) Trunking Native Mode vlan: 1 (default) Administrative Native vlan tagging: enabled … (skip)Testing connectivityThe connectivity is tested in the various VLANs defined on the 802.1q link Cisco-1#ping 10.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms Cisco-1#ping 10.1.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.10.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/9 ms Cisco-1#ping 10.1.20.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.20.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms Cisco-1#ping 10.1.30.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.30.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms Cisco-1#ping 10.1.40.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.40.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms
  • 13. Checking VLANs on HP ProCurveThe following is a list of defined VLANs. Procurve-1(config)# show vlan Status and Counters - vlan Information Maximum vlans to support : 8 Primary vlan : DEFAULT_vlan Management vlan : 802.1Q vlan ID Name | Status Voice Jumbo -------------- ------------ + ---------- ----- ----- 1 DEFAULT_vlan | Port-based No No 10 TEST10 | Port-based No No 20 vlan20 | Port-based No No 30 vlan30 | Port-based No No 40 vlan40 | Port-based No No*Note that the maximum number of VLANs can be increased.List of ports defined in a given VLAN Procurve-1(config)# show vlan 10 Status and Counters - vlan Information - Ports - vlan 10 802.1Q vlan ID : 10 Name : Test10 Status : Port-based Voice : No Jumbo : No Port Information Mode Unknown vlan Status ---------------- -------- ------------ ---------- 1 Untagged Learn Down 2 Untagged Learn Down 3 Untagged Learn Down 4 Untagged Learn Down 5 Untagged Learn Down 6 Untagged Learn Down 7 Untagged Learn Down 8 Untagged Learn Down 9 Untagged Learn Down 45 Tagged Learn Up 46 Tagged Learn Down 47 Tagged Learn Down 48 Tagged Learn DownList of VLANs defined for a given port. Although it is not explicitly shown inthis display, port 45 is tagged in VLAN 10, 20, 30 and 40 and untagged in 1.
  • 14. Procurve-1(config)# show vlan port 45 Status and Counters - vlan Information - for ports 46 802.1Q vlan ID Name | Status Voice Jumbo -------------- ------------ + ---------- ----- ----- 1 DEFAULT_vlan | Port-based No No 10 TEST10 | Port-based No No 20 vlan20 | Port-based No No 30 vlan30 | Port-based No No 40 vlan40 | Port-based No NoPort 10 as an access port is untagged and belongs to VLAN 20 only Procurve-1(config)# show vlan port 10 Status and Counters - vlan Information - for ports 10 802.1Q vlan ID Name | Status Voice Jumbo -------------- ------------ + ---------- ----- ----- 20 vlan20 | Port-based No NoChecking IP interfaces Procurve-1(config)# sh ip Internet (IP) Service IP Routing : Disabled Default-gateway : 10.1.1.1 Default TTL : 64 Arp Age : 20 vlan | IP Config IP Address Subnet Mask Proxy ARP ----------- + ---------- ------------- --------------- --------- DEFAULT_vlan| Manual 10.1.1.1 255.255.255.0 No TEST10 | Manual 10.1.10.1 255.255.255.0 No vlan20 | Manual 10.1.20.1 255.255.255.0 No vlan30 | Manual 10.1.30.1 255.255.255.0 No vlan40 | Manual 10.1.40.1 255.255.255.0 NoAdditional info about VLANsThe “Native” VLANThe concept of native VLAN on Cisco defines the “untagged” VLAN on a“tagged” link. It is VLAN 1 by default. It can be changed with the followingcommands: interface FastEthernet1/0/1 switchport trunk native vlan 99
  • 15. Which native VLAN is defined on a port can be checked with: Show interface Fa1/0/1 switchportOn HP ProCurve, when a port is tagged for any number of VLANs, it remainsuntagged in VLAN 1 by default. To make VLAN 99 the untagged (native)VLAN of a tagged port, enter the following commands: vlan 99 Untagged 45Then check that Port 45 is untagged in VLAN 99 with: Show vlan 99Usually the Native VLAN is used to manage switches.Tip : What is the benefit of configuring the Native Vlan with an IPaddress?A switch, with its default configuration, have all ports untagged. If connectedto a tagged port, this switch will still be able to send and receive framesthrough the “untagged’ (native) VLAN. It will then be able to receive an IPaddress automatically via DHCP. This IP address can be discovered by LLDP(show lldp info remote) or found at the DHCP server. The switch can then bemanaged and configured remotely via Telnet.Configuring a “management” VLAN other than VLAN 1It is very common to use VLAN 1 as the management VLAN. But any createdVLAN can be used to manage switches. As explained in the previousparagraph, it is common to use the Native/Untagged VLAN to be themanagement VLAN. Again this is not mandatory and one can choose theVLAN to be carried as tagged on uplinks. Choosing a VLAN other than VLAN1 for management, we make a clear distinction between Default VLAN andManagement VLAN.In the following example, VLAN 99 is used as the management VLAN anddefined as untagged on 802.1q uplinks.ProCurve configuration of a management VLAN vlan 99 Untagged 45 Ip address 10.1.99.1/24 exit Ip default-gateway 10.1.99.1 vlan 10 Tagged 45 exit vlan 20 Tagged 45 exit
  • 16. vlan 30 Tagged 45 exit vlan 40 Tagged 45 ExitChecking VLAN Procurve-1# show vlan 99 Status and Counters - vlan Information - Ports - vlan 99 802.1Q vlan ID : 99 Name : vlan99 Status : Port-based Voice : No Jumbo : No Port Information Mode Unknown vlan Status ---------------- -------- ------------ ---------- 45 Untagged Learn Up Procurve-1# show vlan port 45 Status and Counters - vlan Information - for ports 45 802.1Q vlan ID Name | Status Voice Jumbo -------------- ------------ + ---------- ----- ----- 10 TEST10 | Port-based No No 20 vlan20 | Port-based No No 30 vlan30 | Port-based No No 40 vlan40 | Port-based No No 99 vlan99 | Port-based No NoConfiguration of a management VLAN on Cisco interface FastEthernet1/0/1 switchport trunk encapsulation dot1q switchport trunk native vlan 99 switchport trunk allowed vlan 1,10,20,30,40,99 switchport mode trunk int vlan 99 ip address 10.199.2 255.255.255.0 no shutdownChecking VLAN Cisco-1#sh vlan 99 vlan Name Status Ports ---- -------------------------------- --------- ------------------------- 99 vlan0099 activeChecking Cisco trunk port status
  • 17. Cisco-1#sh int fa 1/0/1 switchport Name: Fa1/0/1 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: On Access Mode vlan: 1 (default) Trunking Native Mode vlan: 99 (vlan0099) Administrative Native vlan tagging: enabled Voice vlan: none … (skip) Trunking vlans Enabled: 1,10,20,30,40,99 Pruning vlans Enabled: 2-1001 … (skip)Checking connectivity Cisco-1#ping 10.1.99.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.99.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/9 msNote that HP ProCurve also defines a security concept called “ManagementVLAN”. When enabled, it becomes the only VLAN through which the switchcan be configured. It is disabled by default. (see Advanced Traffic ManagementGuide, Jan ’05. @ http://www.hp.com/rnd/support/manuals/5300xl.htm ) to configure.Changing the maximum number of VLANs on ProCurveOn ProCurve, the maximum number of VLANs can be increased by entering: Conf Max-vlans 48 Write memory reloadConfiguration of ports for IP PhonesTo support both an IP Phone and a PC, a port is configured with one taggedVLAN (for example 200) to carry voice and one untagged VLAN (for example10) to transport the dataOn ProCurve: vlan 10 name DATA10 Untagged B1-B12 vlan 200 name IPVOICE Tagged B1-B12
  • 18. On Cisco: Interface range fa1/0/1 - 12 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,200 switchport mode trunk switchport trunk native vlan 10 switchport nonegotiateVTP – GVRPCisco supports the proprietary protocol VTP (VLAN Trunking Protocol) thatallows propagation of created, deleted or modified VLANs through multipleCisco switches. ProCurve switches do not support it.On the other hand, HP supports the IEEE GVRP standard (GARP VLANRegistration Protocol) which combines automatic creation of VLANs andautomatic tagging of uplinks. GVRP is supported on some Cisco switchesrunning the CatOS software and interacts properly with ProCurve switches.But it’s that GVRP support as been removed in the IOS for Catalyst switchesCisco Extended Range of VLANsPreviously to 802.1q mode, Cisco “trunk” ports supported the proprietary ISLmode to carry multiple VLANs on a port. The VLAN-id in ISL is based on 10Bits and then supports VLANs ranging from 1 to 1023.With 802.1q support, VLAN Id is on 12 bits and Cisco has defined an“extended range” to support VLANs from 1024 to 4095.To create a VLAN in the “extended range”, vtp must be defined in“transparent mode” with the following global config mode command: Vtp mode transparent
  • 19. Link aggregation21- Introduction22- Static Link Aggregation23- LACP Link Aggregation HP Active and Cisco passive Cisco Active and HP passive HP static LACP and Cisco passiveIntroductionGlossaryCisco HP ProCurve What is it?Channel-group Trunk Description of an aggregated linkPort-channel Trunk port The logical port representing an aggregated linkInt channel 1 Int trk1 To enter the configuration mode of an aggregated link interfaceFEC is the “Fast EtherChannel” concept. It implements the “Port AggregationProtocol” (PAgP) that allows two equipments to negotiate a link aggregation.FEC is supported on most of the Cisco switches and routers. It used to besupported in the oldest version of firmware of ProCurve.Note: In the most recent versions of Firmware, support for FEC hasbeen removed.LACP is the “Link Aggregation Control Protocol” defined by the 802.3adstandard. Similarly to FEC, it provides a way for both parts to negotiate aport aggregation. With LACP, one or more additional links can operate as« standby » links that will activate only if another active link goes downStatic and Dynamic trunks/channelsA “Static” trunks becomes an active trunk unconditionally and independentlyof the configuration of the other side. A static trunk does not need anyprotocol to be created.“Dynamic” trunks will be created if both sides agree to it. To do so, theyexchange messages, either PAgP or LACP, to negotiate their status. One sideis said “active” (LACP) or “desirable” (PAgP), meaning that it initiates the
  • 20. negotiation. The other side is said ”passive” (LACP) or “auto” (PAgP) andforms a link aggregation automatically.Static and DynamicOn most HP ProCurve devices1, static trunks can also be defined as LACP. Inthat case, they become active unconditionally AND generate LACP frames toallow the remote side to form a trunk automatically.When to use a static or a dynamic trunk/channel?Static trunks “always” work and can be used to create link aggregation withswitches of many brands and with servers equipped with the right NIC anddriver. Because of its simplicity, it is the preferred method.When one manages a large number of trunks and doesn’t know in advancewhat will be connected to the ports of a switch, dynamic trunks can reducethe configuration burden.If the remote side supports LACP in passive mode (default on Cisco and HP),one side only has to be configured in “active” mode for the trunk to beformed automatically.What works together?When connecting a Cisco and a HP ProCurve switch, some options worktogether and some don’t. This table summarizes what options can becombined with each other to create a trunk on both sides.HP / Cisco mode On (no FEC FEC LACP LACP protocol) Desirable Auto Active PassiveStatic (no protocol) Y N N N NStatic FEC(*) Y Y Y N NStatic LACP Y N N Y YLACP Active N N N Y YLACP Passive N N N Y NLegend N=No, one side at least will not create a trunk; Y=yes trunk iscreated on both sides, Y= yes and preferred setup.(*): requires older version of firmware of ProCurve switchesPorts in the link aggregation groupPorts in the channel or trunk group must share same characteristics: speed,duplex, vlan assignment. The media type, such as 1000BT or 1000SX, canbe mixed on HP ProCurve. The same holds true for Cisco.1 Refer to ProCurve switch owner’s manual to determine if FEC is supported on a particular model.
  • 21. “Logical” port defined by the Link aggregationOn Cisco it is named “port-channel” and is configured as the “Interface Port-channel x”.On HP ProCurve it is name “trunk port” and is configured as the “interfaceTrk#” for a static trunk or “interface Dyn#” for a dynamic trunk.On HP ProCurve, when a trunk is formed, it is assigned to the default-vlan.A Static Trunk/ChannelSample Topology Cisco Channel Fa1/0/1 - 4 Trunk 45 - 48 ProcurveIn this example, trunk/channel group is configured as a L2 port assigned toVlan 10.Static Trunk on HP ProCurveConfiguration conf trunk 45-48 Trk1 TrunkTrk1 is a “logical” port and can be assigned to a Vlan as any other physicalport. An IP address is assigned to Vlan 10 to test connectivity vlan 10 untagged Trk1 ip address 10.1.10.1 255.255.255.0 exit
  • 22. Checking trunk statusTo verify what ports are members of a trunk: ProCurve# show trunk Load Balancing Port | Name Type | Group Type ---- + -------------------------------- --------- + ----- ----- 45 | 100/1000T | Trk1 Trunk 46 | 100/1000T | Trk1 Trunk 47 | 100/1000T | Trk1 Trunk 48 | 100/1000T | Trk1 TrunkWhat vlans does trunk Trk1 belongs to? ProCurve# show vlan port trk1 Status and Counters - VLAN Information - for ports Trk1 802.1Q VLAN ID Name | Status Voice Jumbo -------------- ------------ + ---------- ----- ----- 10 VLAN10 | Port-based No No To check connectivity with neighbor: ProCurve# ping 10.1.1.2 10.1.1.2 is alive, time = 1 msStatic port-channel on CiscoConfiguration conf t interface range FastEthernet1/0/1 – 4Interfaces are configured as L2 interface in Vlan 10 switchport mode access switchport access vlan 10Interfaces are put in the same channel group. “On” mode means static. channel-group 1 mode ? active Enable LACP unconditionally auto Enable PAgP only if a PAgP device is detected desirable Enable PAgP unconditionally on Enable Etherchannel only passive Enable LACP only if a LACP device is detected channel-group 1 mode onAn IP address is assigned to Vlan 10 to test connectivity. interface Vlan 10 ip address 10.1.10.2 255.255.255.0 no shutdown end
  • 23. Checking Channel status Cisco1#show etherchannel 1 summary Flags: D - down P - in port-channel I - stand-alone s - suspended H - Hot-standby (LACP only) R - Layer3 S - Layer2 U - in use f - failed to allocate aggregator u - unsuitable for bundling w - waiting to be aggregated d - default port Number of channel-groups in use: 1 Number of aggregators: 1 Group Port-channel Protocol Ports ------+-------------+-----------+-------------------------------------- 1 Po1(RU) PAgP Fa1/0/1(P) Fa1/0/2(P) Fa1/0/3(P) Fa1/0/4(P) Cisco#show int etherchannel 1 detail ---- FastEthernet1/0/1: Port state = Up Mstr In-Bndl Channel group = 1 Mode = On/FEC Gcchange = - Port-channel = Po1 GC = - Pseudo port-channel = Po1 Port index = 0 Load = 0x00 Protocol = - Age of the port in the current state: 00d:00h:02m:11s … (skip)Info is repeated for all ports that are members of the channel
  • 24. LACP Trunk/ChannelWith LACP, one side must be “active” (send LACP frames) and the other“passive”.Dynamic channel/trunk: Cisco active – HP passiveCisco LACP Active configurationCisco switch is defined as the “active” side conf t int range fa1/0/1 - 4 channel-group 1 mode active exitCheck channel status Cisco#sh int etherchannel ---- FastEthernet1/0/1: Port state = Up Mstr In-Bndl Channel group = 1 Mode = Active Gcchange = - Port-channel = Po1 GC = - Pseudo port-channel = Po1 Port index = 0 Load = 0x00 Protocol = LACP Flags: S - Device is sending Slow LACPDUs F - Device is sending fast LACPDUs. A - Device is in active mode. P - Device is in passive mode. Local information: LACP port Admin Oper Port Port Port Flags State Priority Key Key Number State Fa1/0/1 SA bndl 32768 0x1 0x1 0x3 0x3D Partners information: LACP port Oper Port Port Port Flags Priority Dev ID Age Key Number State Fa1/0/1 SP 0 0011.0a50.0d80 8s 0x0 0x2D 0x3C Age of the port in the current state: 00d:00h:00m:06s (skip info..) Port-channel1:Port-channel1 (Primary aggregator) Age of the Port-channel = 00d:00h:06m:15s Logical slot/port = 10/1 Number of ports = 4 HotStandBy port = null Port state = Port-channel Ag-Inuse Protocol = LACP Ports in the Port-channel: Index Load Port EC state No of bits ------+------+------+------------------+----------- 0 00 Fa1/0/1 Active 0 0 00 Fa1/0/2 Active 0 0 00 Fa1/0/3 Active 0 0 00 Fa1/0/4 Active 0
  • 25. Time since last port bundled: 00d:00h:00m:09s Fa1/0/4 Time since last port Un-bundled: 00d:00h:02m:54s Fa1/0/4Test connectivity Cisco#ping 10.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds: ..!!! Success rate is 60 percent (3/5), round-trip min/avg/max = 1/1/1 msConfiguration of HP ProCurve LACP Trunk (“passive”)By default on ProCurve, ports are defined as LACP Passive. So noconfiguration is needed.Check trunk formation: ProCurve# show trunk Load Balancing Port | Name Type | Group Type ---- + -------------------------------- --------- + ----- ----- 45 | 100/1000T | Dyn1 LACP 46 | 100/1000T | Dyn1 LACP 47 | 100/1000T | Dyn1 LACP 48 | 100/1000T | Dyn1 LACPNote: the trunk group defined on ProCurve is a Dynamic trunk “Dyn1” andbelongs to Vlan1.It cannot be assigned to any other vlans except via GVRP.To allocate trunk port to Vlans, one should prefer the “static” trunk, with orwithout LACP or FEC protocols.Dynamic LACP trunk/channel: HP Active - Cisco PassiveCisco switch is defined in LACP Passive mode Conf t interface range FastEthernet1/0/1 - 4 switchport mode access channel-group 1 mode passive exitHP ProCurve is the LACP Active side hostname "ProCurve" interface 45-48 lacp Active exitThe trunk group defined on ProCurve is a Dynamic trunk “Dyn1” and belongsto Vlan1.
  • 26. It cannot be assigned to any other vlans except via GVRP.To allocate trunk port to Vlans, one should prefer the “static” trunk, with orwithout LACP or FEC protocols.Static LACP trunkOn a HP ProCurve switch, a trunk can be defined as static LACP. Trunk willform itself unconditionally and LACP frames will be sent. The remote side willform automatically if in LACP passive mode.Sample topology Cisco-2 Channel Fa1/0/1 -6 Int Po 1 = 10.1.10.2/24 Trunk A1 - A6 Vlan 10 = 10.1.10.1/24 Procurve-2In the following example, the trunk is defined with 6 Ports and as a Layer 3trunk.HP Static LACP trunk configuration The following defines a trunk as static LACP. The trunk group “trk1” is then assigned to Vlan 10 in which an IP address is defined. Conf t trunk a1-a6 trk1 lacp vlan 10 untagged trk1 ip address 10.1.10.1/24 exit ProCurve1# show trunk Load Balancing Port | Name Type | Group Type ---- + -------------------------------- --------- + ----- ----- A1 | 100/1000T | Trk1 LACP
  • 27. A2 | 100/1000T | Trk1 LACP A3 | 100/1000T | Trk1 LACP A4 | 100/1000T | Trk1 LACP A5 | 100/1000T | Trk1 LACP A6 | 100/1000T | Trk1 LACP ProCurve1# show lacp LACP PORT LACP TRUNK PORT LACP LACP NUMB ENABLED GROUP STATUS PARTNER STATUS ---- ------- ------ ------ ------- ------- A1 Active Trk1 Up Yes Success A2 Active Trk1 Up Yes Success A3 Active Trk1 Up Yes Success A4 Active Trk1 Up Yes Success A5 Active Trk1 Up Yes Success A6 Active Trk1 Up Yes Success ProCurve1# ping 10.1.10.2 10.1.10.2 is alive, time = 1 msConfiguration of Cisco LACP passive channelThe “no switchport” command is required to define a channel as L3 channel.Ports are defines in LACP passive mode conf t interface range FastEthernet1/0/1 - 6 no switchport channel-group 1 mode passive exitIP address is defined on the Port-Channel interface. interface Port-channel1 no switchport ip address 10.1.10.2 255.255.255.0 endCheck channel status Cisco1#sh etherchannel 1 summary Flags: D - down P - in port-channel I - stand-alone s - suspended H - Hot-standby (LACP only) R - Layer3 S - Layer2 U - in use f - failed to allocate aggregator u - unsuitable for bundling w - waiting to be aggregated d - default port Number of channel-groups in use: 1 Number of aggregators: 1 Group Port-channel Protocol Ports ------+-------------+-----------+--------------------------------- 1 Po1(RU) LACP Fa1/0/1(P) Fa1/0/2(P) Fa1/0/3(P) Fa1/0/4(P) Fa1/0/5(P) Fa1/0/6(P)
  • 28. Detailed display shows that a channel is created, LACP is the protocol in use,info about “Local switch” and “partner”. Cisco1#sh etherchannel 1 detail Group state = L3 Ports: 6 Maxports = 16 Port-channels: 1 Max Port-channels = 16 Protocol: LACP Ports in the group: ------------------- Port: Fa1/0/1 ------------ Port state = Up Mstr In-Bndl Channel group = 1 Mode = Passive Gcchange = - Port-channel = Po1 GC = - Pseudo port-channel = Po1 Port index = 0 Load = 0x00 Protocol = LACP Flags: S - Device is sending Slow LACPDUs F - Device is sending fast LACPDUs. A - Device is in active mode. P - Device is in passive mode. Local information: LACP port Admin Oper Port Port Port Flags State Priority Key Key Number State Fa1/0/1 SP bndl 32768 0x1 0x1 0x3FB 0x3C Partners information: LACP port Oper Port Port Port Flags Priority Dev ID Age Key Number State Fa1/0/1 SA 0 000e.7f06.0100 12s 0xD2 0x1 0x3D (skip info…) Port-channels in the group: --------------------------- Port-channel: Po1 (Primary Aggregator) ------------ Age of the Port-channel = 00d:07h:30m:17s Logical slot/port = 10/1 Number of ports = 6 HotStandBy port = null Passive port list = Fa1/0/1 Fa1/0/2 Fa1/0/3 Fa1/0/4 Fa1/0/5 Fa1/0/6 Port state = Port-channel L3-Ag Ag-Inuse Protocol = LACP Ports in the Port-channel: Index Load Port EC state No of bits ------+------+------+------------------+----------- 0 00 Fa1/0/1 Passive 0 0 00 Fa1/0/2 Passive 0 0 00 Fa1/0/3 Passive 0 0 00 Fa1/0/4 Passive 0 0 00 Fa1/0/5 Passive 0 0 00 Fa1/0/6 Passive 0 Time since last port bundled: 00d:00h:01m:12s Fa1/0/6 Time since last port Un-bundled: 00d:00h:01m:55s Fa1/0/6
  • 29. Spanning-Tree31- Introduction32- MSTP33- PVST and RSTP 321- Cisco as Core, ProCurve as Edge 322- ProCurve as Core, Cisco as EdgeIntroductionGlossarySTP is Spanning-Tree ProtocolThe IEEE standard implementation of STP is 802.1D.RSTP is Rapid Spanning-Tree Protocol defined by the 802.1w IEEE standard.MSTP is Multiple Spanning-Tree Protocol defined by the 802.1s IEEEstandard.PVST is Per VLAN Spanning-tree proprietary implementation of STP on CiscoequipmentPVST+ is the implementation of PVST on 802.1q links.Spanning-Tree on HP ProCurve Switches802.1D and 802.1w (RSTP)All HP ProCurve switches implement both of these STP standards.On HP ProCurve, Spanning-Tree has to be activated, the default mode is thenRapid STP.MSTP 802.1sIt is supported on most manageable switches except 2500 and 4100 switchesPlease refer to switch documentation.Spanning-Tree on Cisco SwitchesPVST+By default, Cisco switches run PVST+. PVST is the implementation of STP onISL links (Cisco proprietary multi-VLAN encapsulation) while PVST+ runs on802.1q links .In PVST+, there is one instance of STP per VLAN and BPDUs use aproprietary Multicast Mac Address. They are not “understood” by HPProCurve switches (except by ProCurve 9300M and 9400M) and are thenflooded as a regular multicast. So, regarding PVST+ BPDUs, HP ProCurveswitches appear as a hub.However, Native VLAN (untagged VLAN of a tagged link equal to VLAN 1 bedefault) is an exception. In Native VLAN, the Cisco switches send standardSTP BPDUs, which are “understood” by HP ProCurve switches. This is howboth platform interact.
  • 30. Cisco has also introduced Rapid PVST+, a PVST+ implementation thatintegrates Rapid STP principles.Prestandard MSTPMSTP should not be confused with the prestandard version of MSTP.MSTP (802.1s)You must run the latest versions of IOS to get support of MSTP (check onCisco web site).CautionSupport for the IEEE 802.1s standard has been introduced around September2005 by Cisco in the IOS. One should refer to Cisco web site for IOS supportof compliant MSTP (*). Caution should be taken on not confusing theprestandard MST and the compliant IEEE 802.1s MST. If configuration ofboth modes looks exactly the same, the prestandard does NOTinteroperate with the MSTP on ProCurve as this one complies with IEEE802.1s standard.(*) Versions of IOS implementing the Compliant IEEE 802.1s starts with:12.2(18) for Catalyst 6500, 12.2(25)SG for Catalyst 4500 and 12.2(25)SECon Catalyst 35xx, 37xx, and 2970.What Spanning-Tree mode should you choose between Cisco andProCurve Switches?MSTP is obviously the ideal choice because it is standard based andsupported by both vendors, it converges quickly and allows load-balancing oftraffic on uplinks with appropriate configuration.If not all your devices support MSTP yet, a progressive migration to MSTPcan be put in place as it interoperates with Standard, Rapid Spanning Treemodes and with PVST via the Native Vlan.Note that all STP modes interoperate via the standard spanning-tree modealso named the Common Spanning-Tree (CST). So whatever is your choice,you should always carefully define the root and secondary root of theCST. On Cisco look after priority of STP in the Native Vlan (vlan 1 bydefault), on ProCurve look after the “global” priority of STP.
  • 31. MSTP Configuration e1 e2 Gi1/1 Procurve-Edge-1 Gi1/1 Gi1/3 Gi1/3 Gi1/2 Gi1/2 Cisco-Core-2 Cisco-Core-1 e1 e2 Procurve-Edge-2The parameters for the MSTP domain has been defined as followed: Configuration Name = procurve-cisco (case sensitive) Configuration Number = 1 Instance 1 = vlans 1, 10, 20 Instance 2 = vlans 30, 40Configuration of Cisco-Core-1 hostname Core-Cisco-1Following defines MST mode (802.1s) spanning-tree mode mst spanning-tree extend system-idAll parameters of the MSTP configuration must match on all switches of theMSTP domain. spanning-tree mst configuration name procurve-cisco revision 1 instance 1 vlan 1, 10, 20 instance 2 vlan 30, 40For load balancing of traffic among links, Cisco-core-1 is defined as Root ofinstance 0 and 1 (priority 0) and secondary root of instance 2 (priority 4096) spanning-tree mst 0-1 priority 0 spanning-tree mst 2 priority 4096VLAN Creation
  • 32. VLAN 1 exists by default vlan 10,20,30,40Uplinks are defined as 802.1q links. They are named “trunks” in Ciscoterminology and “tagged links” in ProCurve terminology. The “nonegogiate”feature means that we do no use the Dynamic Trunk Protocol to negotiatethe status of the uplink. interface range GigabitEthernet0/1 - 3 switchport trunk encapsulation dot1q switchport mode trunk switchport nonegotiateAccess ports (Cisco Terminology) or Edge ports (ProCurve terminology) aredefined as untagged members of a Vlan. The portfast mode defines them asEdge port in Spanning tree terminology. Interface range GigabitEthernet0/4 -10 switchport access vlan 10 switchport mode access spanning-tree portfast ! interface range GigabitEthernet0/11 - 24 switchport access vlan 20 switchport mode access spanning-tree portfastIP configuration. ip routingThe Virtual IP used as Default Gateway for the various VLANs are set usingHSRP (Hot Standby Router Protocol), the Cisco proprietary protocol.As Cisco-Core-1 is the Root of MST instance 1, we also set it as Master of theVirtual IP of Vlans 1, 10 & 20. And as it is secondary root for MST instance 2,we define it as the Backup of Virtual IP in Vlans 30 & 40. interface Vlan1 ip address 10.1.1.1 255.255.255.0 standby 1 ip 10.1.1.254 standby 1 timers 1 3 standby 1 priority 255 standby 1 preempt ! interface Vlan10 ip address 10.1.10.1 255.255.255.0 standby 10 ip 10.1.10.254 standby 10 timers 1 3 standby 10 priority 255 standby 10 preempt ! interface Vlan20 ip address 10.1.20.1 255.255.255.0 standby 20 ip 10.1.20.254 standby 20 timers 1 3 standby 20 priority 255 standby 20 preempt ! interface Vlan30 ip address 10.1.30.1 255.255.255.0 standby 30 ip 10.1.30.254 standby 30 timers 1 3 ! interface Vlan40
  • 33. ip address 10.1.40.1 255.255.255.0 standby 40 ip 10.1.40.254 standby 40 timers 1 3 ! endCore-cisco-2 configuration hostname Core-Cisco-2 !Global Configuration is similar to the configuration of Cisco-Core-1 spanning-tree mode mst spanning-tree extend system-id spanning-tree mst configuration name procurve-cisco revision 1 instance 1 vlan 1, 10, 20 instance 2 vlan 30, 40For load balancing of traffic among uplinks, Cisco-core-2 is defined as Root ofinstance 2 (priority 0) and secondary root of instance 0 and 1 (priority 4096) spanning-tree mst 0-1 priority 4096 spanning-tree mst 2 priority 0 ! vlan 10,20,30,40 !For load balancing of traffic among uplinks, Cisco-core-2 is defined as Root ofinstance 2 and secondary root of instances 0 and 1. interface range GigabitEthernet0/1 - 3 switchport trunk encapsulation dot1q switchport mode trunk switchport nonegotiate ! ! ip routingBecause Cisco-Core-2 is set as the secondary Root of MST instance 1, wedefine it as HSRP backup of the Virtual IP of VLANs 1, 10 & 20.And because it is root of MST instance 2, we set it as the Master of Virtual IPin VLANs 30 & 40. interface Vlan1 ip address 10.1.1.2 255.255.255.0 standby 1 ip 10.1.1.254 standby 1 timers 1 3 ! interface Vlan10 ip address 10.1.10.2 255.255.255.0 standby 10 ip 10.1.10.254 standby 10 timers 1 3 ! interface Vlan20 ip address 10.1.20.2 255.255.255.0 standby 20 ip 10.1.20.254 standby 20 timers 1 3 ! interface Vlan30 ip address 10.1.30.2 255.255.255.0 standby 30 ip 10.1.30.254 standby 30 timers 1 3 standby 30 priority 255
  • 34. standby 30 preempt ! interface Vlan40 ip address 10.1.40.2 255.255.255.0 standby 40 ip 10.1.40.254 standby 40 timers 1 3 standby 40 priority 255 standby 40 preempt endProCurve-Edge-1 ConfigurationProCurve-Edge-1 is a 3500yl. hostname "ProCurve-Edge-1"VLAN configurationUplinks ports are 1 and 2 vlan 1 name "DEFAULT_VLAN" untagged 1-24 ip address 10.1.1.3 255.255.255.0 exit vlan 10 name "VLAN10" untagged 11-15 tagged 1-2 no ip address exit vlan 20 name "VLAN20" untagged 16-20 tagged 1-2 no ip address exit vlan 30 name "VLAN30" untagged 21-25 tagged 1-2 no ip address exit vlan 40 name "VLAN40" untagged 25-30 tagged 1-2 no ip address exitLet’s enable Spanning-tree. It default on MSTP on the latest ProCurveswitches: 3500yl, 5400zl and 4200vl spanning-treeDefault port configuration in MSTP is non Edge and Point-to-Point. We defineEdge ports as “Edge”. spanning-tree 11-30 edge-portMSTP Configuration: Name, Revision and instances match the one of otherswitches in MSTP domain spanning-tree config-name "procurve-cisco" spanning-tree config-revision 1
  • 35. spanning-tree instance 1 vlan 1 10 20 spanning-tree instance 2 vlan 30 40ProCurve-Edge-2 ConfigurationConfiguration is similar to the configuration of ProCurve-Edge-1.In our example ProCurve-Edge-2 is a 3400. Spanning-tree mode defaults toRSTP. And we have to turn it on MSTP mode that requires a reboot. hostname "ProCurve-Edge-2" max-vlans 16 vlan 1 name "DEFAULT_VLAN" untagged 1-9,18-24 ip address 10.1.1.4 255.255.255.0 no untagged 10-17 exit vlan 10 name "VLAN10" untagged 10-11 tagged 1-2 exit vlan 20 name "VLAN20" untagged 12-13 no ip address tagged 1-2 exit vlan 30 name "VLAN30" untagged 14-15 no ip address tagged 1-2 exit vlan 40 name "VLAN40" untagged 16-17 no ip address tagged 1-2 exit spanning-tree spanning-tree protocol-version MSTP spanning-tree 10-17 edge-port spanning-tree config-name "procurve-cisco" spanning-tree config-revision 1 spanning-tree instance 1 vlan 1 10 20 spanning-tree instance 2 vlan 30 40Checking configuration of MSTPIn the following displays: note that theMac Address of Cisco Core-1 is 0010.0db1.7100 or 00100d-b17100Mac Address of Cisco Core-2 is 0010.0db3.1200 or 00100d-b31200
  • 36. On Cisco-Core-1The following command displays the parameters of MSTP configuration.Note that Cisco shows all the non assigned VLANs in Instance 0 (=ISTInstance) where ProCurve shows the non assigned AND created Vlans only. Core-Cisco-1#show spanning-tree mst configuration Name [procurve-cisco] Revision 1 Instances configured 3 Instance Vlans mapped -------- -------------------------------------------------------0 2-9,11-19,21-29,31-39,41-4094 1 1,10,20 2 30,40 -----------------------------------------------------------------Status of MSTP spanning tree in each instance. Cisco-Core-1(0010.0db1.7100 ) is root in instances 0 and 1. Cisco-Core-2(0010.0db1.7100) is root in instance 2. Core-Cisco-1#show spanning-tree mst ##### MST0 vlans mapped: 2-9,11-19,21-29,31-39,41-4094 Bridge address 0010.0db1.7100 priority 0 (0 sysid 0) Root this switch for the CIST Operational hello time 2 , forward delay 15, max age 20, txholdcount 6 Configured hello time 2 , forward delay 15, max age 20, max hops 20 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------- Gi1/1 Desg FWD 20000 128.1 P2p Gi1/2 Desg FWD 20000 128.2 P2p Gi1/3 Desg FWD 20000 128.3 P2p Gi1/45 Desg FWD 20000 128.45 Edge P2p ##### MST1 vlans mapped: 1,10,20 Bridge address 0010.0db1.7100 priority 1 (0 sysid 1) Root this switch for MST1 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------- Gi1/1 Desg FWD 20000 128.1 P2p Gi1/2 Desg FWD 20000 128.2 P2p Gi1/3 Desg FWD 20000 128.3 P2p Gi1/45 Desg FWD 20000 128.45 Edge P2p ##### MST2 vlans mapped: 30,40 Bridge address 0010.0db1.7100 priority 4098 (4096 sysid 2) Root address 0010.0db3.1200 priority 2 (0 sysid 2) port Gi1/3 cost 20000 rem hops19 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------- Gi1/1 Desg FWD 20000 128.1 P2p Gi1/2 Desg FWD 20000 128.2 P2p Gi1/3 Root FWD 20000 128.3 P2pOn Cisco-Core-2Parameters of MSTP configuration. Core-Cisco-2#show spanning-tree mst configuration Name [procurve-cisco] Revision 1 Instances configured 3
  • 37. Instance Vlans mapped -------- ------------------------------------------------------- 0 2-9,11-19,21-29,31-39,41-4094 1 1,10,20 2 30,40 -----------------------------------------------------------------Status of MSTP spanning tree in each instance.Cisco-Core-1 (0010.0db1.7100 ) is root in instances 0 and 1.Cisco-Core-2 (0010.0db3.1200) is root in instance 2. Core-Cisco-2#show spanning-tree mst ##### MST0 vlans mapped: 2-9,11-19,21-29,31-39,41-4094 Bridge address 0010.0db3.1200 priority 4096 (4096 sysid 0) Root address 0010.0db1.7100 priority 0 (0 sysid 0) port Gi1/3 path cost 0 Regional Root address 0010.0db1.7100 priority 0 (0 sysid 0) internal cost 20000 rem hops 19 Operational hello time 2 , forward delay 15, max age 20, txholdcount 6 Configured hello time 2 , forward delay 15, max age 20, max hops 20 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------- Gi1/1 Desg FWD 20000 128.1 P2p Gi1/2 Desg FWD 20000 128.2 P2p Gi1/3 Root FWD 20000 128.3 P2p ##### MST1 vlans mapped: 1,10,20 Bridge address 0010.0db3.1200 priority 4097 (4096 sysid 1) Root address 0010.0db1.7100 priority 1 (0 sysid 1) port Gi1/3 cost 20000 rem hops 19 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------- Gi1/1 Desg FWD 20000 128.1 P2p Gi1/2 Desg FWD 20000 128.2 P2p Gi1/3 Root FWD 20000 128.3 P2p ##### MST2 vlans mapped: 30,40 Bridge address 0010.0db3.1200 priority 2 (0 sysid 2) Root this switch for MST2 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------- Gi1/1 Desg FWD 20000 128.1 P2p Gi1/2 Desg FWD 20000 128.2 P2p Gi1/3 Desg FWD 20000 128.3 P2pOn ProCurve-Edge-1Parameters of MSTP configuration.Note that display shows IST instance without any Vlans. In fact the vlans,including those not yet created, that are not associated with an existinginstance are mapped to the IST instance. ProCurve-Edge-1# show spanning-tree mst-config MST Configuration Identifier Information MST Configuration Name : procurve-cisco MST Configuration Revision : 1
  • 38. MST Configuration Digest : 0x2DC307C6A31621DC6311050884E69C4E IST Mapped VLANs : Instance ID Mapped VLANs ----------- --------------------------------------------------- 1 1,10,20 2 30,40The following display shows ports configuration.Note that uplinks are set as Non edge and others are set as Edge. ProCurve-Edge-1# show spanning-tree 1-5 config Multiple Spanning Tree (MST) Configuration Information STP Enabled [No] : Yes Force Version [MSTP-operation] : MSTP-operation Default Path Costs [802.1t] : 802.1t MST Configuration Name : procurve-cisco MST Configuration Revision : 1 Switch Priority : 32768 Forward Delay [15] : 15 Hello Time [2] : 2 Max Age [20] : 20 Max Hops [20] : 20 | Prio BPDU Port Type | Cost rity Edge Pnt-to-Pnt MCheck Hello Time Filter ---- --------- + --------- ----- ---- ----------- ------ ------ 1 100/1000T | Auto 128 No Force-True Yes Use Global No 2 100/1000T | Auto 128 No Force-True Yes Use Global No 3 100/1000T | Auto 128 No Force-True Yes Use Global No 4 100/1000T | Auto 128 Yes Force-True Yes Use Global No 5 100/1000T | Auto 128 Yes Force-True Yes Use Global NoStatus in IST Instance: Root port is 1 and alternate (blocked) is 2 ProCurve-Edge-1# show spanning-tree 1-2 instance ist IST Instance Information Instance ID : 0 Mapped VLANs : Switch Priority : 32768 Topology Change Count : 4 Time Since Last Change : 11 mins Regional Root MAC Address : 00100d-b17100 Regional Root Priority : 0 Regional Root Path Cost : 20000 Regional Root Port : 1 Remaining Hops : 19 Designated Port Type Cost Priority Role State Bridge ---- --------- --------- -------- ---------- ---------- ------------- 1 100/1000T 20000 128 Root Forwarding 00100d-b17100 2 100/1000T 20000 128 Alternate Blocking 00100d-b31200Status in Instance 1: Root port is 1 and alternate (blocked) is 2 ProCurve-Edge-1# show spanning-tree 1-2 instance 1 MST Instance Information Instance ID : 1 Mapped VLANs : 1,10,20
  • 39. Switch Priority : 32768 Topology Change Count : 2 Time Since Last Change : 13 mins Regional Root MAC Address : 00100d-b17100 Regional Root Priority : 0 Regional Root Path Cost : 20000 Regional Root Port : 1 Remaining Hops : 19 Designated Port Type Cost Priority Role State Bridge ---- --------- --------- -------- ---------- ---------- ------------- 1 100/1000T 20000 128 Root Forwarding 00100d-b17100 2 100/1000T 20000 128 Alternate Blocking 00100d-b31200Status in Instance 2: Root port is 2 and alternate (blocked) is 1 ProCurve-Edge-1# show spanning-tree 1-2 instance 2 MST Instance Information Instance ID : 2 Mapped VLANs : 30,40 Switch Priority : 32768 Topology Change Count : 4 Time Since Last Change : 13 mins Regional Root MAC Address : 00100d-b31200 Regional Root Priority : 0 Regional Root Path Cost : 20000 Regional Root Port : 2 Remaining Hops : 19 Designated Port Type Cost Priority Role State Bridge ---- --------- --------- -------- ---------- ---------- ------------- 1 100/1000T 20000 128 Alternate Blocking 00100d-b17100 2 100/1000T 20000 128 Root Forwarding 00100d-b31200 ProCurve-Edge-1# show spanning-tree 1-2 Multiple Spanning Tree (MST) Information STP Enabled : Yes Force Version : MSTP-operation IST Mapped VLANs : Filtered Ports : Switch MAC Address : 001635-b487c0 Switch Priority : 32768 Max Age : 20 Max Hops : 20 Forward Delay : 15 Topology Change Count : 10 Time Since Last Change : 53 secs CST Root MAC Address : 00100d-b31200 CST Root Priority : 4096 CST Root Path Cost : 0 CST Root Port : 2 IST Regional Root MAC Address : 00100d-b31200 IST Regional Root Priority : 4096 IST Regional Root Path Cost : 20000 IST Remaining Hops : 19
  • 40. | Prio | Designated Hello Port Type | Cost rity State | Bridge Time PtP Edge ---- --------- + --------- ----- ---------- + ------------- ----- --- 1 100/1000T | 20000 128 Blocking | 001635-b487c0 2 Yes No 2 100/1000T | 20000 128 Forwarding | 00100d-b31200 2 Yes NoIP and HSRP StatusDisplays are shown to explain Core-Cisco-1#show ip int brief Interface IP-Address OK? Method Status Protocol Vlan1 10.1.1.1 YES manual up up Vlan10 10.1.10.1 YES manual up up Vlan20 10.1.20.1 YES manual up up Vlan30 10.1.30.1 YES manual up up Vlan40 10.1.40.1 YES manual up up Core-Cisco-1#sh standby brief P indicates configured to preempt. | Interface Grp Prio P State Active Standby Virtual IP Vl1 1 255 P Active local 10.1.1.2 10.1.1.254 Vl10 10 255 P Active local 10.1.10.2 10.1.10.254 Vl20 20 255 P Active local 10.1.20.2 10.1.20.254 Vl30 30 100 Standby 10.1.30.2 local 10.1.30.254 Vl40 40 100 Standby 10.1.40.2 local 10.1.40.254 Core-Cisco-2#show ip int brief Interface IP-Address OK? Method Status Protocol Vlan1 10.1.1.2 YES manual up up Vlan10 10.1.10.2 YES manual up up Vlan20 10.1.20.2 YES manual up up Vlan30 10.1.30.2 YES manual up up Vlan40 10.1.40.2 YES manual up up Core-Cisco-2#sh standby brief P indicates configured to preempt. | Interface Grp Prio P State Active Standby Virtual IP Vl1 1 100 Standby 10.1.1.1 local 10.1.1.254 Vl10 10 100 Standby 10.1.10.1 local 10.1.10.254 Vl20 20 100 Standby 10.1.20.1 local 10.1.20.254 Vl30 30 255 P Active local 10.1.30.1 10.1.30.254 Vl40 40 255 P Active local 10.1.40.1 10.1.40.254
  • 41. Cisco as Core running PVST+, HP ProCurve as Edgerunning RSTP Procurve-Edge-1 Cisco-1 Cisco-2 Uplinks are tagged with VLANs 10,20, 30 & 40 Untagged in Vlan 1 (Native-Vlan)In this topology, uplinks are tagged with VLANs 10, 20, 30 and 40 anduntagged for VLAN 1. On Cisco, it is named the Native VLAN.In PVST+ Cisco-1 is the primary Root for VLANs 1, 10 and 20 and Cisco-2 thesecondary Root.Cisco-2 is the primary Root for VLANs 30 and 40 and Cisco-1 the secondaryRoot.ProCurve-Edge-1 is an access switch.Cisco-1 PVST+ ConfigurationFollowing define PVST+ Spanning-Tree mode, allows PVST+ to run for VLANsabove 1023 an up to 4095. Conf t hostname Cisco-1 Spanning-Tree mode pvst Spanning-Tree extend system-idCisco-1 is the primary Root for VLAN 1, 10, 20 and the secondary Root forVLAN 30,40 Spanning-Tree vlan 1,10,20 priority 0 Spanning-Tree vlan 30,40 priority 4096Although it is not mandatory, the STP timers have been lowered to speedconvergence time. One should pay attention in using those values as it maycreate instability if not applied properly. The following values are acceptablein a network with a “diameter” of 3, which means that BPDUs will not crossmore than 3 switches before returning to originator Root switch.
  • 42. Spanning-Tree vlan 1,10,20,30,40 hello-time 1 Spanning-Tree vlan 1,10,20,30,40 forward-time 4 Spanning-Tree vlan 1,10,20,30,40 max-age 6 !Access ports are configured in PortFast mode interface range FastEthernet1/0/10 - 48 Spanning-Tree portfast exit802.1q link (Cisco “trunk”) Configuration interface range GigabitEthernet1/0/1 - 4 switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,10,20,30,40 switchport mode trunkAssignment of Access ports to VLAN interface range FastEthernet1/0/10 - 19 switchport access vlan 10 switchport mode access interface range FastEthernet1/0/20 - 29 switchport access vlan 20 switchport mode access interface range FastEthernet1/0/30 - 39 switchport access vlan 30 switchport mode access interface range FastEthernet1/0/40 - 48 switchport access vlan 40 switchport mode accessPVST+ configuration of Cisco-2Configuration of Cisco-2 is similar to Cisco-1’s. Conf t hostname Cisco-2PVST+ Spanning-Tree Configuration Spanning-Tree mode pvstAllows PVST+ to run for VLANs above 1023 and up to 4095. Spanning-Tree extend system-idCisco-2 is the secondary Root for VLANs 1, 10, 20 and primary Root forVLANs 30,40 Spanning-Tree vlan 1,10,20 priority 4096 Spanning-Tree vlan 30,40 priority 0
  • 43. When changed, timers must be changed on primary and on secondary Roots. Spanning-Tree vlan 1,10,20,30,40 hello-time 1 Spanning-Tree vlan 1,10,20,30,40 forward-time 4 Spanning-Tree vlan 1,10,20,30,40 max-age 6 !Enable PortFast on all ports except the Cisco “trunk” ports Spanning-Tree portfast defaultProCurve Edge-1 configurationProCurve Edge-1 is an Edge/Access switch. Conf hostname "ProCurve-Edge-1"STP configuration. Default mode is RSTP.In RSTP mode, default configuration of all ports is Point-to-Point and Edge(fast convergence). To follow the specifications of the standard, the Uplinksare defined as Point-to-Point and Non Edge. no Spanning-Tree A15-A16 edge-portThe following enables Spanning-Tree. Spanning-TreeDefault mode is RSTP (802.1w), other modes are Standard STP (802.1D) andMSTP (802.1s). Changing mode requires a reboot.VLANs configuration vlan 1 ip address 10.1.1.10 255.255.255.0 vlan 10 untagged B1-B4 tagged A15-A16 vlan 20 untagged B5-B9 tagged A15-A16 vlan 30 untagged B10-B14 tagged A15-A16 vlan 40 untagged B15-B19 tagged A15-A16Checking STP statusIn the following displays, Mac address of Cisco-1 is 0013.c382.a900 and Macaddress of Cisco-2 is 0013.c392.d200.
  • 44. PVST+ status on Cisco-1.Display confirms Cisco-1 as the primary Root for VLANs 1, 10, 20 andsecondary Root for VLANs 30 and 40 and all ports are in forwarding mode. Cisco-1#sh Spanning-Tree VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 1 Address 0013.c382.a900 (Cisco-1) This bridge is the root Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority 1 (priority 0 sys-id-ext 1) Address 0013.c382.a900 Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- ------------------------ Gi1/0/1 Desg FWD 4 128.3 P2p Gi1/0/2 Desg FWD 4 128.4 P2p Gi1/0/4 Desg FWD 4 128.6 P2p VLAN0010 Spanning-Tree enabled protocol ieee Root ID Priority 10 Address 0013.c382.a900 (Cisco-1) This bridge is the root Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority 10 (priority 0 sys-id-ext 10) Address 0013.c382.a900 Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- ------------------------ Gi1/0/1 Desg FWD 4 128.3 P2p Gi1/0/2 Desg FWD 4 128.4 P2p Gi1/0/4 Desg FWD 4 128.6 P2p VLAN0020 (skip…) VLAN0030 Spanning-Tree enabled protocol ieee Root ID Priority 30 Address 0013.c392.d200 (Cisco-2) Cost 4 Port 6 (GigabitEthernet1/0/4) Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority 4126 (priority 4096 sys-id-ext 30) Address 0013.c382.a900 Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- ------------------------ Gi1/0/1 Desg FWD 4 128.3 P2p Gi1/0/2 Desg FWD 4 128.4 P2p
  • 45. Gi1/0/4 Root FWD 4 128.6 P2p VLAN0040 (skip…)PVST+ status on Cisco-2.Display confirms Cisco-2 as the primary Root for VLANs 30 and 40 andsecondary Root for VLANs 1, 10 and 20 and all ports are in forwarding mode. Cisco-2#sh span VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 1 Address 0013.c382.a900 (Cisco-1) Cost 4 Port 6 (GigabitEthernet1/0/4) Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority 4097 (priority 4096 sys-id-ext 1) Address 0013.c392.d200 Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- ------------------------ Gi1/0/1 Desg FWD 4 128.3 P2p Gi1/0/2 Desg FWD 4 128.4 P2p Gi1/0/4 Root FWD 4 128.6 P2p VLAN0010 Spanning-Tree enabled protocol ieee Root ID Priority 10 Address 0013.c382.a900 (Cisco-1) Cost 4 Port 6 (GigabitEthernet1/0/4) Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority 4106 (priority 4096 sys-id-ext 10) Address 0013.c392.d200 Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- ------------------------ Gi1/0/1 Desg FWD 4 128.3 P2p Gi1/0/2 Desg FWD 4 128.4 P2p Gi1/0/4 Root FWD 4 128.6 P2p VLAN0020 (skip…) VLAN0030 Spanning-Tree enabled protocol ieee Root ID Priority 30 Address 0013.c392.d200 (Cisco-2) This bridge is the root Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority 30 (priority 0 sys-id-ext 30)
  • 46. Address 0013.c392.d200 Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- ------------------------ Gi1/0/1 Desg FWD 4 128.3 P2p Gi1/0/2 Desg FWD 4 128.4 P2p Gi1/0/4 Desg FWD 4 128.6 P2p VLAN0040 (skip…)ProCurve-Edge-1 STP statusCheck Spanning-Tree configuration of ProCurve-Edge-1 ProCurve-Edge-1# sh span config Rapid Spanning-Tree Configuration STP Enabled [No] : Yes Force Version [RSTP-operation] : RSTP-operation Switch Priority [8] : 8 Hello Time [2] : 2 Max Age [20] : 20 Forward Delay [15] : 15 Port Type | Cost Priority Edge Point-to-Point MCheck ---- --------- + --------- -------- ---- -------------- ------ (skip…) A15 100/1000T | 20000 8 No Force-True Yes A16 100/1000T | 20000 8 No Force-True Yes B1 10/100TX | 20000 8 Yes Force-True Yes (skip…) B24 10/100TX | 20000 8 Yes Force-True YesCheck Spanning-Tree status.STP status is driven by the PVST+ configuration in VLAN 1. Cisco-1 is seen asthe Root. ProCurve-Edge-1# show Spanning-Tree A15-A16 Rapid Spanning-Tree (RSTP) Information STP Enabled : Yes Force Version : RSTP-operation Switch Priority : 32768 Hello Time : 1 Max Age : 6 Forward Delay : 4 Topology Change Count : 33 Time Since Last Change : 2 mins Root MAC Address : 0013c3-82a900 (Cisco-1) Root Path Cost : 20000 Root Port : A15 Root Priority : 1 Port Type Cost Priority State | Designated Bridge ---- --------- --------- -------- ---------- + ----------------- A15 100/1000T 20000 128 Forwarding | 0013c3-82a900 A16 100/1000T 20000 128 Blocking | 0013c3-92d200
  • 47. The Spanning-Tree timers defined in VLAN 1 dictate convergence time. Withdefault timers (Hello=2 sec, Forward Delay= 15 sec, Max-age=20 sec),convergence time is between 30 and 50 sec. With the values that we applied(Hello=1 sec, Forward Delay= 4 sec, Max-age=6 sec), convergence timenever exceeded 8 sec.ConclusionSee figure for resulting STP topology.If Cores of L2 networks are Cisco switches, one should take care ofconfiguration of PVST+ in VLAN 1 (Native VLAN) as that will dictate theresulting topology. STP Timers in Native-VLAN will drive convergence timeWhat about Cisco Rapid PVST?The same test has been run implementing the Rapid PVST mode on the Ciscocores.Regarding finale topology, same results have been obtained. However nosignificant improvement in speed convergence has resulted.In other words, HP ProCurve RSTP and Cisco Rapid PVST interacts in Vlan 1as RSTP or standard STP interacts with PVST, but Rapid STP mechanisms arenot functioning.In its Rapid PVST mode implementation, Cisco does not use the standardcosts of Rapid STP but rather the cost of standard STP. For example FastEthernet cost is 19 and not 200000.HP ProCurve as Core running RSTP, Cisco as Edgerunning PVST+Sample topology
  • 48. In this topology, uplinks are tagged for VLANs 10, 20, 30 and 40 anduntagged for VLAN 1.ProCurve-Core-1 and 2 are defined as Root and secondary Root of RSTP.Cisco-1 and Cisco-2 use standard PVST+ configuration.In the following, only the Spanning-Tree Configuration is shown.Configuration of RSTP on ProCurve-Core-1 and 2 Conf hostname "ProCurve-Core-1/2"Uplink ports are defined as Non Edge. Default is Edge and Point-to-Point. no Spanning-Tree A14-A16 edge-portProCurve-Core-1 is the Root (priority 0) of the STP and ProCurve-Core-2 thesecondary Root (priority 1). Spanning-Tree priority 0STP timers are lowered to speed convergence time.Values are acceptable for a network where access switches are connecteddirectly to the core switches or are in a stack connected directly to the cores. Spanning-Tree forward-delay 4 hello-time 1 maximum-age 6 Following command enables Spanning-Tree. Default mode is RSTP (802.1w).
  • 49. Spanning-TreeConfiguration of PVST+ on Cisco-1 and Cisco-2 Cisco-1 and Cisco-2 are defined as access switches hostname Cisco-1/2 Spanning-Tree mode pvst Spanning-Tree extend system-id interface range GigabitEthernet1/0/1 - 4 switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,10,20,30,40 switchport mode trunkCheck status of Spanning-TreeOn ProCurve-Core-1ProCurve-Core-1 is Root for the STP ProCurve-Core-1# show span a14-a16 Rapid Spanning-Tree (RSTP) Information STP Enabled : Yes Force Version : RSTP-operation Switch Priority : 0 Hello Time : 1 Max Age : 6 Forward Delay : 4 Topology Change Count : 63 Time Since Last Change : 57 secs Root MAC Address : 000e7f-060100 Root Path Cost : 0 Root Port : This switch is root Root Priority : 0 Port Type Cost Priority State | Designated Bridge ---- --------- --------- -------- ---------- + ----------------- A14 100/1000T 20000 128 Forwarding | 000e7f-060100 A15 100/1000T 20000 128 Forwarding | 000e7f-060100 A16 100/1000T 20000 128 Forwarding | 000e7f-060100On ProCurve-Core-2ProCurve-Core-1 is seen, as expected, as the Root switch.Note that uplinks A15 and A16 are in blocking state, i.e. they’re not thedesignated port of their segment.The first criterion to elect the Designated port of a segment is the path-costof switch to the Root. In this case the Root path-cost of access switches
  • 50. Cisco-1 and 2 (value 4) is lower than the Root path-cost of ProCurve-Edge-2(value 20000).Cisco switches use standard STP values (4 for Gigabit, 19 for Fast Ethernet)and HP ProCurve switches use Rapid STP values (20000 For Gigabit, 200000for Fast Ethernet). ProCurve-Core-2# sh span a14-a16 Rapid Spanning-Tree (RSTP) Information STP Enabled : Yes Force Version : RSTP-operation Switch Priority : 4096 Hello Time : 1 Max Age : 6 Forward Delay : 4 Topology Change Count : 108 Time Since Last Change : 23 secs Root MAC Address : 000e7f-060100 (ProCurve-Core-1) Root Path Cost : 20000 Root Port : A14 Root Priority : 0 Port Type Cost Priority State | Designated Bridge ---- --------- --------- -------- ---------- + ----------------- A14 100/1000T 20000 128 Forwarding | 000e7f-060100 A15 100/1000T 20000 128 Blocking | 0013c3-82a900 A16 100/1000T 20000 128 Blocking | 0013c3-92d200The following figure shows the resulting STP topology
  • 51. STP status in VLAN 1 on Cisco-1 and 2ProCurve-Core-1 is seen as the Root. Uplinks (Gigabit Ethernet port) areRoot or Designated ports Cisco-1#show Spanning-Tree VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 0 Address 000e.7f06.0100 Cost 4 Port 3 (GigabitEthernet1/0/1) Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 0013.c382.a900 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------- Gi1/0/1 Root FWD 4 128.3 P2p Gi1/0/2 Desg FWD 4 128.4 P2p Cisco-2#sh Spanning-Tree vlan 1 VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 0 Address 000e.7f06.0100 (ProCurve-Core-1) Cost 4 Port 3 (GigabitEthernet1/0/1) Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 0013.c392.d200 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------- Gi1/0/1 Root FWD 4 128.3 P2p Gi1/0/2 Desg FWD 4 128.4 P2pSTP status in VLAN 10, 20, 30 and 40 of Cisco-1 and 2In VLANs 10, 20, 30 and 40, ProCurve-Core-1 and 2 forward Cisco PVSTBPDUs as any other frames. They are “transparent” to the Cisco switches.Cisco-1 is the Root switch because of its Mac address. Cisco-1#sh Spanning-Tree vlan 10 VLAN0010 Spanning-Tree enabled protocol ieee Root ID Priority 32778 Address 0013.c382.a900 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32778 (priority 32768 sys-id-ext 10) Address 0013.c382.a900 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300
  • 52. Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------- Gi1/0/1 Desg FWD 4 128.3 P2p Peer(STP) Gi1/0/2 Desg FWD 4 128.4 P2p Cisco-2#sh Spanning-Tree vlan 10 VLAN0010 Spanning-Tree enabled protocol ieee Root ID Priority 32778 Address 0013.c382.a900 (Cisco-1) Cost 4 Port 3 (GigabitEthernet1/0/1) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32778 (priority 32768 sys-id-ext 10) Address 0013.c392.d200 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------- Gi1/0/1 Root FWD 4 128.3 P2p Gi1/0/2 Desg FWD 4 128.4 P2pFrom Cisco switches, STP Topology in VLANs 10, 20, 30 and 40 appears asfollows:Change of STP path-cost on ProCurve-Core-1 and 2To change the status of blocking ports on ProCurve-Core-2, we change thecost of uplinks. ProCurve-Core-1# conf
  • 53. We define the value of path-cost of uplinks as 3. ProCurve-Core-1(config)# Spanning-Tree a14-a16 path-cost 3 ProCurve-Core-2(config)# Spanning-Tree a14-a16 path-cost 3Status on ProCurve-Core-2 Now, ProCurve-2 is “closer” to Root switch than the access-switches. So all ports are in Designated state. ProCurve-Core-2# show span A14-A16 Rapid Spanning-Tree (RSTP) Information STP Enabled : Yes Force Version : RSTP-operation Switch Priority : 4096 Hello Time : 1 Max Age : 6 Forward Delay : 4 Topology Change Count : 121 Time Since Last Change : 12 secs Root MAC Address : 000e7f-060100 Root Path Cost : 3 Root Port : A14 Root Priority : 0 Port Type Cost Priority State | Designated Bridge ---- --------- --------- -------- ---------- + ----------------- A14 100/1000T 3 128 Forwarding | 000e7f-060100 A15 100/1000T 3 128 Forwarding | 000e7f-058400 A16 100/1000T 3 128 Forwarding | 000e7f-058400PVST+ Status on Cisco-1 and 2In VLAN 1, port status follows the rules of standard STP. ProCurve-Core-1 isRoot, ProCurve-Core-2 is secondary Root. Cisco-1#sh span vlan 1 VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 0 Address 000e.7f06.0100 (ProCurve-Core-1) Cost 4 Port 3 (GigabitEthernet1/0/1) Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 0013.c382.a900 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------- Gi1/0/1 Root FWD 4 128.3 P2p Gi1/0/2 Altn BLK 4 128.4 P2p
  • 54. In VLAN 10, 20, 30 and 40, Status is the same as before Cisco-1#sh span vlan 10 VLAN0010 Spanning-Tree enabled protocol ieee Root ID Priority 32778 Cost 4 Address 0013.c382.a900 (cisco-1) This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32778 (priority 32768 sys-id-ext 10) Address 0013.c382.a900 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- ------------------------ Gi1/0/1 Desg FWD 4 128.3 P2p Peer(STP) Gi1/0/2 Back BLK 4 128.4 P2p Peer(STP)On Cisco-2 Cisco-2#sh span VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 0 Address 000e.7f06.0100 Cost 4 Port 3 (GigabitEthernet1/0/1) Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 0013.c392.d200 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------- Gi1/0/1 Root FWD 4 128.3 P2p Gi1/0/2 Altn BLK 4 128.4 P2p
  • 55. IP routing InteroperabilitySample topologyThe following topology is used to demonstrate L3 configuration andinteroperability between Cisco and HP ProCurve L3 Switches routing protocolsRIP and OSPF.All links are untagged.RIP configurationRIP Configuration on HP ProCurveconfhostname ProCurveEnabling IP Routing allows the forwarding of IP packets between VLANs. It isa mandatory step before configuring RIP and OSPF. ip routingVLAN configuration and IP addressing Vlan 110 untagged 1-10 ip address 10.1.10.1 255.255.255.0 exit Vlan 120 untagged 11-20
  • 56. ip address 10.1.20.1 255.255.255.0 exit Vlan 130 untagged 21-30 ip address 10.1.30.1 255.255.255.0 exit Vlan 140 untagged 31-40 ip address 10.1.40.1 255.255.255.0 exit vlan 100 untagged 48 ip address 10.1.100.1 255.255.255.0 exit Enable RIP. By default RIP is in Version 2. router rip exitRIP requires to be defined in the Vlan in which there are one or more RIPNeighbors. It is not necessary to enable RIP in the other VLANs. When RIP isenabled, “connected networks” are automatically redistributed into RIP. vlan 100 ip rip exitRIP Configuration on Cisco Conf t hostname CiscoVLANs creation and port assignment Vlan 10, 20, 30, 40, 100 Interface range fa1/0/1 - 10 Switchport access vlan 210 Interface range fa1/0/11 - 20 Switchport access vlan 220 Interface range fa1/0/21 - 30 Switchport access vlan 230 Interface range fa1/0/31 - 40 Switchport access vlan 240 Interface gi1/0/1 Switchport access vlan 100IP addresses
  • 57. interface Vlan100 ip address 10.1.100.2 255.255.255.0 no shutdown interface Vlan210 ip address 10.2.10.1 255.255.255.0 no shutdown interface Vlan220 ip address 10.2.20.1 255.255.255.0 no shutdown interface Vlan230 ip address 10.2.30.1 255.255.255.0 no shutdown interface Vlan240 ip address 10.2.40.1 255.255.255.0RIP protocol enabling. The “Network” command defines the IP Interfaces of aclassfull network (10/8) on which RIP is enabled. Version 2 is enabled on allRIP Interfaces router rip network 10.0.0.0 version 2RIP announcements are blocked on all IP Interfaces connected to a “stub”network using the “passive-interface” command: passive-interface Vlan210 passive-interface Vlan220 passive-interface Vlan230 passive-interface Vlan240Checking RIPRIP Status on HP ProCurve ProCurve1# show ip rip RIP global parameters RIP protocol : enabled Auto-summary : enabled Default Metric : 1 Distance : 120 Route changes : 4 Queries : 0 RIP interface information IP Address Status Send mode Recv mode Metric Auth --------------- ----------- ---------------- --------- ---------- ---- 10.1.100.1 enabled V2-only V2-only 1 none RIP peer information IP Address Bad routes Last update timeticks --------------- ----------- --------------------- 10.1.100.2 0 2
  • 58. ProCurve1# ProCurve1# show ip route rip IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ------------------ --------------- ---- --------- ------- ------ ---- 10.2.10.0/24 10.1.100.2 100 rip 2 120 10.2.20.0/24 10.1.100.2 100 rip 2 120 10.2.30.0/24 10.1.100.2 100 rip 2 120 10.2.40.0/24 10.1.100.2 100 rip 2 120 ProCurve1# show ip route connected IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ------------------ --------------- ---- --------- --------- ------ ---- 10.1.10.0/24 VLAN110 110 connected 0 0 10.1.20.0/24 VLAN120 120 connected 0 0 10.1.30.0/24 VLAN130 130 connected 0 0 10.1.40.0/24 VLAN140 140 connected 0 0 10.1.100.0/24 VLAN100 100 connected 0 0 127.0.0.1/32 lo0 connected 0 0 127.0.0.0/8 reject static 0 250RIP Status on Cisco Cisco1#show ip route connected 10.0.0.0/24 is subnetted, 9 subnets C 10.2.10.0 is directly connected, Vlan110 C 10.2.30.0 is directly connected, Vlan130 C 10.2.20.0 is directly connected, Vlan120 C 10.2.40.0 is directly connected, Vlan140 C 10.1.100.0 is directly connected, Vlan100 Cisco1#show ip route rip 10.0.0.0/24 is subnetted, 9 subnets R 10.1.10.0 [120/1] via 10.1.100.1, 00:00:01, Vlan100 R 10.1.20.0 [120/1] via 10.1.100.1, 00:00:01, Vlan100 R 10.1.30.0 [120/1] via 10.1.100.1, 00:00:01, Vlan100 R 10.1.40.0 [120/1] via 10.1.100.1, 00:00:01, Vlan100Other RIP featuresAnnouncing a default routeConfiguring a default route on Cisco…A default route can be announced by creating a default static route andredistribute it with a “redistribute static” command, or, using the “ip default-network command”:
  • 59. Cisco1(config)#ip route 0.0.0.0 0.0.0.0 10.2.30.2 Cisco1(config)#router rip Cisco1(config-router)#redistribute static Cisco1(config-router)#default-metric 4or, using the “ip default-network command”: Cisco1(config)#ip default-network 10.0.0.0… and checking announcement on HP ProCurve ProCurve1# show ip route rip IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ------------------ --------------- ---- --------- ---------- ---------- ----- 0.0.0.0/0 10.1.100.2 100 rip 2 120 10.2.10.0/24 10.1.100.2 100 rip 2 120 10.2.20.0/24 10.1.100.2 100 rip 2 120 10.2.30.0/24 10.1.100.2 100 rip 2 120 10.2.40.0/24 10.1.100.2 100 rip 2 120Configuring a default route on HP ProCurve… ProCurve1(config)# ip route 0.0.0.0 0.0.0.0 10.1.20.2 ProCurve1(config)# router rip ProCurve1(rip)# redistribute static ProCurve1(rip)# default-metric 6… and checking announcement on Cisco Cisco1#show ip route rip * 10.0.0.0/24 is subnetted, 9 subnets R 10.1.10.0 [120/6] via 10.1.100.1, 00:00:21, Vlan100 R 10.1.20.0 [120/6] via 10.1.100.1, 00:00:21, Vlan100 R 10.1.30.0 [120/6] via 10.1.100.1, 00:00:21, Vlan100 R 10.1.40.0 [120/6] via 10.1.100.1, 00:00:21, Vlan100 R* 0.0.0.0/0 [120/6] via 10.1.100.1, 00:00:21, Vlan100Auto-summaryBy default, RIP summarizes IP subnets announcement to a classfullnetwork on a network boundary. For example the subnet 10.1.1.0/24is announced as 10.0.0.0/8 on the IP interface 192.168.1.1. To disablethis behavior: ProCurve1(config)#router rip ProCurve1(rip)#no auto-summary Cisco1(config)#router rip Cisco1(config-router)#No auto-summary
  • 60. RIP VersionOn HP ProCurve switches, RIP is in version 2 on all interfaces. On CiscoRIP is sent in Version 1 and can be received in version 1 and 2.On HP ProCurve, changing version is done is the IP interface (vlan)level: ProCurve1(config)#Vlan 110 ProCurve1(vlan-10)#ip rip v1-only ProCurve1(vlan-10)#ip rip v2-only ProCurve1(vlan-10)#ip rip v1-compatible-v2On Cisco, changing version is done in protocol level or in IP interfacelevel: Cisco1(config)#router rip Cisco1(config-router)#version 2 Cisco1(config-if)#int vlan 100 Cisco1(config-if)#ip rip send version 2 Cisco1(config-if)#ip rip receive version 1 2Redistribution and RIP FilteringOn HP ProCurve, connected and static networks can be redistributed. Notethat redistribution of connected network is default. ProCurve1(config)#router rip ProCurve1(rip)#redistribute static ProCurve1(rip)#redistribute connected ProCurve1(rip)#default-metric 4Some of the Redistributed networks can be filtered: ProCurve1(rip)#restrict 10.1.10.0 255.255.255.0On Cisco, filtering of redistributed networks, can be done with a “distributelist”: Cisco1(config)#router rip Cisco1(config-router)#redistribute static Cisco1(config-router)#default-metric 4 Cisco1(config-router)#distribute-list 1 out Cisco1(config-router)#access-list 1 permit 10.1.10.0 0.0.0.255OSPF Single Area
  • 61. HP ProCurve OSPF configuration hostname "ProCurve"Enable routing and configure Vlan and IP addresses ip routing vlan 100 untagged 48 ip address 10.1.100.1 255.255.255.0 exit Vlan 110 untagged 1-9 ip address 10.1.10.1 255.255.255.0 exit Vlan 120 untagged 10-19 ip address 10.1.20.1 255.255.255.0 exit Vlan 130 untagged 20-29 ip address 10.1.30.1 255.255.255.0 exit Vlan 140 untagged 30-44 ip address 10.1.40.1 255.255.255.0 exitConfiguring OSPF: first a unique Router-Identifier is defined, OSPF enabledand OSPF area(s) created: ip router-id 1.1.1.1 router ospf area backbone exitIP interfaces area assigned to Area 0 (backbone) vlan 100 ip ospf area 0 exit Vlan 110 ip ospf area 0 exit Vlan 120 ip ospf area 0 exit Vlan 130 ip ospf area 0 exit Vlan 140 ip ospf area 0 exitCisco OSPF configuration conf t hostname CiscoVlan creation and port assignment
  • 62. Vlan 10, 20, 30, 10, 100 Interface range fa1/0/1 - 10 Switchport access vlan 210 Interface range fa1/0/11 - 20 Switchport access vlan 220 Interface range fa1/0/21 - 30 Switchport access vlan 230 Interface range fa1/0/31 - 40 Switchport access vlan 240 Interface gi1/0/1 Switchport access vlan 100IP routing is activated and IP addresses are assigned to VLAN Interfaces: ip routing interface Vlan100 ip address 10.1.100.2 255.255.255.0 no shutdown interface Vlan210 ip address 10.2.10.2 255.255.255.0 no shutdown interface Vlan220 ip address 10.2.20.2 255.255.255.0 no shutdown interface Vlan230 ip address 10.2.30.2 255.255.255.0 no shutdown interface Vlan240 ip address 10.2.40.2 255.255.255.0 no shutdownOSPF Configuration: a unique router-id is defined and IP interfaces areassigned to Area 0. router ospf 1 router-id 2.2.2.2 network 10.0.0.0 0.255.255.255 area 0Checking IP and OSPF statusChecking status on HP ProCurveList IP Interfaces: ProCurve# show ip Internet (IP) Service IP Routing : Enabled Default TTL : 64 Arp Age : 20 VLAN | IP Config IP Address Subnet Mask Proxy ARP ------------ + ---------- --------------- --------------- --------- DEFAULT_VLAN | Disabled VLAN110 | Manual 10.1.10.1 255.255.255.0 No VLAN120 | Manual 10.1.20.1 255.255.255.0 No VLAN130 | Manual 10.1.30.1 255.255.255.0 No VLAN140 | Manual 10.1.40.1 255.255.255.0 No VLAN100 | Manual 10.1.100.1 255.255.255.0 NoList connected IP routes:
  • 63. ProCurve# show ip route connected IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ------------------ --------------- ---- --------- ---------- --------- ----- 10.1.10.0/24 VLAN110 110 connected 0 0 10.1.20.0/24 VLAN120 120 connected 0 0 10.1.30.0/24 VLAN130 130 connected 0 0 10.1.40.0/24 VLAN140 140 connected 0 0 10.1.100.0/24 VLAN100 100 connected 0 0 127.0.0.1/32 lo0 connected 0 0List OSPF Interfaces: ProCurve# show ip ospf interface OSPF Interface Status IP Address Status Area ID State Auth-type Cost Priority --------------- -------- --------------- ------- --------- ------ -------- 10.1.10.1 enabled backbone DR none 1 1 10.1.20.1 enabled backbone DR none 1 1 10.1.30.1 enabled backbone DR none 1 1 10.1.40.1 enabled backbone DR none 1 1 10.1.100.1 enabled backbone BDR none 1 1Before learning IP routes via OSPF, routers must establishneighboring/adjacency. When routers agree to form an adjacency, theyexchange their topological database and become synchronized which isdescribed by FULL state. ProCurve# show ip ospf neighbor OSPF Neighbor Information Router ID Pri IP Address NbIfState State Rxmt QLen Events --------------- --- --------------- --------- -------- --------- -- 2.2.2.2 1 10.1.100.2 DR FULL 0 11List the learned IP Routes via OSPF: ProCurve# show ip route ospf IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ------------------ --------------- ---- --------- ---------- ---------- --- -- 10.2.10.0/24 10.1.100.2 100 ospf IntraArea 2 110 10.2.20.0/24 10.1.100.2 100 ospf IntraArea 2 110 10.2.30.0/24 10.1.100.2 100 ospf IntraArea 2 110 10.2.40.0/24 10.1.100.2 100 ospf IntraArea 2 110Checking OSPF status on CiscoList IP interfaces status Cisco#show ip int brief | include up Vlan1 unassigned YES manual up down Vlan210 10.2.10.2 YES manual up up Vlan220 10.2.20.2 YES manual up up Vlan230 10.2.30.2 YES manual up up Vlan240 10.2.40.2 YES manual up up Vlan100 10.1.100.2 YES manual up up
  • 64. List IP connected routes Cisco#show ip route connected 10.0.0.0/24 is subnetted, 9 subnets C 10.2.10.0 is directly connected, Vlan210 C 10.2.30.0 is directly connected, Vlan230 C 10.2.20.0 is directly connected, Vlan220 C 10.2.40.0 is directly connected, Vlan240 C 10.1.100.0 is directly connected, Vlan100Check IP OSPF Neighboring Cisco#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 1 FULL/BDR 00:00:33 10.1.100.1 Vlan100Verify all IP interfaces have been assigned to OSPF Area Cisco#show ip ospf interface brief Interface PID Area IP Address/Mask Cost State Nbrs F/C Vl240 1 0 10.2.40.2/24 1 DR 0/0 Vl230 1 0 10.2.30.2/24 1 DR 0/0 Vl220 1 0 10.2.20.2/24 1 DR 0/0 Vl210 1 0 10.2.10.2/24 1 DR 0/0 Vl100 1 0 10.1.100.2/24 1 DR 1/1List learned IP routes via OSPF neighbor Cisco#show ip route ospf 10.0.0.0/24 is subnetted, 9 subnets O 10.1.10.0 [110/2] via 10.1.100.1, 00:03:31, Vlan100 O 10.1.30.0 [110/2] via 10.1.100.1, 00:03:31, Vlan100 O 10.1.20.0 [110/2] via 10.1.100.1, 00:03:31, Vlan100 O 10.1.40.0 [110/2] via 10.1.100.1, 00:03:31, Vlan100Redistribution into OSPFRedistribute connected routesAn other way for announcing networks via OSPF is to use the “redistributeconnected” option. OSPF is enabled on the interfaces with an OSPF neighbor,other networks are simply redistributed into OSPF.Redistribute connected networks on CiscoConnected networks are redistributed with a metric 100 and a metric-type 1.Metric Type 1 means that metric is incremented with receiving interfacescosts along the announcements. The default type is 2, metric is notincremented. “Subnets” keyword is required to redistribute subnets ofclassfull networks. Conf t router ospf 1 router-id 2.2.2.2 redistribute connected metric 100 metric-type 1 subnetsFollowing enables OSPF in VLAN 100 only network 10.1.100.2 0.0.0.0 area 0Redistribute connected networks on HP ProCurve
  • 65. Connected networks are redistributed with metric 200 and metric-type 1(Default type is 2) conf ip router-id 1.1.1.1 router ospf area backbone default-metric 200 metric-type type1 redistribute connected exitOSPF is enabled in VLAN 100 only vlan 100 ip ospf area backbone exitChecking learned routes via OSPF on CiscoNote OSPF type 1 and metric 201 (200 +1). Cisco#show ip route ospf 10.0.0.0/24 is subnetted, 9 subnets O E1 10.1.10.0 [110/201] via 10.1.100.1, 00:04:04, Vlan100 O E1 10.1.30.0 [110/201] via 10.1.100.1, 00:04:04, Vlan100 O E1 10.1.20.0 [110/201] via 10.1.100.1, 00:04:04, Vlan100 O E1 10.1.40.0 [110/201] via 10.1.100.1, 00:04:04, Vlan100Checking learned routes via OSPF on HP ProCurveNote OSPF type 1 and metric 101 (100 + 1). ProCurve# show ip route ospf IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ----------------- -------------- ---- -------- --------- --------- ----- 10.2.10.0/24 10.1.100.2 100 ospf External1 101 110 10.2.20.0/24 10.1.100.2 100 ospf External1 101 110 10.2.30.0/24 10.1.100.2 100 ospf External1 101 110 10.2.40.0/24 10.1.100.2 100 ospf External1 101 110Announcing a default routeConfiguring announcement of a default route on HP ProCurve…Default route is announced into OSPF just like any other static route. conf t ip route 0.0.0.0 0.0.0.0 10.1.30.2 router ospf redistribute static default-metric 300 metric-type type1 exit
  • 66. … and checking on Cisco Cisco1#show ip route ospf 10.0.0.0/8 is variably subnetted, 9 subnets, 2 masks O IA 10.1.10.0/23 [110/2] via 10.1.100.1, 00:01:52, Vlan100 O 10.2.10.0/23 is a summary, 01:04:57, Null0 O IA 10.1.30.0/24 [110/2] via 10.1.100.1, 00:01:52, Vlan100 O IA 10.1.20.0/24 [110/2] via 10.1.100.1, 00:01:52, Vlan100 O*E1 0.0.0.0/0 [110/301] via 10.1.100.1, 00:01:52, Vlan100Configuring announcement of a default route on Cisco… router ospf 1 default-information originate metric 400 metric-type 1 default-metric 400 ip route 0.0.0.0 0.0.0.0 10.2.30.2…and checking on HP ProCurve ProCurve1# show ip route ospf IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ---------------- ------------- ---- --------- ---------- ---------- ----- 0.0.0.0/0 10.1.100.2 100 ospf External1 402 110 10.2.10.0/23 10.1.100.2 100 ospf InterArea 2 110 10.2.20.0/24 10.1.100.2 100 ospf InterArea 2 110 10.2.30.0/24 10.1.100.2 100 ospf InterArea 2 110453- Redistributing proprietary routing protocols into OSPFHP ProCurve supports OSPF and RIP, two standard for Interior GatewayProtocols (IGP). Cisco, support standards as well as proprietary IGP such asIGRP and EIGRP. When mixing both environments one may have to supportboth proprietary and standard routing protocols.In this case, the solution is to mutually redistribute routing protocols on theCisco platform such as in the following example
  • 67. Cisco-2 configuration: internal router in EIGRP autonomous systemEIGRP Configuration: 65 is the “Autonomous System” # for EIGRP and hasto be the same on all routers part of EIGRP. Interface with no neighbors aredefined as “passive”. Interface vlan 310 Ip address 10.3.10.1 255.255.255.0 No shutdown Interface vlan 200 Ip address 10.1.200.2 255.255.255.0 No shutdown router eigrp 65 network 10.0.0.0 passive-interface vlan 310Check EIGRP Show ip eigrp neighbors Show ip route eigrpCisco-1 configuration: “gateway” router between OSPF and EIGRPIP Configuration. Interface vlan 200 Ip address 10.1.200.1 255.255.255.0 No shutdown Interface vlan 100 Ip address 10.1.100.2 255.255.255.0 No shutdownEIGRP Configuration. The passive-interface on vlan 100 ensures that noEIGRP messages are sent on the OSPF Vlan 100 interface router eigrp 65 network 10.0.0.0
  • 68. passive-interface vlan100OSPF configuration. Conf t router ospf 1 router-id 2.2.2.2 network 10.1.100.2 0.0.0.0 area 0Redistributing EIGRP into OSPF.The “Subnets” keyword is required to redistribute subnets of classfullnetworks into OSPF. A metric (default 20) and metric type (default type 2 =non incremented) may be specified as follows: router ospf 1 redistribute eigrp 65 metric 100 metric-type 1 subnetsRedistributing OSPF into EIGRP.It is required to specify a metric for the redistribution into EIGRP to beeffective router eigrp 65 redistribute ospf 1 metric 10000 100 255 1 1500Note: if on a classfull network border (for example between 10.0.0.0/8 and192.168.1.0/24) networks are by default automatically summarized withinEIGRP. If this causes connectivity issues, this can be disabled using router eigrp 65 no auto-summaryChecking redistribution.To check the redistribution effects, status should be displayed on the routersthat are neighbors of the “redistributing” router. In our example these areCisco-2 and ProCurve-1.On Cisco-2, in EIGRP OSPF redistributed networks will appear as “externalEIGRP” networks with an Administrative distance of 170. Cisco-2#show ip route 10.0.0.0/24 is subnetted, 6 subnets D*EX 10.1.10.0 [170/19768] via 10.1.200.1, 00:04:29, vlan200 D*EX 10.1.20.0 [170/19768] via 10.1.200.1, 00:04:29, vlan200 D*EX 10.1.30.0 [170/19768] via 10.1.200.1, 00:04:29, vlan200 D*EX 10.1.100.0 [170/19768] via 10.1.200.1, 00:04:29, vlan200 C 10.1.200.0 is directly connected, Vlan200 C 10.3.10.0 is directly connected, Vlan310On ProCurve-1, in OSPF ,EIGRP Redistributed network will appear as externalOSPF networks ProCurve-1# show ip route IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ----------------- ------------ ---- --------- ---------- --------- ----- 10.1.10.0/24 VLAN110 110 connected 0 0 10.1.20.0/24 VLAN120 120 connected 0 0
  • 69. 10.1.30.0/24 VLAN130 130 connected 0 010.1.100.0/24 VLAN100 100 connected 0 010.1.200.0/24 10.1.100.2 100 ospf External1 101 11010.3.10.0/24 10.1.100.2 100 ospf External1 101 110
  • 70. Configuration of Multiple OSPF areasSample topologyIn this example, ProCurve-0 and Cisco-0 are “Area Border Routers”(ABR). They interconnect Area 0 to other areas: the Areas 1 and 4, the“stub” Areas 2 and 5 and the “totally stubby” areas 3 and 6.Stub areas filter External networks and replace them by a defaultroute into the area. Totally stubby areas are stub areas that also filterSummary networks and replace them by a default route into the area.Note that the NSSA area type is not supported on HP ProCurve.ProCurve as “Area border router” and Cisco as “Internal”routersConfiguration of ProCurve-0 as ABRVLANs and IP configuration Conf t hostname ProCurve-0 ip routing vlan 110 ip address 10.1.10.1 255.255.255.0 ip address 10.1.11.1 255.255.255.0 exit vlan 120 ip address 10.1.20.1 255.255.255.0
  • 71. exit vlan 130 ip address 10.1.30.1 255.255.255.0 exit vlan 100 ip address 10.1.100.1 255.255.255.0 exitOSPF configuration: enabling of OSPF and definition of OSPF areasand their types: ip router-id 1.1.1.1 router ospfArea 0, the Backbone area, is standard area backboneArea 1 is standard area 1Area 2 is stub (filters External LSA). 22 defines the default metric of defaultroute generated in area 2 area 2 stub 22Area 3 is totally stubby (filters External LSA and Summary LSA). 33 definesthe default metric of default route generated in area 3 area 3 stub 33 no-summaryWhen announced into area 0, IP subnets 10.1.10.0/24 and 10.1.11.0/24 willbe summarized as 10.1.10.0/23 area 1 range 10.1.10.0 255.255.254.0 exitAssign the IP interfaces to the various OSPF areas vlan 100 ip ospf area 0 exit vlan 110 ip ospf area 1 exit vlan 120 ip ospf area 2 exit vlan 130 ip ospf area 3 exit
  • 72. Checking status of OSPF neighborsProCurve-0# show ip ospf neighborsOSPF Neighbor Information Router ID Pri IP Address NbIfState State Rxmt QLen Events --------------- --- --------------- --------- -------- --------- ---------- 1.0.0.1 1 10.1.10.2 BDR FULL 0 6 1.0.0.2 1 10.1.20.2 BDR FULL 0 6 1.0.0.3 1 10.1.30.2 BDR FULL 0 6 2.2.2.2 1 10.1.100.2 DR FULL 0 6Configuration of Cisco-1, internal router of standard Area 1 Conf t hostname Cisco-1 ip routing Interface Vlan 110 ip address 10.1.10.2 255.255.255.0 router ospf 1 router-id 1.0.0.1 log-adjacency-changes network 10.1.0.0 0.0.255.255 area 1Checking OSPF status on Cisco-1Cisco-1#show ip ospf neighNeighbor ID Pri State Dead Time Address Interface1.1.1.1 1 FULL/DR 00:00:35 10.1.10.1 Vlan1Cisco-1#show ip ospf int briefInterface PID Area IP Address/Mask Cost State Nbrs F/CVl110 1 1 10.1.10.2/24 1 BDR 1/1Checking OSPF routes: networks from other areas appear as “O IA” or OSPFInter-Area networks. Cisco-1#sho ip route ospf 10.0.0.0/24 is subnetted, 6 subnets O IA 10.1.30.0 [110/2] via 10.1.10.1, 00:01:54, Vlan110 O IA 10.2.30.0 [110/3] via 10.1.10.1, 00:01:54, Vlan110 O IA 10.2.20.0 [110/3] via 10.1.10.1, 00:01:54, Vlan110 O IA 10.1.20.0 [110/2] via 10.1.10.1, 00:01:54, Vlan110 O IA 10.1.100.0 [110/2] via 10.1.10.1, 00:01:54, Vlan110Configuration of Cisco-2, internal router of stub Area 2 hostname Cisco-2 ip routing Interface Vlan120 ip address 10.1.20.2 255.255.255.0 router ospf 1 router-id 1.0.0.2 log-adjacency-changes area 2 stub network 10.1.0.0 0.0.255.255 area 2
  • 73. endChecking OSPF status on Cisco-2 Cisco-2#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 1 FULL/DR 00:00:36 10.1.20.1 Vlan120 Cisco-2#show ip ospf int brief Interface PID Area IP Address/Mask Cost State Nbrs F/C Vl120 1 2 10.1.20.2/24 1 BDR 1/1Checking OSPF routes: OSPF networks from other areas appear as “O IA” orOSPF Inter-Area networks. A default route is also generated in area 2 to“hide” or “summarize” External networks (networks resulting of aredistribute).Note network 10.1.10.0/23 that results from summarization of Area 1. Cisco-2#sho ip route ospf 10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks O IA 10.1.10.0/23 [110/2] via 10.1.20.1, 00:01:19, Vlan120 O IA 10.1.30.0/24 [110/2] via 10.1.20.1, 00:01:19, Vlan120 O IA 10.2.30.0/24 [110/3] via 10.1.20.1, 00:01:19, Vlan120 O IA 10.2.20.0/24 [110/3] via 10.1.20.1, 00:01:19, Vlan120 O IA 10.1.100.0/24 [110/2] via 10.1.20.1, 00:01:19, Vlan120 O*IA 0.0.0.0/0 [110/23] via 10.1.20.1, 00:01:19, Vlan120Configuration of Cisco-3, internal router of totally stubby Area 3 hostname Cisco-3 Interface Vlan130 ip address 10.1.30.2 255.255.255.0 router ospf 1 router-id 1.0.0.3 log-adjacency-changes area 3 stub no-summary network 10.1.0.0 0.0.255.255 area 3 endChecking OSPF status on Cisco-3Cisco-3#show ip ospf neighborNeighbor ID Pri State Dead Time Address Interface1.1.1.1 1 FULL/DR 00:00:34 10.1.30.1 Vlan130Cisco-3#show ip ospf int briefInterface PID Area IP Address/Mask Cost State Nbrs F/CVl130 1 3 10.1.30.2/24 1 BDR 1/1
  • 74. Checking OSPF routes: a default route is generated by ABR in the area 3 to“summarize” External networks (result of “redistribute” command) andSummary networks (networks of other areas). Cisco-3#show ip route ospf O*IA 0.0.0.0/0 [110/34] via 10.1.30.1, 00:01:42, Vlan130Cisco as “Area border router” and ProCurve as “Internal”routersConfiguration of Cisco-0 as ABRConfiguration of IP forwarding and IP addresses Conf t hostname Cisco1 ip routing Interface Vlan100 ip address 10.1.100.2 255.255.255.0 Interface Vlan210 ip address 10.2.10.1 255.255.255.0 Interface Vlan220 ip address 10.2.20.1 255.255.255.0 Interface Vlan230 ip address 10.2.30.1 255.255.255.0Enabling OSPF router ospf 1 router-id 2.2.2.2Area configuration: area 4 is standard, area 5 is stub and area 6 is “totallystub”. area 4 range 10.2.10.0 255.255.254.0 area 5 stub area 6 stub no-summaryAssignment of interfaces to areas network 10.1.100.2 0.0.0.0 area 0 network 10.2.10.0 0.0.0.255 area 4 network 10.2.20.0 0.0.0.255 area 5 network 10.2.30.0 0.0.0.255 area 6 endChecking IP OSPF neighboringCisco-0#show ip ospf neighborsNeighbor ID Pri State Dead Time Address Interface1.1.1.1 1 FULL/BDR 00:00:38 10.1.100.1 Vlan100
  • 75. 2.0.0.4 1 FULL/DR 00:00:33 10.2.10.2 Vlan2102.0.0.5 1 FULL/BDR 00:00:38 10.2.20.2 Vlan2202.0.0.6 1 FULL/BDR 00:00:31 10.2.30.2 Vlan230Checking IP OSPF interfacesCisco-0#show ip ospf interface briefInterface PID Area IP Address/Mask Cost State Nbrs F/CVl100 1 0 10.1.100.2/24 1 DR 1/1Vl210 1 4 10.2.10.1/24 1 BDR 1/1Vl220 1 5 10.2.20.1/24 1 DR 1/1Vl230 1 6 10.2.30.1/24 1 DR 1/1Configuration of ProCurve-4, internal router of standard Area 4 hostname "ProCurve-4" ip routing vlan 210 ip address 10.2.10.2 255.255.255.0 exit ip router-id 2.0.0.4 router ospf area 4 exit vlan 210 ip ospf area 4 exitChecking IP OSPF statusProCurve-4# show ip ospf neighOSPF Neighbor Information Router ID Pri IP Address NbIfState State Rxmt QLen Events --------------- --- --------------- --------- -------- --------- ---------- 2.2.2.2 1 10.2.10.1 BDR FULL 0 6ProCurve-4# show ip ospf interfaceOSPF Interface Status IP Address Status Area ID State Auth-type Cost Priority --------------- -------- --------------- ------- --------- ------ --------- 10.2.10.2 enabled 0.0.0.4 DR none 1 1Checking OSPF routes: all routes are seen as Inter-Area routesProCurve-4# show ip route ospf IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ---------------- --------------- ---- --------- ---------- ---------- ----- 10.1.10.0/23 10.2.10.1 210 ospf InterArea 3 110 10.1.20.0/24 10.2.10.1 210 ospf InterArea 3 110 10.1.30.0/24 10.2.10.1 210 ospf InterArea 3 110 10.1.100.0/24 10.2.10.1 210 ospf InterArea 2 110 10.2.20.0/24 10.2.10.1 210 ospf InterArea 2 110 10.2.30.0/24 10.2.10.1 210 ospf InterArea 2 110
  • 76. Configuration of ProCurve-5, internal router of stub Area 5 hostname "ProCurve-5" ip routing vlan 220 untagged 1-26 ip address 10.2.20.2 255.255.255.0 exit ip router-id 2.0.0.5 router ospf area 5 stub 55 exit vlan 220 ip ospf area 5 exitChecking OSPF statusProCurve-5# show ip ospf neighborOSPF Neighbor Information Router ID Pri IP Address NbIfState State Rxmt QLen Events --------------- --- --------------- --------- -------- --------- ---------- 2.2.2.2 1 10.2.20.1 DR FULL 0 7ProCurve-5# show ip ospf intOSPF Interface Status IP Address Status Area ID State Auth-type Cost Priority --------------- -------- --------------- ------- --------- ------ --------- 10.2.20.2 enabled 0.0.0.5 BDR none 1 1Checking OSPF routes: all routes are seen as Inter-Area routes and a defaultroute is generated by ABR to “hide” external networks.ProCurve-5# show ip route ospf IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ---------------- --------------- ---- --------- ---------- ---------- ----- 0.0.0.0/0 10.2.20.1 220 ospf InterArea 2 110 10.1.10.0/23 10.2.20.1 220 ospf InterArea 3 110 10.1.20.0/24 10.2.20.1 220 ospf InterArea 3 110 10.1.30.0/24 10.2.20.1 220 ospf InterArea 3 110 10.1.100.0/24 10.2.20.1 220 ospf InterArea 2 110 10.2.10.0/23 10.2.20.1 220 ospf InterArea 2 110 10.2.30.0/24 10.2.20.1 220 ospf InterArea 2 110Configuration of ProCurve-6, internal router of “totally stubby”Area 6
  • 77. hostname "ProCurve-6" ip routing vlan 230 untagged 1-26 ip address 10.2.30.2 255.255.255.0 exit ip router-id 2.0.0.6 router ospf area 6 stub 66 exit vlan 230 ip ospf area 6 exitChecking OSPF status.ProCurve-6# show ip ospf neighOSPF Neighbor Information Router ID Pri IP Address NbIfState State Rxmt QLen Events --------------- --- --------------- --------- -------- --------- ---------- 2.2.2.2 1 10.2.30.1 DR FULL 0 7ProCurve-6# show ip ospf intOSPF Interface Status IP Address Status Area ID State Auth-type Cost Priority --------------- -------- --------------- ------- --------- ------ --------- 10.2.30.2 enabled 0.0.0.6 BDR none 1 1Checking OSPF routes: a default route is generated by ABR to “hide” externaland summary (inter-area) networks.ProCurve-6# show ip route ospf IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ---------------- --------------- ---- --------- ---------- ---------- ----- 0.0.0.0/0 10.2.30.1 230 ospf InterArea 2 110Other OSPF featuresOSPF costOn HP ProCurve, a default value of 1 is assigned to OSPF interfaces. It can bechanged as follows: ProCurve# conf ProCurve(config)# vlan 100 ProCurve(vlan-10)# ip ospf cost 10
  • 78. Check with: ProCurve# show ip ospf intOSPF Interface Status IP Address Status Area ID State Auth-type Cost Priority --------------- -------- --------------- ------- --------- ------ --------- 10.1.100.1 enabled 0.0.0.0 BDR none 10 1On Cisco Switch, default value is 1 on “interface Vlan”. It is defined by theformula “OSPF reference value”/Bandwidth on physical interfaces. Thereference value is equal to 100 Mbits/sec by default. The “bandwidth” valueis defined in kilobits/sec. Changing cost can be done directly or indirectlychanging the “bandwidth” value. Cisco# conf Cisco(config)# int vlan 100 Cisco(config-if)# ip ospf cost 10 Cisco(config)# int Fa 1/0/1 Cisco(config-if)# bandwidth 100000 Cisco(config)# int Fa 1/0/2 Cisco(config-if)# ip ospf cost 100 Cisco(config)# router ospf 1 Cisco(config-router)# auto-cost reference-bandwidth 10000OSPF password authenticationOn HP ProCurve, password authentication requires to define a key-chain firstthen to enable password authentication in the Vlan interface. conf hostname "ProCurve" key-chain "ospf-key" key-chain "ospf-key" key 1 key-string "hp-cisco" ip router-id 1.1.1.1 router ospf area backbone exit vlan 100 ip ospf area backbone ip ospf authentication-key "ospf-key" exitOn Cisco, password authentication is defined in the IP interface: Int vlan 100 ip ospf authentication-key hp-ciscoOSPF MD5 authentication
  • 79. On HP ProCurve, MD5 authentication is defined as follows: key-chain "ospf-key" key-chain "ospf-key" key 1 key-string "hp-cisco" vlan 100 ip ospf area backbone ip ospf md5-auth-key-chain "ospf-key" exitOn Cisco, MD5 authentication is defined in the IP interface: Int vlan 100 ip ospf message digest-key 1 md5 hp-cisco
  • 80. IP Multicast interoperabilityIntroductionThe following demonstrate IP Multicast routing using PIM (ProtocolIndependent Multicast) in dense and sparse modes.The configuration uses the following topology shown below as its basis. It is atypical L3 architecture, where each uplink is a unique broadcast domain andIP subnet. A Stream server connected to Cisco-1 in subnet 10.1.1.100, sendsa multicast flow to the multicast IP address 225.1.1.1. For our test, areceiver is connected in 10.1.200.0/24In the following we’ll configure the network in PIM dense mode then in PIMsparse mode. 10.1.200.0/24 10.1.1.0/24 e1 10.1.2.0/24 e2 Procurve-1 Gi1/1 Gi1/1 Gi1/3 Gi1/3 Gi1/2 10.1.5.0/24 Gi1/2 Cisco-1 Cisco-2 Gi1/4 10.1.100.0/24PIM DENSE ModeThis first configuration demonstrates interoperability of Cisco and ProCurveswitches in PIM dense mode.In PIM Dense mode, routers periodically flood multicast flows. If no receiversexist on the network “leaves”, routers “prune” branches of the multicast treeadvising their upstream neighbors to stop sending the not requested flows.Periodic flooding happens every 3 minutes.To avoid periodic and unnecessary flooding, the state refresh mechanism hasbeen created. With State-refresh Multicast Routers advertise their PIM Denseneighbors a packet to maintain the flows in pruning state. In other words, it’sprevention against reaction.To be effective, the feature needs to be supported by all routers in theMulticast network
  • 81. PIM Dense Configuration of ProCurve-1 hostname "ProCurve-1"First let’s enable ip routing and define VLANs, port assignment and IPaddresses. ip routing vlan 10 untagged 1 ip address 10.1.1.2 255.255.255.252 exit vlan 20 untagged 2 ip address 10.1.2.2 255.255.255.252 exitOn IP subnet/VLAN where there is potential receiver or source, we activateIGMP. As VLANs 10 and 20 are defined on uplinks, there is no need to defineIGMP. vlan 200 untagged 19 ip address 10.1.200.1 255.255.255.0 ip igmp exitFor Multicast routing, the initial step is to enable globally IP multicast routing ip multicast-routingWhen a router receives a multicast flow, it checks the flow is received via theinterface that leads to the source via the shortest path. This is called the“reverse path forwarding” process for which PIM uses the IP unicast routingtable.This is why we enable OSPF as well as PIM. ip router-id 1.0.0.0 router ospf area backbone exit router pim exitThe IP interface, defined in VLAN context on ProCurve switches, is assignedto the OPSF area 0 and is set as a PIM-Dense mode interface.Here are the commands you’ll enter: vlan 10 ip ospf area 0 ip pim-dense exitHere is what you’ll see in a show run: vlan 10 ip ospf 10.1.1.2 area backbone ip pim-dense ip-addr any exit exitThe “ip ospf 10.1.2.2 area backbone” indicates that interface is assigned toarea 0 and OSPF messages are sent with the source address 10.1.1.2. On amultinet interface (with multiple IP), you can specify what IP address is usedto be source of OSPF packets.
  • 82. The “ip-addr any” within pim-dense mode specifies that this IP Interfaceaccepts flows from any IP source address. You could restrict what multicastflows are allowed to enter this interface.Note: ProCurve switches automatically support PIM state-refresh. vlan 20 ip ospf 10.1.2.2 area backbone ip pim-dense ip-addr any exit exit vlan 200 ip ospf 10.1.200.1 area backbone ip pim-dense ip-addr any exit exitIn PIM dense mode, ProCurve automatically enables the “state refresh”mode. The state refresh feature allows a PIM device to mention to other PIMdevice that a flow has not to be sent when no downstream receiver requiresa given flow. This eliminates the need for PIM dense mode devices toregularly flood a flow to all devices within a network.Configuration of Cisco-1 hostname Cisco-1 ip routingOn Cisco switch, first step is also to enable ip multicast-routing. ip multicast-routingThe “no switchport” command sets a Physical interface as a L3 interface.After IP address is assigned, we set the IP interfaces as PIM interfaces indense mode.In this example we’ve also defined the state-refresh interval to 60sec, whichmatches the default interval on ProCurve.Note that in Cisco IOS, the “ip pim” command sets automatically “ip igmp”.This is why no IP IGMP command is seen. interface GigabitEthernet1/1 no switchport ip address 10.1.1.1 255.255.255.252 ip PIM state-refresh origination-interval 60 ip PIM dense-mode interface GigabitEthernet1/3 no switchport ip address 10.1.5.1 255.255.255.252 ip PIM state-refresh origination-interval 60 ip PIM dense-mode interface GigabitEthernet1/4 no switchport ip address 10.1.100.1 255.255.255.0 ip PIM state-refresh origination-interval 60 ip PIM dense-modeFollowing commands set OSPF for this device
  • 83. router ospf 1 router-id 0.0.0.1 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0Configuration of Cisco-2Configuration of Cisco-2 is identical to configuration of Cisco-1. hostname Cisco-2 ip routing ip multicast-routing interface GigabitEthernet1/1 no switchport ip address 10.1.2.1 255.255.255.252 ip PIM state-refresh origination-interval 60 ip PIM dense-mode interface GigabitEthernet1/3 no switchport ip address 10.1.5.2 255.255.255.252 ip PIM state-refresh origination-interval 60 ip PIM dense-mode router ospf 1 router-id 0.0.0.2 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0Checking PIM dense mode on ProCurve-1.The “show ip pim” command displays PIM global parameters. Note the state-Refresh interval equal to 60 seconds. ProCurve-1# show ip pim PIM Global Parameters PIM Status : enabled State Refresh Interval (sec) : 60 Join/Prune Interval (sec) : 60 SPT Threshold : Enabled Traps :Let’s list IP PIM interfaces and see their PIM mode. ProCurve-1# show ip pim interface PIM Interfaces VLAN IP Address Mode ---- --------------- ------------ 10 10.1.1.2 dense 20 10.1.2.2 dense 200 10.1.200.1 denseWe expect Cisco-1 and Cisco-2 to be our PIM neighbors. If they’re not, weshould verify that PIM is enabled and that the IP interfaces has beenconfigured as PIM interfaces. ProCurve-1# show ip pim neighbor PIM Neighbors
  • 84. IP Address VLAN Up Time (sec) Expire Time (sec) --------------- ---- ------------------ ------------------ 10.1.1.1 10 2686 76 10.1.2.1 20 2113 89If multicast sources are active on the network, the “show ip mroute” or the“show ip pim mroute” should show entries: ProCurve-1# show ip pim mroute PIM Route Entries Group Address Source Address Metric Metric Pref --------------- --------------- ---------- ----------- 225.1.1.1 10.1.100.100 0 100In our example, the Receiver of 225.1.1.1 is on ProCurve-1 and the source(10.1.100.100) on Cisco-1.Following shows IGMP status and what multicast groups has been “pulled”. ProCurve-1# show ip igmp Status and Counters - IP Multicast (IGMP) Status VLAN ID : 10 VLAN Name : VLAN10 IGMP is not enabled VLAN ID : 20 VLAN Name : VLAN20 IGMP is not enabled VLAN ID : 200 VLAN Name : VLAN200 Querier Address : This switch is Querier Active Group Addresses Reports Queries Querier Access Port ---------------------- ------- ------- ------------------- 225.1.1.1 8 0The following allows us to locate on what port the flows is received. ProCurve-1# show ip igmp group 225.1.1.1 IGMP ports for group 225.1.1.1 Port Type Access Age Timer Leave Timer ----- --------- ----------- --------- ----------- 19 host 0 0Checking PIM Dense mode On Cisco-1First let’s list the IP PIM interfaces.Note that IP PIM is in Version 2 Mode (V2), as on ProCurve switches, and inDense mode (D). Cisco-1#show ip pim interface Address Interface Ver/ Nbr Query DR DR Mode Count Intvl Prior 10.1.1.1 GigabitEthernet1/1 v2/D 1 30 1 10.1.1.2 10.1.3.1 GigabitEthernet1/2 v2/D 0 30 1 10.1.3.1 10.1.5.1 GigabitEthernet1/3 v2/D 1 30 1 10.1.5.2 10.1.100.1 GigabitEthernet1/4 v2/D 0 30 1 10.1.100.1
  • 85. We display IP PIM neighbors to verify PIM is active. Cisco-1#show ip pim neighbor PIM Neighbor Table Neighbor Interface Uptime/Expires Ver DR Address Prio/Mode 10.1.1.2 GigabitEthernet1/1 00:54:09/00:01:39 v2 N / DR S 10.1.5.2 GigabitEthernet1/3 00:44:38/00:01:24 v2 1 / DR SA Multicast source is active on 225.1.1.1, its source address is 10.1.100.100.It can be seen displaying IP multicast routes.Note: 224.0.1.40 multicast entry is due to the “Auto-RP” protocol, a Ciscoproprietary protocol that has equivalent functionality in PIM V2. Cisco-1#show ip mroute IP Multicast Routing Table Flags: D- Dense, S- Sparse, B- Bidir Group, s- SSM Group, C- Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 225.1.1.1), 00:29:41/stopped, RP 0.0.0.0, flags: D Incoming interface: Null, RPF nbr 0.0.0.0 Outgoing interface list: GigabitEthernet1/3, Forward/Dense, 00:29:41/00:00:00 GigabitEthernet1/1, Forward/Dense, 00:29:41/00:00:00 (10.1.100.100, 225.1.1.1), 00:29:41/00:02:58, flags: T Incoming interface: GigabitEthernet1/4, RPF nbr 0.0.0.0 Outgoing interface list: GigabitEthernet1/1, Forward/Dense, 00:29:41/00:00:00, H GigabitEthernet1/3, Prune/Dense, 00:27:16/00:02:19 (*, 224.0.1.40), 00:54:33/00:02:14, RP 0.0.0.0, flags: DCL Incoming interface: Null, RPF nbr 0.0.0.0 Outgoing interface list: GigabitEthernet1/3, Forward/Dense, 00:45:00/00:00:00 GigabitEthernet1/1, Forward/Dense, 00:54:33/00:00:00In the display above, you can see 225.1.1.1 flow enters Cisco-1 on interfaceGigabit Interface 0/4 (Incoming Interface) and leaves on Gigabit 1/1(Outgoing Interface and in “forward” state). Note Gigabit 1/3 is “pruned” Cisco-1#show ip igmp groups IGMP Connected Group Membership Group Address Interface Uptime Expires Last Reporter 224.0.1.40 GigabitEthernet1/1 00:53:30 00:02:21 10.1.1.1Checking PIM Dense On Cisco-2List IP PIM interfaces. Cisco-2#show ip pim interface Address Interface Ver/ Nbr Query DR DR Mode Count Intvl Prior 10.1.2.1 GigabitEthernet1/1 v2/D 1 30 1 10.1.2.2
  • 86. 10.1.4.1 GigabitEthernet1/2 v2/D 0 30 1 10.1.4.1 10.1.5.2 GigabitEthernet1/3 v2/D 1 30 1 10.1.5.2List IP PIM neighbors. Cisco-2#show ip pim neighbor PIM Neighbor Table Neighbor Interface Uptime/Expires Ver DR Address Prio/Mode 10.1.2.2 GigabitEthernet1/1 01:02:34/00:01:15 v2 N / DR S 10.1.5.1 GigabitEthernet1/3 01:03:04/00:01:16 v2 1 / SLet’s display multicast routes.Note: the (10.1.100.100, 225.1.1.1) flow enters int on Gi1/3 (interfacebetween Cisco-1 and Cisco-2) and is pruned on Gi 1/1 (interface leading toProCurve-1). Cisco-2#show ip mroute IP Multicast Routing Table Flags: D- Dense, S- Sparse, B- Bidir Group, s- SSM Group, C- Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 225.1.1.1), 00:48:04/stopped, RP 0.0.0.0, flags: D Incoming interface: Null, RPF nbr 0.0.0.0 Outgoing interface list: GigabitEthernet1/3, Forward/Dense, 00:48:04/00:00:00 GigabitEthernet1/1, Forward/Dense, 00:48:04/00:00:00 (10.1.100.100, 225.1.1.1), 00:48:04/00:02:07, flags: PT Incoming interface: GigabitEthernet1/3, RPF nbr 10.1.5.1 Outgoing interface list: GigabitEthernet1/1, Prune/Dense, 00:45:39/00:02:07 (*, 224.0.1.40), 01:03:21/00:02:18, RP 0.0.0.0, flags: DCL Incoming interface: Null, RPF nbr 0.0.0.0 Outgoing interface list: GigabitEthernet1/1, Forward/Dense, 01:03:21/00:00:00 GigabitEthernet1/3, Forward/Dense, 01:03:21/00:00:00List IGMP Groups. Except “Auto-rp” entry, no other IGMP entry can be seenas no receiver is present. Cisco-2#show ip igmp groups IGMP Connected Group Membership Group Address Interface Uptime Expires Last Reporter 224.0.1.40 GigabitEthernet1/1 01:03:32 00:02:07 10.1.2.1PIM SPARSE ModeHere are some explanations about PIM V2 sparse modeIn PIM Sparse mode, there is no more periodic flooding of Multicast flows.Instead, routers call for Multicast flows to a “Rendez-Vous Point” (RP) Router.And a mapping group-to-RP is set manually or statically. “A Bootstrap router
  • 87. (BSR) is elected to advertise the different mappings to all PIM Sparsemulticast routers.Here are the fundamental mechanisms as defined b y the IETF: 1- BSR Election. Each Candidate-BSR originates Bootstrap messages (BSMs). Every BSM contains a BSR Priority field. The C-BSR with the higher priority becomes the elected BSR, and its BSMs inform all the other routers in the domain that it is the elected BSR. 2- C-RP Advertisement. Each Candidate-RP sends periodic Candidate- RP-Advertisement (C-RP-Adv) messages to the elected BSR. A C-RP-Adv message includes the priority of the advertising C-RP, as well as a list of group ranges for which the candidacy is advertised. In this way, the BSR learns about possible RPs that are currently up and reachable. 3- RP-Set Formation. The BSR selects a subset of the C-RPs that it has received C-RP-Adv messages from to form the RP-Set. In general it should do this in such a way that the RP-Set is neither too large to inform all the routers in the domain about, nor too small so that load is overly concentrated on some RPs. It should also attempt to produce an RP-Set that does not change frequently. 4- RP-Set Flooding. In future Bootstrap messages, the BSR includes the RP-Set information. Bootstrap messages are flooded, which ensures that the RP-Set rapidly reaches all the routers in the domain. BSMs are originated periodically to ensure consistency after failure restoration.PIM Sparse-mode configuration of ProCurve-1Vlan and IP configuration. Vlan 200 contain receivers and IGMP is enabled. hostname "ProCurve-1" ip routing vlan 10 name "VLAN10" untagged 1 ip address 10.1.1.2 255.255.255.252 exit vlan 20 name "VLAN20" untagged 2 ip address 10.1.2.2 255.255.255.252 exit vlan 200 name "VLAN200" untagged 19 ip address 10.1.200.1 255.255.255.0 ip igmp exitGlobal OPSF Configuration ip router-id 1.0.0.0 router ospf area backbone exit
  • 88. Enabling of IP Multicast routing ip multicast-routingPIM Configuration: we define the ProCurve router to be a bsr-candidate aswell as a rp-candidate. VLAN 200 as the IP source interface and priority isdefined equal to 10 (highest is best). router pim bsr-candidate bsr-candidate source-ip-vlan 200 bsr-candidate priority 10 rp-candidate rp-candidate source-ip-vlan 200 rp-candidate group-prefix 224.0.0.0 240.0.0.0 rp-candidate hold-time 150 priority 10 exitIP interfaces are defined in PIM Sparse mode and by default accept all flows(ip-addr any) vlan 10 ip ospf 10.1.1.2 area backbone ip pim-sparse ip-addr any exit exit vlan 20 ip ospf 10.1.2.2 area backbone ip pim-sparse ip-addr any exit exit vlan 200 ip igmp ip ospf 10.1.200.1 area backbone ip pim-sparse ip-addr any exit exitPIM Sparse-mode configuration of Cisco-1 hostname Cisco-1IP multicast routing is enabled ip multicast-routingInterfaces are defined as sparse-dense mode which means that router canrun in both modes depending on the environment. “Sparse-mode” could alsobe used in this example. interface GigabitEthernet0/1 no switchport ip address 10.1.1.1 255.255.255.252 ip pim sparse-dense-mode interface GigabitEthernet0/3 no switchport ip address 10.1.5.1 255.255.255.252 ip pim sparse-dense-mode interface GigabitEthernet0/4 no switchport ip address 10.1.100.1 255.255.255.0
  • 89. ip pim sparse-dense-modeOSPF is enabled. router ospf 1 router-id 0.0.0.1 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0The router is defined as bsr-candidate (default priority is 200) and a rp-candidate with priority 200 ip pim bsr-candidate GigabitEthernet0/1 0 ip pim rp-candidate GigabitEthernet0/3 priority 200 ip pim rp-candidate GigabitEthernet0/1 priority 200 ip pim rp-candidate GigabitEthernet0/2 priority 200 endPIM Sparse-mode configuration of Cisco-2Configuration is similar to Cisco-1’s configuration except the rp-candidate isset to 100 instead of 200. hostname Cisco-2 ip routing ip multicast-routing interface GigabitEthernet0/1 no switchport ip address 10.1.2.1 255.255.255.252 ip pim sparse-dense-mode interface GigabitEthernet0/2 no switchport ip address 10.1.4.1 255.255.255.252 ip pim sparse-dense-mode interface GigabitEthernet0/3 no switchport ip address 10.1.5.2 255.255.255.252 ip pim sparse-dense-mode ip pim bsr-candidate GigabitEthernet0/3 0 ip pim rp-candidate GigabitEthernet0/3 priority 100 ip pim rp-candidate GigabitEthernet0/1 priority 100 ip pim rp-candidate GigabitEthernet0/2 priority 100 router ospf 1 router-id 0.0.0.2 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 endCheck PIM Sparse-mode on ProCurve-1PIM Global parameters ProCurve-1# show ip pim PIM Global Parameters
  • 90. PIM Status : enabled State Refresh Interval (sec) : 60 Join/Prune Interval (sec) : 60 SPT Threshold : Enabled Traps :PIM Interface parameters ProCurve-1# show ip pim interface PIM Interfaces VLAN IP Address Mode ---- --------------- ------------ 10 10.1.1.2 sparse 20 10.1.2.2 sparse 200 10.1.200.1 sparsePIM Neighbors ProCurve-1# show ip pim neighbor PIM Neighbors IP Address VLAN Up Time (sec) Expire Time (sec) --------------- ---- ------------------ ------------------ 10.1.1.1 10 9805 83 10.1.2.1 20 9802 84What router is elected PIM Bootstrap router. Based on priority, it could beCisco-1 or Cisco-2.E-BSR means Elected BSR. It is Cisco-2 (10.1.5.2)C-BSR=Candidate BSR, C-RP=candidate RP. ProCurve-1# show ip pim bsr Status and Counters - PIM-SM Bootstrap Router Information E-BSR Address : 10.1.5.2 E-BSR Priority : 200 E-BSR Hash Mask Length : 16 E-BSR Up Time : 6 hours Next Bootstrap Message : 90 secs C-BSR Admin Status : This system is a Candidate-BSR C-BSR Address : 10.1.200.1 C-BSR Priority : 10 C-BSR Hash Mask Length : 30 C-BSR Message Interval : 60 C-BSR Source IP VLAN : 200 C-RP Admin Status : This system is a Candidate-RP C-RP Address : 10.1.200.1 C-RP Hold Time : 150 C-RP Advertise Period : 60 C-RP Priority : 10 C-RP Source IP VLAN : 200 Group Address Group Mask --------------- --------------- 224.0.0.0 240.0.0.0
  • 91. PIM Candidate router. ProCurve-1# show ip pim rp-candidate Status and Counters - PIM-SM Candidate-RP Information C-RP Admin Status : This system is a Candidate-RP C-RP Address : 10.1.200.1 C-RP Hold Time : 150 C-RP Advertise Period : 60 C-RP Priority : 10 C-RP Source IP VLAN : 200 Group Address Group Mask --------------- --------------- 224.0.0.0 240.0.0.0Following displays the RP-set = mapping between RP and IP Multicast flow.Note that no static mapping has been set and that all RP-candidates are setto accept all IP Multicast flows. ProCurve-1# show ip pim rp-set Status and Counters - PIM-SM Static RP-Set Information Group Address Group Mask RP Address Override --------------- --------------- --------------- -------- Status and Counters - PIM-SM Learned RP-Set Information Group Address Group Mask RP Address Hold Time Expire Time --------------- --------------- --------------- --------- ------------- 224.0.0.0 240.0.0.0 10.1.1.1 168 109 224.0.0.0 240.0.0.0 10.1.2.1 163 104 224.0.0.0 240.0.0.0 10.1.5.1 172 113 224.0.0.0 240.0.0.0 10.1.200.1 116 57Check PIM Sparse-mode on Cisco-1List PIM interfaces Cisco-1#show ip pim interface Address Interface Ver/ Nbr Query DR DR Mode Count Intvl Prior 10.1.1.1 GigabitEthernet0/1 v2/SD 1 30 1 10.1.1.2 10.1.5.1 GigabitEthernet0/3 v2/SD 1 30 1 10.1.5.2 10.1.100.1 GigabitEthernet0/4 v2/SD 0 30 1 10.1.100.1List PIM neighbors Cisco-1#show ip pim neighbor PIM Neighbor Table Neighbor Interface Uptime/Expires Ver DR Address Prio/Mode 10.1.1.2 GigabitEthernet0/1 02:42:31/00:01:17 v2 1 / DR 10.1.5.2 GigabitEthernet0/3 04:05:42/00:01:15 v2 1 / DR SList IP Multicast routes Cisco-1#show ip mroute IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
  • 92. L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 225.1.1.1), 03:49:31/stopped, RP 10.1.200.1, flags: SPF Incoming interface: GigabitEthernet0/1, RPF nbr 10.1.1.2 Outgoing interface list: Null (10.1.100.100, 225.1.1.1), 02:43:12/00:03:29, flags: FT Incoming interface: GigabitEthernet0/4, RPF nbr 0.0.0.0, Registering (data-header) Outgoing interface list: GigabitEthernet0/1, Forward/Sparse-Dense, 02:37:22/00:03:08, HList PIM RP and BSR information. Note BSR is 10.1.5.I2 (Cisco-2) Cisco-1#sh ip pim rp Group: 225.1.1.1, RP: 10.1.200.1, v2, uptime 02:28:15, expires 00:01:07 PIMv2 Bootstrap information BSR address: 10.1.5.2 (?) Uptime: 00:05:07, BSR Priority: 200, Hash mask length: 16 Expires: 00:02:22 This system is a candidate BSR Candidate BSR address: 10.1.1.1, priority: 0, hash mask length: 0 Candidate RP: 10.1.5.1(GigabitEthernet0/3) Advertisement interval 60 seconds Next advertisement in 00:00:10 Candidate RP priority : 200 Candidate RP: 10.1.1.1(GigabitEthernet0/1) Advertisement interval 60 seconds Next advertisement in 00:00:05 Candidate RP priority : 200Check PIM Sparse-mode on Cisco-2List PIM interfaces Cisco-2#sh ip pim interface Address Interface Ver/ Nbr Query DR DR Mode Count Intvl Prior 10.1.2.1 GigabitEthernet0/1 v2/SD 1 30 1 10.1.2.2 10.1.5.2 GigabitEthernet0/3 v2/SD 1 30 1 10.1.5.2List PIM neighbors Cisco-2#sh ip pim neighbor PIM Neighbor Table Neighbor Interface Uptime/Expires Ver DR Address Prio/Mode 10.1.2.2 GigabitEthernet0/1 02:20:52/00:01:24 v2 1 / DR 10.1.5.1 GigabitEthernet0/3 03:44:10/00:01:41 v2 1 / SList IP Multicast routes Cisco-2#sh ip mroute IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag,
  • 93. T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 225.1.1.1), 03:29:12/stopped, RP 10.1.200.1, flags: S Incoming interface: GigabitEthernet0/1, RPF nbr 10.1.2.2 Outgoing interface list: GigabitEthernet0/3, Forward/Sparse-Dense, 02:00:20/00:00:00, H (10.1.100.100, 225.1.1.1), 02:22:53/00:02:46, flags: PT Incoming interface: GigabitEthernet0/3, RPF nbr 10.1.5.1 Outgoing interface list: NullDisplay of PIM RP and BSR routers information Cisco-2#sh ip pim bsr-router PIMv2 Bootstrap information This system is the Bootstrap Router (BSR) BSR address: 10.1.5.2 (?) Uptime: 00:00:02, BSR Priority: 200, Hash mask length: 16 Next bootstrap message in 00:00:57 Candidate RP: 10.1.5.2(GigabitEthernet0/3) Advertisement interval 60 seconds Next advertisement in 00:00:10 Candidate RP priority : 100 Candidate RP: 10.1.2.1(GigabitEthernet0/1) Advertisement interval 60 seconds Next advertisement in 00:00:04 Candidate RP priority : 100Display Mapping between RP and Multicast groups/flows Cisco-2#sh ip pim rp Group: 225.1.1.1, RP: 10.1.200.1, v2, uptime 02:22:22, expires 00:02:06