Page 1
Aruba 2530 Management and
Configuration Guide for ArubaOSSwitch 16.05
Part Number: 5200-4207a
Published: April 2018
Edition: 2
Page 2
©
Copyright 2017 Hewlett Packard Enterprise
Notices
The information contained herein is subject to change without notice. The only warranties for Hewlett Packard
Enterprise products and services are set forth in the express warranty statements accompanying such products
and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard
Enterprise shall not be liable for technical or editorial errors or omissions contained herein.
Confidential computer software. Valid license from Hewlett Packard Enterprise required for possession, use, or
copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software
Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's
standard commercial license.
Links to third-party websites take you outside the Hewlett Packard Enterprise website. Hewlett Packard Enterprise
has no control over and is not responsible for information outside the Hewlett Packard Enterprise website.
Acknowledgments
Intel®, Itanium®, Pentium®, Intel Inside®, and the Intel Inside logo are trademarks of Intel Corporation in the United
States and other countries.
Microsoft® and Windows® are either registered trademarks or trademarks of Microsoft Corporation in the United
States and/or other countries.
Adobe® and Acrobat® are trademarks of Adobe Systems Incorporated.
Java® and Oracle® are registered trademarks of Oracle and/or its affiliates.
UNIX® is a registered trademark of The Open Group.
Page 3
Contents
Chapter 1 About this guide........................................................................... 19
Applicable products..................................................................................................................................19
Switch prompts used in this guide........................................................................................................... 19
Chapter 2 Time Protocols..............................................................................20
General steps for running a time protocol on the switch..........................................................................20
TimeP time synchronization.......................................................................................................... 20
SNTP time synchronization...........................................................................................................20
Selecting a time synchronization protocol................................................................................................21
Disabling time synchronization................................................................................................................ 21
SNTP: Selecting and configuring............................................................................................................. 21
Viewing and configuring SNTP (Menu)......................................................................................... 22
Viewing and configuring SNTP (CLI).............................................................................................24
Configuring (enabling or disabling) the SNTP mode.......................................................... 26
TimeP: Selecting and configuring............................................................................................................ 31
Viewing, enabling, and modifying the TimeP protocol (Menu)...................................................... 31
Viewing the current TimeP configuration (CLI)..............................................................................33
Configuring (enabling or disabling) the TimeP mode......................................................... 34
SNTP unicast time polling with multiple SNTP servers............................................................................37
Displaying all SNTP server addresses configured on the switch (CLI)......................................... 38
Adding and deleting SNTP server addresses............................................................................... 38
Adding addresses...............................................................................................................38
Deleting addresses.............................................................................................................38
Operating with multiple SNTP server addresses configured (Menu)....................................................... 39
SNTP messages in the Event Log........................................................................................................... 39
Network Time Protocol (NTP).................................................................................................................. 39
Commands....................................................................................................................................39
timesync Command.........................................................................................................39
timesync ntp....................................................................................................................... 40
ntp...................................................................................................................................... 40
[no] ntp............................................................................................................................... 40
ntp enable...........................................................................................................................41
ntp authentication............................................................................................................... 41
ntp authentication key-id ................................................................................................... 42
ntp max-association........................................................................................................... 43
ntp server........................................................................................................................... 44
ntp server key-id.................................................................................................................45
ntp ipv6-multicast............................................................................................................... 46
debug ntp........................................................................................................................... 46
ntp trap............................................................................................................................... 47
show ntp statistics.............................................................................................................. 48
show ntp status.................................................................................................................. 48
show ntp associations........................................................................................................ 49
show ntp authentication......................................................................................................50
Validation rules................................................................................................................... 51
Event log messages........................................................................................................... 53
Chapter 3 Port Status and Configuration.....................................................55
Contents 3
Page 4
Viewing port status and configuring port parameters...............................................................................55
Connecting transceivers to fixed-configuration devices................................................................ 55
Viewing port configuration (Menu).................................................................................................55
Configuring ports (Menu)....................................................................................................58
Viewing port status and configuration (CLI).................................................................................. 59
Dynamically updating the show interfaces command (CLI/Menu)..................................... 59
Customizing the show interfaces command (CLI).........................................................................60
Error messages associated with the show interfaces command........................................61
Viewing port utilization statistics (CLI)...........................................................................................62
Operating notes for viewing port utilization statistics..........................................................63
Viewing transceiver status (CLI)....................................................................................................63
Operating Notes................................................................................................................. 63
Enabling or disabling ports and configuring port mode (CLI)........................................................ 64
Enabling or disabling flow control (CLI).........................................................................................65
Configuring a broadcast limit.........................................................................................................67
Broadcast-limit....................................................................................................................67
Port shutdown with broadcast storm............................................................................................. 67
Viewing broadcast storm.................................................................................................... 68
SNMP MIB..........................................................................................................................69
Configuring auto-MDIX..................................................................................................................71
Manual override..................................................................................................................72
Configuring auto-MDIX (CLI)..............................................................................................72
Using friendly (optional) port names........................................................................................................ 74
Configuring and operating rules for friendly port names............................................................... 74
Configuring friendly port names (CLI)........................................................................................... 74
Configuring a single port name (CLI)................................................................................. 75
Configuring the same name for multiple ports (CLI)...........................................................75
Displaying friendly port names with other port data (CLI)............................................................. 75
Listing all ports or selected ports with their friendly port names (CLI)................................76
Including friendly port names in per-port statistics listings (CLI)........................................ 77
Searching the configuration for ports with friendly port names (CLI)................................. 77
Uni-directional link detection (UDLD).......................................................................................................78
Configuring UDLD......................................................................................................................... 79
Configuring uni-directional link detection (UDLD) (CLI)..................................................... 79
Enabling UDLD (CLI)..........................................................................................................80
Changing the keepalive interval (CLI)................................................................................ 80
Changing the keepalive retries (CLI)..................................................................................80
Configuring UDLD for tagged ports.................................................................................... 80
Viewing UDLD information (CLI)................................................................................................... 81
Viewing summary information on all UDLD-enabled ports (CLI)........................................81
Viewing detailed UDLD information for specific ports (CLI)................................................82
Clearing UDLD statistics (CLI)........................................................................................... 82
Chapter 4 Power Over Ethernet (PoE/PoE+) Operation..............................84
Introduction to PoE.................................................................................................................................. 84
PoE terminology............................................................................................................................84
Planning and implementing a PoE configuration..................................................................................... 84
Power requirements...................................................................................................................... 84
Assigning PoE ports to VLANs......................................................................................................85
Applying security features to PoE configurations..........................................................................85
Assigning priority policies to PoE traffic........................................................................................ 85
PoE Event Log messages.............................................................................................................85
About PoE operation................................................................................................................................85
Configuration options.................................................................................................................... 86
PD support.................................................................................................................................... 86
4 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 5
Power priority operation................................................................................................................ 87
Configuring PoE operation.......................................................................................................................87
Disabling or re-enabling PoE port operation................................................................................. 87
Enabling support for pre-standard devices................................................................................... 87
Configuring the PoE port priority................................................................................................... 88
Controlling PoE allocation............................................................................................................. 89
Manually configuring PoE power levels........................................................................................ 90
Changing the threshold for generating a power notice................................................................. 92
Cycling power on a port................................................................................................................ 93
PoE/PoE+ allocation using LLDP information..........................................................................................93
LLDP with PoE.............................................................................................................................. 93
Enabling or disabling ports for allocating power using LLDP............................................. 93
Enabling PoE detection via LLDP TLV advertisement........................................................94
LLDP with PoE+............................................................................................................................94
Overview............................................................................................................................ 94
PoE allocation.................................................................................................................... 94
Initiating advertisement of PoE+ TLVs............................................................................... 95
Viewing PoE when using LLDP information....................................................................... 96
Operation note....................................................................................................................97
Viewing the global PoE power status of the switch..................................................................................98
Viewing PoE status on all ports.....................................................................................................99
Viewing the PoE status on specific ports.................................................................................... 101
Chapter 5 Port Trunking.............................................................................. 104
Overview of port trunking....................................................................................................................... 104
Port connections and configuration.............................................................................................104
Port trunk features and operation.......................................................................................................... 105
Fault tolerance ........................................................................................................................... 105
Trunk configuration methods..................................................................................................................105
Dynamic LACP trunk...................................................................................................................105
Static trunk.................................................................................................................................. 106
Viewing and configuring a static trunk group (Menu)............................................................................. 110
Viewing and configuring port trunk groups (CLI)....................................................................................112
Viewing static trunk type and group for all ports or for selected ports.........................................112
Viewing static LACP and dynamic LACP trunk data................................................................... 113
Dynamic LACP Standby Links.....................................................................................................113
Configuring a static trunk or static LACP trunk group..................................................................114
Removing ports from a static trunk group....................................................................................114
Enabling a dynamic LACP trunk group........................................................................................115
Removing ports from a dynamic LACP trunk group.................................................................... 115
Viewing existing port trunk groups (WebAgent)..................................................................................... 116
Trunk group operation using LACP........................................................................................................116
Default port operation..................................................................................................................118
LACP notes and restrictions........................................................................................................119
802.1X (Port-based access control) configured on a port................................................ 120
Port security configured on a port.................................................................................... 120
Changing trunking methods............................................................................................. 120
Static LACP trunks........................................................................................................... 120
Dynamic LACP trunks...................................................................................................... 120
VLANs and dynamic LACP.............................................................................................. 120
Blocked ports with older devices...................................................................................... 121
Spanning Tree and IGMP.................................................................................................121
Half-duplex, different port speeds, or both not allowed in LACP trunks........................... 122
Dynamic/static LACP interoperation.................................................................................122
Trunk group operation using the "trunk" option......................................................................................122
Contents 5
Page 6
How the switch lists trunk data...............................................................................................................122
Outbound traffic distribution across trunked links.................................................................................. 123
Chapter 6 Port Traffic Controls................................................................... 125
VLAN-based rate-limiting....................................................................................................................... 125
ICMP rate-limiting.................................................................................................................................. 125
Guidelines for configuring ICMP rate-limiting..............................................................................126
Configuring ICMP rate-limiting.................................................................................................... 126
Using both ICMP rate-limiting and all-traffic rate-limiting on the same interface.........................127
Viewing the current ICMP rate-limit configuration....................................................................... 128
Operating notes for ICMP rate-limiting........................................................................................128
Notes on testing ICMP rate-limiting..................................................................................129
ICMP rate-limiting trap and Event Log messages.......................................................................130
Determining the switch port number used in ICMP port reset commands....................... 130
Configuring inbound rate-limiting for broadcast and multicast traffic.......................................... 131
Operating Notes............................................................................................................... 132
Jumbo frames........................................................................................................................................ 133
Operating rules............................................................................................................................133
Jumbo traffic-handling...................................................................................................... 134
Configuring jumbo frame operation.............................................................................................135
Overview.......................................................................................................................... 135
Viewing the current jumbo configuration.......................................................................... 135
Enabling or disabling jumbo traffic on a VLAN................................................................. 137
Configuring a maximum frame size.............................................................................................137
Configuring IP MTU..........................................................................................................138
SNMP implementation......................................................................................................138
Displaying the maximum frame size.................................................................................138
Operating notes for maximum frame size........................................................................ 138
Troubleshooting...........................................................................................................................139
A VLAN is configured to allow jumbo frames, but one or more ports drops all inbound
jumbo frames....................................................................................................................139
A non-jumbo port is generating "Excessive undersize/giant frames" messages in the
Event Log......................................................................................................................... 139
Chapter 7 Fault-Finder port-level link-flap................................................. 140
Overview................................................................................................................................................ 140
Fault-finder link-flap .............................................................................................................................. 140
Show fault-finder link-flap.......................................................................................................................142
Event Log...............................................................................................................................................143
Restrictions............................................................................................................................................ 143
Chapter 8 Configuring for Network Management Applications...............144
Using SNMP tools to manage the switch...............................................................................................144
SNMP management features......................................................................................................144
SNMPv1 and v2c access to the switch....................................................................................... 145
SNMPv3 access to the switch.....................................................................................................145
Enabling and disabling switch for access from SNMPv3 agents......................................146
Enabling or disabling restrictions to access from only SNMPv3 agents...........................146
Enabling or disabling restrictions from all non-SNMPv3 agents to read-only access...... 146
Viewing the operating status of SNMPv3......................................................................... 146
Viewing status of message reception of non-SNMPv3 messages................................... 146
Viewing status of write messages of non-SNMPv3 messages.........................................146
Enabling SNMPv3............................................................................................................ 146
6 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 7
SNMPv3 users................................................................................................................. 147
Group access levels......................................................................................................... 150
SNMPv3 communities...................................................................................................... 151
Viewing and configuring non-version-3 SNMP communities (Menu)............................... 152
Listing community names and values (CLI)..................................................................... 153
SNMP notifications......................................................................................................................154
Supported Notifications.................................................................................................... 155
General steps for configuring SNMP notifications............................................................155
SNMPv1 and SNMPv2c Traps......................................................................................... 155
SNMP trap receivers........................................................................................................ 156
SNMPv2c informs.............................................................................................................157
Configuring SNMPv3 notifications (CLI)...........................................................................158
Network security notifications...........................................................................................161
Enabling Link-Change Traps (CLI)...................................................................................163
Source IP address for SNMP notifications....................................................................... 164
Viewing SNMP notification configuration (CLI).................................................................166
Advanced management: RMON................................................................................................. 166
CLI-configured sFlow with multiple instances............................................................................. 167
Configuring sFlow (CLI)....................................................................................................167
Viewing sFlow Configuration and Status (CLI).................................................................168
Configuring UDLD Verify before forwarding...........................................................................................169
UDLD time delay......................................................................................................................... 169
Restrictions.......................................................................................................................170
UDLD configuration commands.................................................................................................. 170
Show commands.........................................................................................................................171
RMON generated when user changes UDLD mode................................................................... 171
LLDP...................................................................................................................................................... 171
General LLDP operation............................................................................................................. 172
LLDP-MED....................................................................................................................... 172
Packet boundaries in a network topology................................................................................... 172
LLDP operation configuration options......................................................................................... 173
Enable or disable LLDP on the switch..............................................................................173
Enable or disable LLDP-MED.......................................................................................... 173
Change the frequency of LLDP packet transmission to neighbor devices....................... 173
Change the Time-To-Live for LLDP packets sent to neighbors........................................ 173
Transmit and receive mode..............................................................................................173
SNMP notification.............................................................................................................173
Per-port (outbound) data options..................................................................................... 173
Remote management address......................................................................................... 175
Debug logging.................................................................................................................. 175
Options for reading LLDP information collected by the switch....................................................175
LLDP and LLDP-MED standards compatibility........................................................................... 175
LLDP operating rules.................................................................................................................. 176
Port trunking..................................................................................................................... 176
IP address advertisements...............................................................................................176
Spanning-tree blocking.....................................................................................................176
802.1X blocking................................................................................................................176
Configuring LLDP operation........................................................................................................176
Displaying the global LLDP, port admin, and SNMP notification status (CLI).................. 176
Configuring Global LLDP Packet Controls....................................................................... 178
Configuring SNMP notification support............................................................................ 181
Configuring per-port transmit and receive modes (CLI)................................................... 182
Basic LLDP per-port advertisement content.....................................................................182
Support for port speed and duplex advertisements..........................................................184
Port VLAN ID TLV support on LLDP........................................................................................... 185
Configuring the VLAN ID TLV...........................................................................................185
Viewing the TLVs advertised............................................................................................ 185
Contents 7
Page 8
SNMP support.................................................................................................................. 186
LLDP-MED (media-endpoint-discovery)..................................................................................... 187
LLDP-MED endpoint support........................................................................................... 188
LLDP-MED endpoint device classes................................................................................ 188
LLDP-MED operational support....................................................................................... 188
LLDP-MED fast start control.............................................................................................189
Advertising device capability, network policy, PoE status and location data.................... 189
Location data for LLDP-MED devices.............................................................................. 192
Viewing switch information available for outbound advertisements............................................ 196
Displaying the current port speed and duplex configuration on a switch port.................. 197
Viewing advertisements currently in the neighbors MIB...................................................198
Displaying LLDP statistics................................................................................................ 199
LLDP Operating Notes................................................................................................................ 201
Neighbor maximum.......................................................................................................... 201
LLDP packet forwarding................................................................................................... 201
One IP address advertisement per port........................................................................... 201
802.1Q VLAN Information................................................................................................ 201
Effect of 802.1X Operation............................................................................................... 201
Neighbor data can remain in the neighbor database after the neighbor is
disconnected.................................................................................................................... 202
Mandatory TLVs............................................................................................................... 202
LLDP and CDP data management..............................................................................................202
LLDP and CDP neighbor data..........................................................................................202
CDP operation and commands........................................................................................ 203
Viewing the current CDP configuration of the switch........................................................203
Viewing the current CDP neighbors table of the switch....................................................204
Enabling and Disabling CDP Operation........................................................................... 205
Enabling or disabling CDP operation on individual ports................................................. 205
Filtering CDP information............................................................................................................ 205
Configuring the switch to filter untagged traffic.................................................................206
Displaying the configuration............................................................................................. 206
Filtering PVID mismatch log messages...................................................................................... 206
Generic header ID in configuration file...................................................................................................207
Introduction................................................................................................................................. 207
Add-Ignore-Tag option.................................................................................................................207
Configuration commands for the add-ignore-tag option..............................................................208
Show logging commands for the add-ignore-tag option..............................................................208
Exclusions................................................................................................................................... 209
Chapter 9 Captive Portal for ClearPass..................................................... 210
Requirements.........................................................................................................................................210
Best Practices........................................................................................................................................ 211
Limitations.............................................................................................................................................. 211
Features................................................................................................................................................. 211
High Availability........................................................................................................................... 211
Load balancing and redundancy................................................................................................. 211
Captive Portal when disabled................................................................................................................ 212
Disabling Captive Portal..............................................................................................................212
Configuring Captive Portal on CPPM.....................................................................................................212
Import the HP RADIUS dictionary............................................................................................... 212
Create enforcement profiles........................................................................................................213
Create a ClearPass guest self-registration................................................................................. 214
Configure the login delay ........................................................................................................... 215
Configuring the switch............................................................................................................................215
Configure the URL key................................................................................................................216
8 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 9
Configuring a certificate for Captive Portal usage..................................................................................216
Display Captive Portal configuration...................................................................................................... 216
Show certificate information...................................................................................................................217
Troubleshooting..................................................................................................................................... 217
Event Timestamp not working.....................................................................................................217
Cannot enable Captive Portal..................................................................................................... 217
Unable to enable feature.............................................................................................................218
Authenticated user redirected to login page ...............................................................................218
Unable to configure a URL hash key.......................................................................................... 219
authentication command............................................................................................................. 219
show command........................................................................................................................... 219
Debug command.........................................................................................................................220
Chapter 10 Zero Touch Provisioning with AirWave and Central............. 221
Zero Touch Provisioning........................................................................................................................ 221
ZTP with AirWave.................................................................................................................................. 221
DHCP-based ZTP with AirWave................................................................................................. 221
Configuring DHCP-based ZTP with AirWave................................................................... 221
Limitations................................................................................................................................... 223
Best Practices............................................................................................................................. 223
Configure AirWave details in DHCP (preferred method).............................................................223
Configure AirWave details in DHCP (alternative method)...........................................................228
Configure AirWave details manually........................................................................................... 235
amp-server....................................................................................................................... 236
debug ztp..........................................................................................................................237
Stacking support......................................................................................................................... 237
Disabling ZTP..............................................................................................................................237
Image Upgrade........................................................................................................................... 238
Troubleshooting...........................................................................................................................238
AMP server messages..................................................................................................... 238
Activate based ZTP with AirWave...............................................................................................238
Configuring Activate-based ZTP with AirWave.................................................................238
ZTP with Aruba Central..........................................................................................................................239
LED behavior during connectivity loss........................................................................................ 241
Aruba Central Configuration manually........................................................................................ 241
aruba-central.................................................................................................................... 241
Troubleshooting...........................................................................................................................242
show aruba-central...........................................................................................................242
debug ztp..........................................................................................................................242
Stacking support......................................................................................................................... 242
Chapter 11 Auto configuration upon Aruba AP detection........................243
Auto device detection and configuration................................................................................................ 243
Requirements..............................................................................................................................243
Limitations................................................................................................................................... 243
Feature Interactions.................................................................................................................... 243
Profile Manager and 802.1X.............................................................................................244
Profile Manager and LMA/WMA/MAC-AUTH...................................................................244
Profile manager and Private VLANs.................................................................................244
Procedure for creating a device identity and associating a device type......................................244
device-profile name.....................................................................................................................245
device-profile type....................................................................................................................... 246
Rogue AP Isolation................................................................................................................................ 247
Limitations................................................................................................................................... 247
Contents 9
Page 10
Feature Interactions.................................................................................................................... 248
MAC lockout and lockdown ............................................................................................. 248
LMA/WMA/802.1X/Port-Security...................................................................................... 248
L3 MAC............................................................................................................................ 249
Using the Rogue AP Isolation feature......................................................................................... 249
rogue-ap-isolation....................................................................................................................... 250
rogue-ap-isolation action.............................................................................................................250
rogue-ap-isolation whitelist..........................................................................................................251
clear rogue-ap-isolation...............................................................................................................251
Troubleshooting..................................................................................................................................... 252
Dynamic configuration not displayed when using “show running-config”....................................252
Switch does not detect the rogue AP TLVs.................................................................................252
The show run command displays non-numerical value for untagged-vlan...............................252
Show commands.........................................................................................................................253
Validation Rules...........................................................................................................................253
Chapter 12 LACP-MAD.................................................................................256
LACP-MAD commands..........................................................................................................................256
Configuration command.............................................................................................................. 256
show commands......................................................................................................................... 256
clear command............................................................................................................................256
LACP-MAD overview............................................................................................................................. 256
Chapter 13 Scalability IP Address VLAN and Routing Maximum Values
....................................................................................................................... 258
Chapter 14 File Transfers............................................................................ 260
Overview................................................................................................................................................ 260
Downloading switch software.................................................................................................................260
General software download rules................................................................................................260
Using TFTP to download software from a server........................................................................260
Downloading from a server to primary flash using TFTP (Menu).....................................261
Troubleshooting TFTP download failures.........................................................................263
Downloading from a server to flash using TFTP (CLI)..................................................... 264
Using SCP and SFTP................................................................................................................. 265
Enabling SCP and SFTP.............................................................................................................266
Disabling TFTP and auto-TFTP for enhanced security.................................................... 266
Enabling SSH V2 (required for SFTP)..............................................................................268
Authentication...................................................................................................................268
SCP/SFTP operating notes.............................................................................................. 269
Troubleshooting SSH, SFTP, and SCP operations.......................................................... 270
Using Xmodem to download switch software from a PC or UNIX workstation........................... 271
Downloading to primary flash using Xmodem (Menu)......................................................271
Downloading to primary or secondary flash using Xmodem and a terminal emulator
(CLI)................................................................................................................................. 272
Switch-to-switch download..........................................................................................................273
Switch-to-switch download to primary flash (Menu)......................................................... 273
Downloading the OS from another switch (CLI)............................................................... 274
Using AirWave to update switch software...................................................................................275
Using IMC to update switch software..........................................................................................275
Copying software images.......................................................................................................................275
TFTP: Copying a software image to a remote host (CLI)............................................................275
10 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 11
Xmodem: Copying a software image from the switch to a serially connected PC or UNIX
workstation (CLI)......................................................................................................................... 276
Transferring switch configurations......................................................................................................... 276
TFTP: Copying a configuration file to a remote host (CLI)..........................................................276
TFTP: Copying a configuration file from a remote host (CLI)......................................................277
TFTP: Copying a customized command file to a switch (CLI).................................................... 277
Xmodem: Copying a configuration file to a serially connected PC or UNIX workstation (CLI)....278
Xmodem: Copying a configuration file from a serially connected PC or UNIX workstation
(CLI)............................................................................................................................................ 278
Copying diagnostic data to a remote host, PC or UNIX workstation .....................................................279
Copying command output to a destination device (CLI)............................................................. 280
Copying Event Log output to a destination device (CLI)............................................................. 280
Copying crash data content to a destination device (CLI)...........................................................280
Chapter 15 Monitoring and Analyzing Switch Operation......................... 282
Overview................................................................................................................................................ 282
Accessing port and trunk group statistics.............................................................................................. 282
show interfaces........................................................................................................................... 282
Reset port counters.....................................................................................................................282
clear statistics...................................................................................................................283
Accessing port and trunk statistics (Menu)................................................................................. 284
MAC address tables...............................................................................................................................284
MAC address views and searches..............................................................................................284
show mac-address........................................................................................................... 284
Using the menu to view and search MAC addresses.......................................................285
Finding the port connection for a specific device on a VLAN........................................... 286
Viewing and searching port-level MAC addresses...........................................................287
Determining whether a specific device is connected to the selected port........................ 287
MSTP data............................................................................................................................................. 287
show spanning-tree.....................................................................................................................288
IP IGMP status.......................................................................................................................................288
show ip igmp............................................................................................................................... 289
VLAN information...................................................................................................................................290
show vlan.................................................................................................................................... 290
Configuring a source switch in a local mirroring session....................................................................... 291
Selecting all traffic on a port interface for mirroring according to traffic direction...................................292
Viewing all mirroring sessions configured on the switch........................................................................293
Viewing the mirroring configuration for a specific session..................................................................... 294
Using the Menu to configure local mirroring.......................................................................................... 295
Menu and WebAgent limits......................................................................................................... 295
High-level overview of the mirror configuration process........................................................................ 295
Determine the mirroring session and destination........................................................................295
For a local mirroring session............................................................................................ 295
Configure the monitored traffic in a mirror session...........................................................295
Classifier-based mirroring configuration................................................................................................ 295
Classifier-based mirroring restrictions.........................................................................................297
Mirroring configuration examples................................................................................................ 298
Maximum supported frame size.............................................................................................................299
Enabling jumbo frames to increase the mirroring path MTU.......................................................299
Effect of downstream VLAN tagging on untagged, mirrored traffic........................................................300
Operating notes for traffic mirroring.............................................................................................301
Troubleshooting traffic mirroring............................................................................................................ 303
Interface monitoring features................................................................................................................. 303
Configuring port and static trunk monitoring (Menu)................................................................... 303
Configuring port and static trunk monitoring (CLI)...................................................................... 304
Contents 11
Page 12
Displaying the monitoring configuration........................................................................... 304
Configuring the monitor port.............................................................................................304
Selecting or removing monitoring source interfaces........................................................ 305
Chapter 16 Troubleshooting........................................................................306
Overview................................................................................................................................................ 306
Troubleshooting approaches..................................................................................................................306
Browser or Telnet access problems....................................................................................................... 307
Cannot access the WebAgent.....................................................................................................307
Cannot Telnet into the switch console from a station on the network......................................... 307
Unusual network activity........................................................................................................................ 308
General problems........................................................................................................................308
The network runs slow; processes fail; users cannot access servers or other devices... 308
Duplicate IP addresses.................................................................................................... 308
Duplicate IP addresses in a DHCP network.....................................................................309
The switch has been configured for DHCP/Bootp operation, but has not received a
DHCP or Bootp reply........................................................................................................309
802.1Q Prioritization problems....................................................................................................309
Ports configured for non-default prioritization (level 1 to 7) are not performing the
specified action.................................................................................................................309
Addressing ACL problems.......................................................................................................... 309
ACLs are properly configured and assigned to VLANs, but the switch is not using the
ACLs to filter IP layer 3 packets....................................................................................... 309
The switch does not allow management access from a device on the same VLAN........ 310
Error (Invalid input) when entering an IP address............................................................ 310
Apparent failure to log all "deny" matches........................................................................311
The switch does not allow any routed access from a specific host, group of hosts, or
subnet...............................................................................................................................311
The switch is not performing routing functions on a VLAN...............................................311
Routing through a gateway on the switch fails................................................................. 311
IGMP-related problems............................................................................................................... 312
IP multicast (IGMP) traffic that is directed by IGMP does not reach IGMP hosts or a
multicast router connected to a port................................................................................. 313
IP multicast traffic floods out all ports; IGMP does not appear to filter traffic................... 313
LACP-related problems...............................................................................................................313
Unable to enable LACP on a port with the interface <port-number> lacp
command .........................................................................................................................313
Port-based access control (802.1X)-related problems................................................................313
The switch does not receive a response to RADIUS authentication requests................. 313
The switch does not authenticate a client even though the RADIUS server is properly
configured and providing a response to the authentication request.................................314
During RADIUS-authenticated client sessions, access to a VLAN on the port used for
the client sessions is lost..................................................................................................314
The switch appears to be properly configured as a supplicant, but cannot gain access
to the intended authenticator port on the switch to which it is connected........................ 314
The supplicant statistics listing shows multiple ports with the same authenticator MAC
address.............................................................................................................................314
The show port-access authenticator <port-list> command shows one
or more ports remain open after they have been configured with control
unauthorized ...............................................................................................................314
RADIUS server fails to respond to a request for service, even though the server's IP
address is correctly configured in the switch....................................................................315
The authorized MAC address on a port that is configured for both 802.1X and port
security either changes or is re-acquired after execution of aaa port-access
authenticator <port-list> initialize ..........................................................315
12 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 13
A trunked port configured for 802.1X is blocked.............................................................. 315
QoS-related problems................................................................................................................. 315
Loss of communication when using VLAN-tagged traffic................................................. 316
Radius-related problems............................................................................................................. 316
The switch does not receive a response to RADIUS authentication requests................. 316
RADIUS server fails to respond to a request for service, even though the server's IP
address is correctly configured in the switch....................................................................316
MSTP and fast-uplink problems.................................................................................................. 317
Broadcast storms appearing in the network..................................................................... 317
STP blocks a link in a VLAN even though there are no redundant links in that VLAN.....317
Fast-uplink troubleshooting.............................................................................................. 317
SSH-related problems.................................................................................................................317
Switch access refused to a client..................................................................................... 317
Executing IP SSH does not enable SSH on the switch....................................................318
Switch does not detect a client's public key that does appear in the switch's public
key file (show ip client-public-key) ....................................................................318
An attempt to copy a client public-key file into the switch has failed and the switch
lists one of the following messages..................................................................................318
Client ceases to respond ("hangs") during connection phase..........................................318
TACACS-related problems..........................................................................................................318
Event Log......................................................................................................................... 318
All users are locked out of access to the switch...............................................................318
No communication between the switch and the TACACS+ server application................ 319
Access is denied even though the username/password pair is correct............................319
Unknown users allowed to login to the switch..................................................................319
System allows fewer login attempts than specified in the switch configuration................320
TimeP, SNTP, or Gateway problems........................................................................................... 320
The switch cannot find the time server or the configured gateway.................................. 320
VLAN-related problems...............................................................................................................320
Monitor port...................................................................................................................... 320
None of the devices assigned to one or more VLANs on an 802.1Q-compliant switch
are being recognized........................................................................................................320
Link configured for multiple VLANs does not support traffic for one or more VLANs.......320
Duplicate MAC addresses across VLANs........................................................................ 321
Fan failure................................................................................................................................... 321
Viewing transceiver information............................................................................................................. 321
Viewing information about transceivers (CLI)..............................................................................323
MIB support.................................................................................................................................323
Viewing transceiver information.................................................................................................. 323
Information displayed with the detail parameter...............................................................324
Viewing transceiver information for copper transceivers with VCT support................................ 328
Testing the Cable..............................................................................................................328
Using the Event Log for troubleshooting switch problems..................................................................... 330
Event Log entries........................................................................................................................ 330
Using the Menu........................................................................................................................... 338
Using the CLI.............................................................................................................................. 339
Clearing Event Log entries..........................................................................................................340
Turning event numbering on....................................................................................................... 341
Using log throttling to reduce duplicate Event Log and SNMP messages.................................. 341
Log throttle periods...........................................................................................................341
Example: of event counter operation................................................................................342
Reporting information about changes to the running configuration.............................................343
Debug/syslog operation......................................................................................................................... 343
Debug/syslog messaging............................................................................................................ 343
Hostname in syslog messages................................................................................................... 344
Logging origin-id...............................................................................................................344
Contents 13
Page 14
Viewing the identification of the syslog message sender................................................. 346
SNMP MIB........................................................................................................................348
Debug/syslog destination devices...............................................................................................348
Debug/syslog configuration commands...................................................................................... 349
Configuring debug/syslog operation............................................................................................351
Viewing a debug/syslog configuration.............................................................................. 352
Debug command.........................................................................................................................354
Debug messages............................................................................................................. 354
Debug destinations...........................................................................................................356
Logging command.......................................................................................................................357
Configuring a syslog server..............................................................................................358
Adding a description for a Syslog server.....................................................................................365
Adding a priority description........................................................................................................366
Configuring the severity level for Event Log messages sent to a syslog server......................... 366
Configuring the system module used to select the Event Log messages sent to a
syslog server.................................................................................................................... 367
Operating notes for debug and Syslog........................................................................................367
Diagnostic tools......................................................................................................................................368
Port auto-negotiation...................................................................................................................368
Ping and link tests....................................................................................................................... 368
Ping test........................................................................................................................... 369
Link test............................................................................................................................ 369
Executing ping or link tests (WebAgent)...........................................................................369
Testing the path between the switch and another device on an IP network..................... 370
Issuing single or multiple link tests................................................................................... 371
Tracing the route from the switch to a host address................................................................... 371
Halting an ongoing traceroute search.............................................................................. 372
A low maxttl causes traceroute to halt before reaching the destination address............. 373
If a network condition prevents traceroute from reaching the destination........................ 373
Viewing switch configuration and operation...........................................................................................374
Viewing the startup or running configuration file......................................................................... 374
Viewing the configuration file (WebAgent).................................................................................. 374
Viewing a summary of switch operational data........................................................................... 374
Saving show tech command output to a text file.............................................................. 375
Viewing more information on switch operation............................................................................376
Searching for text using pattern matching with show command...................................... 377
Displaying the information you need to diagnose problems........................................................379
Restoring the factory-default configuration............................................................................................ 380
Resetting to the factory-default configuration..............................................................................380
Using the CLI....................................................................................................................380
Using Clear/Reset............................................................................................................ 381
Restoring a flash image......................................................................................................................... 381
Recovering from an empty or corrupted flash state.................................................................... 381
DNS resolver..........................................................................................................................................383
Basic operation........................................................................................................................... 383
Configuring and using DNS resolution with DNS-compatible commands...................................384
Configuring a DNS entry............................................................................................................. 385
Using DNS names with ping and traceroute: Example:.............................................................. 386
Viewing the current DNS configuration....................................................................................... 387
Operating notes...........................................................................................................................388
Event Log messages...................................................................................................................388
Chapter 17 MAC Address Management..................................................... 389
Overview................................................................................................................................................ 389
Determining MAC addresses................................................................................................................. 389
14 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 15
Viewing the MAC addresses of connected devices............................................................................... 389
Viewing the switch's MAC address assignments for VLANs configured on the switch..........................390
Viewing the port and VLAN MAC addresses...............................................................................391
Chapter 18 Power-Saving Features............................................................ 393
Configuring the savepower LED option................................................................................................. 393
Configuring the savepower port-low-pwr option.....................................................................................393
Chapter 19 Job Scheduler........................................................................... 395
Job Scheduler........................................................................................................................................ 395
Commands.............................................................................................................................................395
Job at | delay | enable | disable ...........................................................................395
Show job..................................................................................................................................... 396
Show job <Name>.......................................................................................................................396
Chapter 20 Configuration backup and restore without reboot................ 398
Overview................................................................................................................................................ 398
Benefits of configuration restore without reboot..........................................................................398
Recommended scenarios...................................................................................................................... 398
Use cases.............................................................................................................................................. 398
Switching to a new configuration.................................................................................................399
Rolling back to a stable configuration using job scheduler......................................................... 400
Commands used in switch configuration restore without reboot............................................................401
Configuration backup............................................................................................................................. 401
cfg-backup...............................................................................................................................402
show config files................................................................................................................402
Configuration restore without reboot .....................................................................................................404
cfg-restore.............................................................................................................................404
Force configuration restore.............................................................................................. 406
cfg-restore non-blocking......................................................................................407
cfg-restore recovery-mode................................................................................... 408
cfg-restore verbose................................................................................................ 410
cfg-restore config_bkp.......................................................................................... 411
Configuration restore with force option....................................................................................... 412
System reboot commands................................................................................................413
Configuration restore without force option.................................................................................. 414
show cfg-restore status...................................................................................................414
Viewing the differences between a running configuration and a backup configuration...............416
Show commands to show the SHA of a configuration........................................................................... 418
show hash.................................................................................................................................418
Scenarios that block the configuration restoration process................................................................... 419
Limitations..............................................................................................................................................419
Blocking of configuration from other sessions.............................................................................419
Troubleshooting and support................................................................................................................. 420
debug cfg-restore................................................................................................................420
Chapter 21 Virtual Technician..................................................................... 421
Cisco Discovery Protocol (CDP)............................................................................................................ 421
Show cdp traffic...........................................................................................................................421
Clear cdp counters...................................................................................................................... 421
Enable/Disable debug tracing for MOCANA code................................................................................. 422
Debug security ........................................................................................................................... 422
Contents 15
Page 16
User diagnostic crash via Front Panel Security (FPS) button................................................................422
Front panel security password-clear........................................................................................... 422
Front-panel-security diagnostic-reset..........................................................................................423
[no] front-panel-security diagnostic-reset.................................................................................... 423
Front-panel-security diagnostic-reset clear-button......................................................................424
[No] front-panel-security diagnostic-reset clear-button............................................................... 424
Show front-panel-security........................................................................................................... 425
Diagnostic table...........................................................................................................................425
Validation rules............................................................................................................................425
FPS Error Log............................................................................................................................. 425
User initiated diagnostic crash via the serial console............................................................................ 426
Front-panel-security diagnostic-reset serial-console...................................................................426
[No] front-panel-security diagnostic-reset serial-console............................................................ 427
Serial console error messages....................................................................................................427
Chapter 22 Easing Wired/Wireless Deployment feature integration....... 429
Overview................................................................................................................................................ 429
Configuration commands....................................................................................................................... 429
allow-jumbo-frames.....................................................................................................................429
Validation rules................................................................................................................. 430
Default AP Profile........................................................................................................................430
device-profile...............................................................................................................................430
Associating a device with a profile.............................................................................................. 431
device-profile type....................................................................................................................... 431
Configuring the rogue-ap-isolation command............................................................................. 432
rogue-ap-isolation....................................................................................................................... 432
VXLAN show commands....................................................................................................................... 433
show device-profile..................................................................................................................... 433
show command device-profile status.......................................................................................... 434
Show rogue-ap-isolation............................................................................................................. 434
Chapter 23 Local user roles........................................................................ 436
Overview................................................................................................................................................ 436
Captive-portal commands...................................................................................................................... 438
Overview..................................................................................................................................... 438
[no] aaa authentication captive-portal profile.............................................................................. 438
Validation rules................................................................................................................. 439
Policy commands...................................................................................................................................440
Overview..................................................................................................................................... 440
policy user................................................................................................................................... 440
[no] policy user............................................................................................................................ 440
policy resequence....................................................................................................................... 441
Commands in the policy-user context......................................................................................... 441
(policy-user)# class.......................................................................................................... 441
User role configuration...........................................................................................................................442
aaa authorization user-role......................................................................................................... 442
Error log............................................................................................................................443
captive-portal-profile....................................................................................................................444
policy........................................................................................................................................... 444
reauth-period...............................................................................................................................444
Validation rules................................................................................................................. 445
VLAN commands........................................................................................................................ 445
vlan-id...............................................................................................................................445
vlan-name.........................................................................................................................445
16 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 17
VLAN range commands.........................................................................................................................446
Applying a UDR..................................................................................................................................... 447
aaa port-access local-mac apply user-role................................................................................. 447
VXLAN show commands....................................................................................................................... 447
show captive-portal profile.......................................................................................................... 447
show user-role.............................................................................................................................448
show port-access clients............................................................................................................. 449
Chapter 24 Port QoS Trust Mode................................................................ 451
Overview................................................................................................................................................ 451
Configuration commands....................................................................................................................... 451
qos trust...................................................................................................................................... 451
qos dscp-map..............................................................................................................................452
Show commands................................................................................................................................... 452
show qos trust............................................................................................................................. 452
Validation rules ......................................................................................................................................454
Chapter 25 Net-destination and Net-service..............................................455
Net-service Overview.............................................................................................................................455
netservice [tcp | udp | port].....................................................................................................................455
Net-destination overview........................................................................................................................456
net-destination host |position | network..................................................................................................457
show net-destination.............................................................................................................................. 458
Chapter 26 Websites.................................................................................... 459
Chapter 27 Support and other resources.................................................. 460
Accessing Hewlett Packard Enterprise Support.................................................................................... 460
Accessing updates.................................................................................................................................460
Customer self repair...............................................................................................................................461
Remote support..................................................................................................................................... 461
Warranty information..............................................................................................................................461
Regulatory information...........................................................................................................................462
Documentation feedback....................................................................................................................... 462
Remote Device Deployment (TR-069).........................................................463
Introduction............................................................................................................................................ 463
Advantages of TR-069................................................................................................................ 464
Zero-touch configuration process................................................................................................465
Zero-touch configuration setup and execution............................................................................ 468
CLI commands.......................................................................................................................................468
Configuration setup..................................................................................................................... 468
ACS password configuration.......................................................................................................469
When encrypt-credentials is off........................................................................................ 469
When encrypt-credentials is on........................................................................................ 470
ACS URL configuration .............................................................................................................. 470
ACS username configuration...................................................................................................... 470
CPE configuration....................................................................................................................... 470
CPE password configuration.......................................................................................................471
When encrypt-credentials is on........................................................................................ 471
When encrypt-credentials is off........................................................................................ 471
Contents 17
Page 18
CPE username configuration...................................................................................................... 471
Enable/disable CWMP................................................................................................................ 472
Show commands.........................................................................................................................472
CWMP configuration and status query.............................................................................472
Event logging......................................................................................................................................... 473
System logging............................................................................................................................473
Status/control commands............................................................................................................474
Configuration backup and restore without reboot....................................476
Glossary........................................................................................................ 478
18 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 19
Chapter 1
About this guide
This guide provides information on how to configure, manage, and monitor basic switch operation.
Applicable products
This guide applies to these products:
Aruba 2530 Switch Series (J9772A, J9773A, J9774A, J9775A, J9776A, J9777A, J9778A, J9779A, J9780A,
J9781A, J9782A, J9783A, J9853A, J9854A, J9855A, J9856A, JL070A)
Switch prompts used in this guide
Examples in this guide are representative and may not match your particular switch/environment. Examples use
simplified prompts as follows:
Prompt Explanation
switch#
switch>
switch(config)#
switch(vlan-x)#
switch(eth-x)#
switch-Stack#
switch-Stack(config)#
switch-Stack(stacking)#
switch-Stack(vlan-x)#
switch-Stack(eth-x/y)#
# indicates manager context (authority).
> indicates operator context (authority).
(config) indicates the config context.
(vlan-x) indicates the vlan context of config, where x
represents the VLAN ID. For example:
switch(vlan-128)#.
(eth-x) indicates the interface context of config,
where x represents the interface. For example:
switch(eth-48)#.
Stack indicates that stacking is enabled.
Stack(config) indicates the config context while
stacking is enabled.
Stack(stacking) indicates the stacking context of
config while stacking is enabled.
Stack(vlan-x) indicates the vlan context of config
while stacking is enabled, where x represents the
VLAN ID. For example: switch-
Stack(vlan-128)#.
Stack(eth-x/y) indicates the interface context of
config, in the form (eth-<member-in-stack>/
<interface>). For example: switch(eth-1/48)#
Chapter 1 About this guide 19
Page 20
Chapter 2
Time Protocols
NOTE:
For successful time protocol setup and specific configuration details, you may need to contact your
system administrator regarding your local configuration.
General steps for running a time protocol on the switch
Using time synchronization ensures a uniform time among interoperating devices. This helps you to manage and
troubleshoot switch operation by attaching meaningful time data to event and error messages.
The switch offers TimeP, SNTP (Simple Network Time Protocol), NTP, and a timesync command for changing
the time protocol selection (or turning off time protocol operation).
NOTE: Although you can create and save configurations for all time protocols without conflicts, the
switch allows only one active time protocol at any time.
In the factory-default configuration, time synchronization is disabled by default.
NOTE: Because the Aruba 2530 Switch Series does not contain an RTC (real time clock) chip,
Hewlett Packard Enterprise recommends configuring one of the time synchronization protocols
supported. Failure to do so could result in the switch time being reset to the factory default of
01/01/1990 00:00:00 in the case of a switch reload, software upgrade, or power cycle.
TimeP time synchronization
You can either manually assign the switch to use a TimeP server or use DHCP to assign the TimeP server. In
either case, the switch can get its time synchronization updates from only one designated TimeP server. This
option enhances security by specifying which time server to use.
SNTP time synchronization
SNTP provides three operating modes:
• Broadcast mode
The switch acquires time updates by accepting the time value from the first SNTP time broadcast detected. (In
this case, the SNTP server must be configured to broadcast time updates to the network broadcast address;
see the documentation provided with your SNTP server application.) Once the switch detects a particular
server, it ignores time broadcasts from other SNTP servers unless the configurable Poll Interval expires three
consecutive times without an update received from the first-detected server.
NOTE: To use Broadcast mode, the switch and the SNTP server must be in the same subnet.
• DHCP mode
DHCP mode is enabled by default. In DHCP mode, the SNTP server address and the timezone are provided in
the DHCP address reply.
• Unicast mode
20 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 21
The switch requests a time update from the configured SNTP server. (You can configure one server using the
menu interface, or up to three servers using the CLI sntp server command.) This option provides increased
security over the Broadcast mode by specifying which time server to use instead of using the first one detected
through a broadcast.
Selecting a time synchronization protocol
Procedure
1. Select the time synchronization protocol: TimeP, SNTP, or NTP.
2. Enable the protocol; the choices are:
a. TimeP: DHCP or Manual
b. SNTP: Broadcast or Unicast
c. NTP: Broadcast or Unicast
3. Configure the remaining parameters for the time protocol you selected.
The switch retains the parameter settings for both time protocols even if you change from one protocol to the
other. Thus, if you select a time protocol, the switch uses the parameters you last configured for the selected
protocol.
Simply selecting a time synchronization protocol does not enable that protocol on the switch unless you also
enable the protocol itself (step 2, above). For example, in the factory-default configuration, TimeP is the selected
time synchronization method. However, because TimeP is disabled in the factory-default configuration, no time
synchronization protocol is running.
Disabling time synchronization
You can use either of the following methods to disable time synchronization without changing the TimeP, SNTP, or
NTP configuration:
• Global config level of the CLI
Execute no timesync.
• System Information screen of the Menu interface
1. Set the Time Synch Method parameter to None.
2. Press [Enter] , then [S] (for Save ).
SNTP: Selecting and configuring
The following table shows the SNTP parameters and their operations.
Chapter 2 Time Protocols 21
Page 22
Table 1: SNTP parameters
SNTP parameter Operation
Time Sync Method Used to select either SNTP, TIMEP, NTP, or None as the time synchronization method.
SNTP Mode
Disabled
Unicast
Broadcast
Poll Interval
(seconds)
Server Address Used only when the SNTP Mode is set to Unicast. Specifies the IP address of the SNTP
Server Version Specifies the SNTP software version to use and is assigned on a per-server basis. The
The Default. SNTP does not operate, even if specified by the Menu interface Time Sync
Method parameter or the CLI timesync command.
Directs the switch to poll a specific server for SNTP time synchronization. Requires at
least one server address.
Directs the switch to acquire its time synchronization from data broadcast by any SNTP
server to the network broadcast address. The switch uses the first server detected and
ignores any others. However, if the Poll Interval expires three times without the switch
detecting a time update from the original server, the switch accepts a broadcast time
update from the next server it detects.
In Unicast Mode: Specifies how often the switch polls the designated SNTP server for a
time update.In Broadcast Mode: Specifies how often the switch polls the network
broadcast address for a time update.Value is between 30 to 720 seconds.
server that the switch accesses for time synchronization updates. You can configure up to
three servers; one using the menu or CLI, and two more using the CLI.
version setting is backwards-compatible. For example, using version 3 means that the
switch accepts versions 1 through 3. Default: 3; range: 1 to 7.
Priority Specifies the order in which the configured servers are polled for getting the time. Value is
between 1 and 3.
Viewing and configuring SNTP (Menu)
Procedure
1. From the Main Menu, select:
22 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 23
a. 2. Switch Configuration…
b. 1. System Information
Figure 1: System Information screen (default values)
2. Press [E] (for Edit ).
Move the cursor to the System Name field.
3. Use the Space bar to move the cursor to the Time Sync Method field.
4. Use the Space bar to select SNTP, then move to the SNTP Mode field.
5. Complete one of the following options.
Option 1
a. Use the Space bar to select the Broadcast mode.
b. Move the cursor to the Poll Interval field.
c. Go to 6. (For Broadcast mode details, see SNTP time synchronization)
Figure 2: Time configuration fields for SNTP with broadcast mode
Option 2
d. Use the Space bar to select the Unicast mode.
e. Move the cursor to the Server Address field.
f. Enter the IP address of the SNTP server you want the switch to use for time synchronization.
NOTE: This step replaces any previously configured server IP address. If you will be using
backup SNTP servers (requires use of the CLI), see SNTP unicast time polling with
multiple SNTP servers.
Chapter 2 Time Protocols 23
Page 24
g. Move the cursor to the Server Version field. Enter the value that matches the SNTP server version running
on the device you specified in the preceding step.
If you are unsure which version to use, Hewlett Packard Enterprise recommends leaving this value at the
default setting of 3 and testing SNTP operation to determine whether any change is necessary.
NOTE: Using the menu to enter the IP address for an SNTP server when the switch already
has one or more SNTP servers configured, the switch deletes the primary SNTP server from
the server list. The switch then selects a new primary SNTP server from the IP addresses in
the updated list. For more on this topic, see SNTP unicast time polling with multiple SNTP
servers.
h. Move the cursor to the Poll Interval field, then go to step 6.
Figure 3: SNTP configuration fields for SNTP configured with unicast mode
6. In the Poll Interval field, enter the time in seconds that you want for a Poll Interval.
(For Poll Interval operation, see SNTP parameters)
7. Press Enter to return to the Actions line, then S (for Save) to enter the new time protocol configuration in both
the startup-config and running-config files.
Viewing and configuring SNTP (CLI)
Syntax:
show sntp
Lists both the time synchronization method (TimeP, SNTP, or None) and the SNTP configuration, even if SNTP is
not the selected time protocol.
If you configure the switch with SNTP as the time synchronization method, then enable SNTP in broadcast mode
with the default poll interval, show sntp lists the following:
SNTP configuration when SNTP is the selected time synchronization method
switch(config)# show sntp
SNTP Configuration
Time Sync Mode: Sntp
SNTP Mode : Unicast
Poll Interval (sec) [720] : 719
24 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 25
Priority SNTP Server Address Protocol Version
-------- ------------------------------ --------------- 1 2001:db8::215:60ff:fe79:8980 7
2 10.255.5.24 3
3 fe80::123%vlan10 3
In the factory-default configuration (where TimeP is the selected time synchronization method), show sntp still
lists the SNTP configuration, even though it is not currently in use. In
the selected time synchronization method on page 25, even though TimeP is the current time synchronous
method, the switch maintains the SNTP configuration.
SNTP configuration when SNTP is not the selected time synchronization method
switch(config)# show sntp
SNTP Configuration
Time Sync Mode: Timep
SNTP Mode : Unicast
Poll Interval (sec) [720] : 719
Priority SNTP Server Address Protocol Version
-------- ------------------------------ --------------- 1 2001:db8::215:60ff:fe79:8980 7
2 10.255.5.24 3
3 fe80::123%vlan10 3
SNTP configuration when SNTP is not
Syntax:
show management
This command can help you to easily examine and compare the IP addressing on the switch. It lists the IP
addresses for all time servers configured on the switch, plus the IP addresses and default gateway for all VLANs
configured on the switch.
Display showing IP addressing for all configured time servers and VLANs
switch(config)# show management
Status and Counters - Management Address Information
Time Server Address : fe80::215:60ff:fe7a:adc0%vlan10
Priority SNTP Server Address Protocol Version
--------- ------------------------------ --------------- 1 2001:db8::215:60ff:fe79:8980 7
2 10.255.5.24 3
3 fe80::123%vlan10 3
Default Gateway :10.0.9.80
VLAN Name MAC Address | IP address
------------ --------------- + -------------- DEFAULT_VLAN 001279-88a100 | Disabled
VLAN10 001279-88a100 | 10.0.10.17
Chapter 2 Time Protocols 25
Page 26
Configuring (enabling or disabling) the SNTP mode
Enabling the SNTP mode means to configure it for either broadcast or unicast mode. Remember that to run SNTP
as the switch's time synchronization protocol, you must also select SNTP as the time synchronization method by
using the CLI timesync command (or the menu interface Time Sync Method parameter.)
Syntax:
timesync sntp
Selects SNTP as the time protocol.
sntp {<broadcast | unicast>}
Enables the SNTP mode.
Syntax:
sntp server <ip-addr>
Required only for unicast mode.
Syntax:
sntp server priority <1-3>
Specifies the order in which the configured servers are polled for getting the time. Value is between 1 and 3.
Syntax:
sntp <30-720>
Configures the amount of time between updates of the system clock via SNTP.
Default: 720 seconds
Enabling SNTP in Broadcast Mode
Because the switch provides an SNTP polling interval (default: 720 seconds), you need only these two commands
for minimal SNTP broadcast configuration:
Syntax:
timesync sntp
Selects SNTP as the time synchronization method.
Syntax:
sntp broadcast
Configures broadcast as the SNTP mode.
Example:
Suppose that time synchronization is in the factory-default configuration (TimeP is the currently selected time
synchronization method.) Complete the following:
26 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 27
Procedure
1. View the current time synchronization.
2. Select SNTP as the time synchronization mode.
3. Enable SNTP for Broadcast mode.
4. View the SNTP configuration again to verify the configuration.
The commands and output would appear as follows:
Figure 4: Enabling SNTP operation in Broadcast Mode
switch(config)# show sntp
1
SNTP Configuration
Time Sync Mode: Timep
SNTP Mode : disabled
Poll Interval (sec) [720] :720
switch(config)# timesync sntp
switch(config)# sntp broadcast
switch(config)# show sntp
2
SNTP Configuration
Time Sync Mode: Sntp
SNTP Mode : Broadcast
Poll Interval (sec) [720] :720
•1show sntp displays the SNTP configuration and also shows that TimeP is the currently
active time synchronization mode.
•2show sntp again displays the SNTP configuration and shows that SNTP is now the
currently active time synchronization mode and is configured for broadcast operation.
Enabling SNTP in unicast mode (CLI)
Like broadcast mode, configuring SNTP for unicast mode enables SNTP. However, for unicast operation, you
must also specify the IP address of at least one SNTP server. The switch allows up to three unicast servers. You
can use the Menu interface or the CLI to configure one server or to replace an existing unicast server with
another. To add a second or third server, you must use the CLI. For more on SNTP operation with multiple
servers, see SNTP unicast time polling with multiple SNTP servers on page 37
Syntax:
timesync sntp
Selects SNTP as the time synchronization method.
Syntax:
sntp unicast
Configures the SNTP mode for unicast operation.
Chapter 2 Time Protocols 27
Page 28
Syntax:
[no] sntp server priority < 1-3 > < ip-address > [version]
Use the no version of the command to disable SNTP.
priority
Specifies the order in which the configured SNTP servers are polled for the time.
ip-address
An IPv4 or IPv6 address of an SNTP server.
version
The protocol version of the SNTP server. Allowable values are 1 through 7; default is 3.
Syntax:
no sntp server priority <1-3> <ip-addr>
Deletes the specified SNTP server.
NOTE:
priority <1-3>
value must match what server is configured with. Deleting an SNTP server when only one is
configured disables SNTP unicast operation.
Example:
To select SNTP and configure it with unicast mode and an SNTP server at 10.28.227.141 with the default server
version (3) and default poll interval (720 seconds):
switch(config)# timesync sntp
Selects SNTP.
switch(config)# sntp unicast
Activates SNTP in unicast mode.
switch(config)# sntp server priority 1 10.28.227.141
Specifies the SNTP server and accepts the current SNTP server version (default: 3).
Configuring SNTP for unicast operation
switch(config)# show sntp
SNTP Configuration
Time Sync Mode: Sntp
SNTP Mode : Unicast
Poll Interval (sec) [720] : 720
Priority SNTP Server Address Protocol Version
-------- ---------------------------------------------- --------------- 1 2001:db8::215:60ff:fe79:8980 7
2 10.255.5.24 3
3 fe80::123%vlan10 3
28 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 29
In this Example:, the Poll Interval and the Protocol Version appear at their default settings.
Both IPv4 and IPv6 addresses are displayed.
Note: Protocol Version appears only when there is an IP address configured for an SNTP server.
If the SNTP server you specify uses SNTP v4 or later, use the sntp server command to specify the correct
version number. For example, suppose you learned that SNTP v4 was in use on the server you specified above
(IP address 10.28.227.141). You would use the following commands to delete the server IP address , re-enter it
with the correct version number for that server.
Specifying the SNTP protocol version number
switch(config)# no sntp server 10.28.227.141
switch(config)# sntp server 10.28.227.141 4
1
2
switch(config)# show sntp
SNTP Configuration
Time Sync Mode: Sntp
SNTP Mode : Broadcast
Poll Interval (sec) [720] : 600
IP Address Protocol Version
------------- -----------------
10.28.227.141 4
3
•1Deletes unicast SNTP server entry.
•2Re-enters the unicast server with a non-default protocol version.
•3show sntp displays the result.
Changing the SNTP poll interval (CLI)
Syntax:
sntp <30..720>
Specifies the amount of time between updates of the system clock via SNTP. The default is 720 seconds and the
range is 30 to 720 seconds. (This parameter is separate from the poll interval parameter used for Timep
operation.)
Example:
To change the poll interval to 300 seconds:
switch(config)# sntp 300
Changing the SNTP server priority (CLI)
You can choose the order in which configured servers are polled for getting the time by setting the server priority.
Syntax:
sntp server priority <1-3> <ip-address>
Specifies the order in which the configured servers are polled for getting the time Value is between 1 and 3.
NOTE: You can enter both IPv4 and IPv6 addresses. For more information about IPv6 addresses,
see the IPv6 configuration guide for your switch.
Chapter 2 Time Protocols 29
Page 30
Example:
To set one server to priority 1 and another to priority 2:
switch(config)# sntp server priority 1 10.28.22.141
switch(config)# sntp server priority 2
2001:db8::215:60ff:fe79:8980
Disabling time synchronization without changing the SNTP configuration (CLI)
The recommended method for disabling time synchronization is to use the timesync command.
Syntax:
no timesync
Halts time synchronization without changing your SNTP configuration.
Example:
Suppose SNTP is running as the switch's time synchronization protocol, with broadcast as the SNTP mode and
the factory-default polling interval. You would halt time synchronization with this command:
switch(config)# no timesync
If you then viewed the SNTP configuration, you would see the following:
SNTP with time synchronization disabled
switch(config)# show sntp
SNTP Configuration
Time Sync Mode: Disabled
SNTP Mode : Broadcast
Poll Interval (sec) [720] : 720
Disabling the SNTP Mode
If you want to prevent SNTP from being used even if it is selected by timesync (or the Menu interface's Time
Sync Method parameter), configure the SNTP mode as disabled.
Syntax:
no sntp
Disables SNTP by changing the SNTP mode configuration to Disabled.
Example:
If the switch is running SNTP in unicast mode with an SNTP server at 10.28.227.141 and a server version of 3
(the default), no sntp changes the SNTP configuration as shown below and disables time synchronization on
the switch.
Disabling time synchronization by disabling the SNTP mode
switch(config)# no sntp
switch(config)# show sntp
SNTP Configuration
Time Sync Mode: Sntp
30 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 31
SNTP Mode : disabled
Poll Interval (sec) [720] : 600
IP Address Protocol Version
------------- -----------------
10.28.227.141 3
Note that even though the Time Sync Mode is set to Sntp, time synchronization is disabled because no sntp
has disabled the SNTP Mode parameter.
TimeP: Selecting and configuring
The following table shows TimeP parameters and their operations.
Table 2: TimeP parameters
TimeP
parameter
Time Sync
Method
TimeP Mode
Disabled TimeP does not operate, even if specified by the Menu interface Time Sync Method
DHCP When TimeP is selected as the time synchronization method, the switch attempts to acquire a
Manual When TimeP is selected as the time synchronization method, the switch attempts to poll the
Server
Address
Operation
Used to select either TIMEP, SNTP, NTP, or None as the time synchronization method.
parameter or the CLI timesync command.
TimeP server IP address via DHCP. If the switch receives a server address, it polls the server
for updates according to the TimeP poll interval. If the switch does not receive a TimeP server
IP address, it cannot perform time synchronization updates.
specified server for updates according to the TimeP poll interval. If the switch fails to receive
updates from the server, time synchronization updates do not occur.
Used only when the TimeP Mode is set to Manual. Specifies the IP address of the TimeP
server that the switch accesses for time synchronization updates. You can configure one
server.
Viewing, enabling, and modifying the TimeP protocol (Menu)
Procedure
1. From the Main Menu, select:
2. Switch Configuration
Chapter 2 Time Protocols 31
Page 32
1. System Information
Figure 5: System Information screen (default values)
2. Press [E] (for Edit).
The cursor moves to the System Name field.
3. Move the cursor to the Time Sync Method field.
4. If TIMEP is not already selected, use the Space bar to select TIMEP, then move to the TIMEP Mode field.
5. Do one of the following:
• Use the Space bar to select the DHCP mode.
◦ Move the cursor to the Poll Interval field.
◦ Go to step 6.
Enabling TIMEP or DHCP
Time Sync Method [None] : TIMEP
TimeP Mode [Disabled] : DHCP
Poll Interval (min) [720] : 720
Time Zone [0] : 0
Daylight Time Rule [None] : None
• Use the Spacebar to select the Manual mode.
◦ Move the cursor to the Server Address field.
◦ Enter the IP address of the TimeP server you want the switch to use for time synchronization.
NOTE: This step replaces any previously configured TimeP server IP address.
◦ Move the cursor to the Poll Interval field, then go to step 6.
32 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 33
6. In the Poll Interval field, enter the time in minutes that you want for a TimeP Poll Interval.
7. Select [Enter] to return to the Actions line, then select [S] (for Save) to enter the new time protocol
configuration in both the startup-config and running-config files.
Viewing the current TimeP configuration (CLI)
Using different show commands, you can display either the full TimeP configuration or a combined listing of all
TimeP, SNTP, and VLAN IP addresses configured on the switch.
Syntax:
show timep
Lists both the time synchronization method (TimeP, SNTP, or None) and the TimeP configuration, even if SNTP is
not the selected time protocol. (If the TimeP Mode is set to Disabled or DHCP, the Server field does not appear.)
If you configure the switch with TimeP as the time synchronization method, then enable TimeP in DHCP mode
with the default poll interval, show timep lists the following:
TimeP configuration when TimeP is the selected Time synchronization method
switch(config)# show timep
Timep Configuration
Time Sync Mode: Timep
TimeP Mode [Disabled] : DHCP Server Address : 10.10.28.103
Poll Interval (min) [720] : 720
If SNTP is the selected time synchronization method, show timep still lists the TimeP configuration even though
it is not currently in use. Even though, in this Example:, SNTP is the current time synchronization method, the
switch maintains the TimeP configuration:
TimeP configuration when TimeP is not the selected time synchronization method
switch(config)# show timep
Timep Configuration
Time Sync Mode: Sntp
TimeP Mode [Disabled] : Manual Server Address : 10.10.28.100
Poll Interval (min) [720] : 720
Syntax:
show management
Helps you to easily examine and compare the IP addressing on the switch. It lists the IP addresses for all time
servers configured on the switch plus the IP addresses and default gateway for all VLANs configured on the
switch.
Display showing IP addressing for all configured time servers and VLANs
switch(config)# show management
Status and Counters - Management Address Information
Chapter 2 Time Protocols 33
Page 34
Time Server Address : 10.10.28.100
Priority SNTP Server Address Protocol Version
-------- ---------------------------------------------- --------------- 1 10.10..28.101 3
2 10.255.5.24 3
3 fe80::123%vlan10 3
Default Gateway : 10.0.9.80
VLAN Name MAC Address | IP Address
------------ ------------------- + ------------------ DEFAULT_VLAN 001279-88a100 | 10.30.248.184
VLAN10 001279-88a100 | 10.0.10.17
Configuring (enabling or disabling) the TimeP mode
Enabling the TimeP mode means to configure it for either broadcast or unicast mode. Remember to run TimeP as
the switch's time synchronization protocol, you must also select TimeP as the time synchronization method by
using the CLI timesync command (or the menu interface Time Sync Method parameter.
Syntax:
timesync timep
Selects TimeP as the time synchronization method.
Syntax:
ip timep {<dhcp | manual>}
Enables the selected TimeP mode.
Syntax:
[no] ip timep
Disables the TimeP mode.
Syntax:
[no] timesync
Disables the time protocol.
Enabling TimeP in manual mode (CLI)
Like DHCP mode, configuring TimeP for manual mode enables TimeP. However, for manual operation, you must
also specify the IP address of the TimeP server. (The switch allows only one TimeP server.)
Syntax:
timesync timep
Selects TimeP.
Syntax:
ip timep manual <ip-addr>
Activates TimeP in manual mode with a specified TimeP server.
34 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 35
Syntax:
no ip timep
Disables TimeP.
Enabling TimeP in DHCP Mode
Because the switch provides a TimeP polling interval (default:720 minutes), you need only these two commands
for a minimal TimeP DHCP configuration:
Syntax:
timesync timep
Selects TimeP as the time synchronization method.
Syntax:
ip timep dhcp
Configures DHCP as the TimeP mode.
For example, suppose:
• Time Synchronization is configured for SNTP.
• You want to:
◦ View the current time synchronization.
◦ Select TimeP as the synchronization mode.
◦ Enable TimeP for DHCP mode.
◦ View the TimeP configuration.
Enabling TimeP in Manual Mode
Like DHCP mode, configuring TimeP for Manual Mode enables TimeP. However, for manual operation, you must
also specify the IP address of the TimeP server. (The switch allows only one TimeP server.) To enable the TimeP
protocol:
Syntax:
timesync timep
Selects TimeP.
Syntax:
ip timep manual <ip-addr>
Activates TimeP in manual mode with a specified TimeP server.
Syntax:
[no] ip timep
Disables TimeP.
Chapter 2 Time Protocols 35
Page 36
NOTE:
To change from one TimeP server to another, you must use the no ip timep command to disable
TimeP mode, the reconfigure TimeP in manual mode with the new server IP address.
Example:
To select TimeP and configure it for manual operation using a TimeP server address of 10.28.227.141 and the
default poll interval (720 minutes, assuming the TimeP poll interval is already set to the default):
switch(config)# timesync time
Selects TimeP.
switch(config)# ip timep manual 10.28.227.141
Activates TimeP in Manual mode.
Configuring TimeP for manual operation
switch(config)# timesync timep
switch(config)# ip timep manual 10.28.227.141
switch(config)# show timep
Timep Configuration
Time Sync Mode: Timep
TimeP Mode : Manual Server Address : 10.28.227.141
Poll Interval (min) : 720
Changing from one TimeP server to another (CLI)
Procedure
1. Use the no ip timep command to disable TimeP mode.
2. Reconfigure TimeP in Manual mode with the new server IP address.
Changing the TimeP poll interval (CLI)
Syntax:
ip timep {< dhcp | manual >} interval <1-9999>
Specifies how long the switch waits between time polling intervals. The default is 720 minutes and the range is 1
to 9999 minutes. (This parameter is separate from the poll interval parameter used for SNTP operation.)
Example:
To change the poll interval to 60 minutes:
switch(config)# ip timep interval 60
Disabling time synchronization without changing the TimeP configuration (CLI)
Syntax:
no timesync
Disables time synchronization by changing the Time Sync Mode configuration to Disabled. This halts time
synchronization without changing your TimeP configuration. The recommended method for disabling time
synchronization is to use the timesync command.
36 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 37
Example:
Suppose TimeP is running as the switch's time synchronization protocol, with DHCP as the TimeP mode, and the
factory-default polling interval. You would halt time synchronization with this command:
switch(config)# no timesync
If you then viewed the TimeP configuration, you would see the following:
TimeP with time synchronization disabled
switch(config)# show timep
Timep Configuration
Time Sync Mode: Disabled
TimeP Mode : DHCP Poll Interval (min): 720
Disabling the TimeP mode
Syntax:
no ip timep
Disables TimeP by changing the TimeP mode configuration to Disabled and prevents the switch from using it as
the time synchronization protocol, even if it is the selected Time Sync Method option.
Example:
If the switch is running TimeP in DHCP mode, no ip timep changes the TimeP configuration as shown below
and disables time synchronization. Even though the TimeSync mode is set to TimeP, time synchronization is
disabled because no ip timep has disabled the TimeP mode parameter.
Disabling time synchronization by disabling the TimeP mode parameter
switch(config)# no ip timep
switch(config)# show timep
Timep Configuration
Time Sync Mode: Timep
TimeP Mode : Disabled
SNTP unicast time polling with multiple SNTP servers
When running SNTP unicast time polling as the time synchronization method, the switch requests a time update
from the server you configured with either the Server Address parameter in the menu interface, or the primary
server in a list of up to three SNTP servers configured using the CLI. If the switch does not receive a response
from the primary server after three consecutive polling intervals, the switch tries the next server (if any) in the list.
If the switch tries all servers in the list without success, it sends an error message to the Event Log and
reschedules to try the address list again after the configured Poll Interval time has expired.
If there are already three SNTP server addresses configured on the switch, and you want to use the CLI to
replace one of the existing addresses with a new one, you must delete the unwanted address before you
configure the new one.
Chapter 2 Time Protocols 37
Page 38
Displaying all SNTP server addresses configured on the switch (CLI)
The System Information screen in the menu interface displays only one SNTP server address, even if the switch
is configured for two or three servers. The CLI show management command displays all configured SNTP
servers on the switch.
How to list all SNTP servers configured on the switch
switch(config)# show management
Status and Counters - Management Address Information
Time Server Address : fe80::215:60ff:fe7a:adc0%vlan10
Priority SNTP Server Address Protocol Version
-------- ---------------------------------------------- --------------- 1 2001:db8::215:60ff:fe79:8980 7
2 10.255.5.24 3
3 fe80::123%vlan10 3
Default Gateway : 10.0.9.80
VLAN Name MAC Address | IP Address
------------ ------------------- + ------------------ DEFAULT_VLAN 001279-88a100 | Disabled
VLAN10 001279-88a100 | 10.0.10.17
Adding and deleting SNTP server addresses
Adding addresses
As mentioned earlier, you can configure one SNTP server address using either the Menu interface or the CLI. To
configure a second and third address, you must use the CLI. To configure the remaining two addresses, you
would do the following:
Creating additional SNTP server addresses with the CLI
switch(config)# sntp server priority <1-3> 2001:db8::215:60ff:fe79:8980
switch(config)# sntp server 10.255.5.24
NOTE: If there are already three SNTP server addresses configured on the switch, and you want to
use the CLI to replace one of the existing addresses with a new one, you must delete the unwanted
address before you configure the new one.
Deleting addresses
Syntax:
no sntp server <ip-addr>
Deletes a server address. If there are multiple addresses and you delete one of them, the switch re-orders the
address priority.
Example:
To delete the primary address in the above Example: and automatically convert the secondary address to primary:
38 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 39
switch(config)# no sntp server 10.28.227.141
Operating with multiple SNTP server addresses configured (Menu)
When you use the Menu interface to configure an SNTP server IP address, the new address writes over the
current primary address, if one is configured.
SNTP messages in the Event Log
If an SNTP time change of more than three seconds occurs, the switch's Event Log records the change. SNTP
time changes of less than three seconds do not appear in the Event Log.
Network Time Protocol (NTP)
All NTP communications use Coordinated Universal Time (UTC). An NTP server usually receives its time from an
authoritative time source, such as a radio clock or an atomic clock attached to a time server, and then distributes
this time across the network. NTP is extremely efficient; no more than one packet per minute is necessary to
synchronize two machines to within a millisecond of each other.
NTP uses a stratum to describe the distance between a network device and an authoritative time source:
• A stratum 1 time server is directly attached to an authoritative time source (such as a radio or atomic clock or a
GPS time source).
• A stratum 2 NTP server receives its time through NTP from a stratum 1 time server.
Before synchronizing, NTP compares the time reported by several network devices and does not synchronize
with one that is significantly different, even if it is a stratum 1.
The security features of NTP can be used to avoid the accidental or malicious setting of incorrect time. One such
mechanism is available: an encrypted authentication mechanism.
Though similar, the NTP algorithm is more complex and accurate than the Simple Network Time Protocol (SNTP).
IMPORTANT: Enabling this feature results in synchronizing the system clock; therefore, it may affect
all sub-systems that rely on system time.
Commands
The following commands allow the user to configure NTP or show NTP configurations.
timesync Command
This command is used to configure the protocol used for network time synchronization.
Syntax
[no] timesync { timep | sntp | timep-or-sntp | ntp }
Options
no
Deletes all timesync configurations on the device.
timep
Updates the system clock using TIMEP.
Chapter 2 Time Protocols 39
Page 40
sntp
Updates the system clock using SNTP.
timep-or-sntp
Updates the system clock using TIMEP or SNTP (default).
ntp
Updates the system clock using NTP
Example
switch(config)# timesync
sntp Update the system clock using SNTP.
timep Update the system clock using TIMEP.
timep-or-sntp Update the system clock using TIMEP or SNTP.
ntp Update the system clock using NTP.
timesync ntp
This command is used to update the system clock using NTP.
Syntax
timesync ntp
Description
Update the system clock using NTP.
ntp
This command selects the operating mode of the NTP client.
Syntax
ntp [broadcast|unicast]
Options
broadcast
Sets ntp client to operate in broadcast mode.
unicast
Sets ntp client to operate in unicast mode.
Usage
The default mode is broadcast.
[no] ntp
This command disables NTP and removes all NTP configurations on the device.
Syntax
[no] ntp [authentication <key-id>
| broadcast | enable | max-association
<integer> | server
<IP-ADDR> | trap
<trap-name> | unicast]
40 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 41
Description
Disable NTP and removes the entire NTP configuration.
Options
authentication
Configure NTP authentication.
broadcast
Operate in broadcast mode.
enable
Enable/disable NTP.
max-association
Maximum number of Network Time Protocol (NTP) associations.
server
Configure a NTP server to poll for time synchronization.
trap
Enable/disable NTP traps.
unicast
Operate in unicast mode.
Example
switch(config)# no ntp
This will delete all NTP configurations on this device. Continue [y/n]?
ntp enable
This command is used to enable or disable NTP on the switch.
Syntax
ntp enable
Example
switch(config)# ntp
enable Enable/disable NTP.
Description
Enable or disable NTP. Use [no] to disable NTP.
Restrictions
Validation Error/Warning/Prompt
If timeSync is in SNTP or Timep when NTP is enabled.
Timesync is not configured to NTP.
When timesync is NTP and ntp is enabled and we try to
change timesync to SNTP.
Disable NTP before changing timesync to
SNTP or TIMEP
ntp authentication
This command is used for authentication of NTP server by the NTP client.
Chapter 2 Time Protocols 41
Page 42
Syntax
ntp authentication key-id <KEY-ID> [authentication-mode <MODE> key-value <KEYSTRING>] [trusted]
Parameters/Options
key-id <id>
Sets the key-id for the authentication key.
Subcommands
authentication-mode
Sets the NTP authentication mode
key-value <KEY-STRING>
Sets the key-value for the authentication key.
[trusted]
Sets the authentication key as trusted.
Example
Switch(config)# ntp
Authentication Configure NTP authentication.
Switch(config)# ntp authentication
key-id Set the key-id for this authentication key.
Switch(config)# ntp authentication key-id
<1-4294967295> Set the authentication key-id.
Switch(config)# ntp authentication key-id 1
authentication-mode Set the NTP authentication mode.
trusted Set this authentication key as trusted.
Switch(config)# ntp authentication key-id 1
authentication-mode|trusted md5
Authenticate using MD5.
Switch(config)# ntp authentication key-id 1
authentication-mode|trusted md5key-value Set the NTP authentication key.
Switch(config)# ntp authentication key-id 1
authentication-mode|trusted md5 key-value
KEY Enter a string to be set as the NTP authentication key.
ntp authentication key-id
Syntax
ntp authentication key-id
<key-id> [authentication-mode [md5 | sha1]
42 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 43
key-value <key-value>] [trusted]
Description
The NTP client authenticates the NTP server.
Options
authentication-mode
Set the NTP authentication mode.
• md5: Authenticate using MD5.
• sha1: Authenticate using SHA1.
trusted
Set this authentication key as trusted.
ntp max-association
This command is used to configure the maximum number of servers associated with this NTP client.
Syntax
ntp max-association
<number>
Options
max-association <number>
Sets the maximum number of NTP associations.
Description
Configure maximum number of servers associated with the client. Up to eight servers can be configured as the
maximum.
Restrictions
The range for a maximum number of NTP associations is 1–8.
Example
Switch(config)# ntp
max-associations Maximum number of NTP associations.
Switch(config)# ntp max-associations
<1-8> Enter the number.
Restrictions
Validation Error/Warning/Prompt
When the number of configured NTP servers is more
than the max-associations value.
The maximum number of NTP servers
allowed is <number>.
When the max-associations value is less than the (n)
number of configured NTP servers.
Chapter 2 Time Protocols 43
Max-associations value cannot be less
than the number of NTP servers
configured.
Page 44
ntp server
This command is used to configure the NTP servers.
Syntax
[no] ntp server
ntp server <IP-ADDR|IPv6-ADDR> [key <key-id>] [oobm] [max-poll <max-poll-val>][min-poll <min-poll-val>][burst | iburst] [version <1-4>]
Parameters/Options
[no]
Removes the unicast NTP configurations on the device.
Subcommands
IP-ADDR
Sets the IPv4 address of the NTP server.
IPV6-ADDR
Sets the IPv6 address of the NTP server.
oobm
Specifies that the NTP Unicast server is accessible over an OOBM interface.
key <key-id>
Specifies the authentication key.
max-poll <max-poll-val>
Configures the maximum time intervals in power of 2 seconds. Range is 4–17 (e.g., 5 would translate to 2 raised
to 5 or 32).
min-poll <min-poll-val>
Configures the minimum time intervals in seconds. Range is 4–17.
burst
Enables burst mode.
iburst
Enables initial burst mode.
version
Sets version 1–4.
Usage
A maximum of 8 NTP servers can be configured.
Example
switch(config)# ntp
server Allow the software clock to be synchronized by an NTP
time server.
broadcast Operate in broadcast mode.
unicast Operate in unicast mode.
switch(config)# ntp server
IP-ADDR IPv4 address of the NTP server.
44 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 45
IPV6-ADDR IPv6 address of the NTP server.
switch(config)# ntp server <IP-ADDR>
Key Specify the authentication key.
switch(config)# ntp server <IP-ADDR> key key-id
Max-poll Configure the maximum time intervals in seconds.
switch(config)# ntp server <IP-ADDR> key key-id max-poll
<4-17> Enter an integer number.
Switch(config)# ntp server <IP-ADDR> key key-id
Min-poll Configure the minimum time intervals in seconds.
switch(config)# ntp server <IP-ADDR> key key-id min-poll
<4-17> Enter an integer number.
switch(config)# ntp server <IP-ADDR> key key-id prefer max-poll
<max-poll-val> min-poll <min-poll-val>
iburst Enable initial burst (iburst) mode.
burst Enable burst mode.
Switch(config)# ntp server IP-ADDR key key-id prefer maxpoll <number>
minpoll <number> iburst
Restrictions
Validation Error/Warning/Prompt
If authentication key-id not configured
If Key-id is not marked as trusted
When min poll value is more than max poll value
Authentication key-id has not been
configured.
Key-id is not trusted.
NTP max poll value should be more than
min poll value.
ntp server key-id
Syntax
ntp server <IP-ADDR |IPV6-ADDR>
key—id <key-id> [max-poll
<max-poll-val>] [min-poll
<min-poll-val>] [burst | iburst]
Description
Configure the NTP server. <IP-ADDR> indicates the IPv4 address of the NTP server. <IPV6-ADDR> indicates the
IPv6 address of the NTP server.
Options
Chapter 2 Time Protocols 45
Page 46
burst
Enables burst mode.
iburst
Enables initial burst (iburst) mode.
key-id
Set the authentication key to use for this server.
max-poll <max-poll-val>
Configure the maximum time intervals in seconds.
min-poll <min-poll-val>
Configure the minimum time intervals in seconds.
ntp ipv6-multicast
This command is used to configure NTP multicast on a VLAN interface.
Syntax
ntp ipv6-multicast
Description
Configure the interface to listen to the NTP multicast packets.
Example
Switch(vlan-2)# ntp
ipv6-multicast Configure the interface to listen to the NTP multicast packets.
Restrictions
Validation Error/Warning/Prompt
If ipv6 is not enabled on vlan interface
IPv6 address not configured on the
VLAN.
debug ntp
This command is used to display debug messages for NTP.
Syntax
debug ntp <event |
packet>
Options
event
Displays event log messages related to NTP.
packets
Displays NTP packet messages.
Description
Enable debug logging. Use [no] to disable debug logging.
46 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 47
Example
Switch(config)# debug ntp
event Display event log messages related to NTP.
packet Display NTP packet messages.
ntp trap
This command is used to configure NTP traps.
Syntax
ntp trap <trap-name>
Description
Enable NTP traps. Use [no] to disable NTP traps.
Options
ntp-mode-change
Trap name resulting in send notification when the NTP entity changes mode, including
starting and stopping (if possible).
ntp-stratum-change
Trap name resulting in send notification when stratum level of NTP changes.
ntp-peer-change
Trap name resulting in send notification when a (new) syspeer has been selected.
ntp-new-association
Trap name resulting in send notification when a new association is mobilized.
ntp-remove-association
Trap name resulting in send notification when an association is demobilized.
ntp-config-change
Trap name resulting in send notification when the NTP configuration has changed.
ntp-leapsec-announced
Trap name resulting in send notification when a leap second has been announced.
ntp-alive-heartbeat
Trap name resulting in send notification periodically (as defined by
ntpEntHeartbeatInterval) to indicate that the NTP entity is still alive.
all
Enable all traps.
Usage
The traps defined below are generated as the result of finding an unusual condition while parsing an NTP packet
or a processing a timer event. Note that if more than one type of unusual condition is encountered while parsing
the packet or processing an event, only the first one will generate a trap. Possible trap names are:
- 'ntpEntNotifModeChange' The notification to be sent when the NTP entity changes
mode, including starting and stopping (if possible).
- 'ntpEntNotifStratumChange' The notification to be sent when stratum level of NTP
changes.
Chapter 2 Time Protocols 47
Page 48
- 'ntpEntNotifSyspeerChanged' The notification to be sent when a (new) syspeer has
been selected.
- 'ntpEntNotifAddAssociation' The notification to be sent when a new association is
mobilized.
- 'ntpEntNotifRemoveAssociation' The notification to be sent when an association is
demobilized.
- 'ntpEntNotifConfigChanged' The notification to be sent when the NTP configuration
has changed.
- 'ntpEntNotifLeapSecondAnnounced' The notification to be sent when a leap second
has been announced.
- 'ntpEntNotifHeartbeat' The notification to be sent periodically (as defined by
ntpEntHeartbeatInterval) to indicate that the NTP entity is still alive.
- 'ntpEntNotifAll' The notification to be sent when all traps have been enabled
show ntp statistics
This command is used to show NTP statistics.
Syntax
show ntp statistics
Description
Show information about NTP packets.
Examples
Switch(config)# show ntp statistics
NTP Global statistics information
NTP In Packets : 100
NTP Out Packets : 110
NTP Bad Version Packets : 4
NTP Protocol Error Packets : 0
switch(config)# show ntp statistics
NTP Global statistics information
NTP In Packets : 100
NTP Out Packets : 110
NTP Bad Version Packets : 4
NTP Protocol Error Packets : 0
show ntp status
Syntax
Description
Show the status of NTP.
show ntp status
48 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 49
Example
Switch(config)# show ntp status
NTP Status information
NTP Status : Disabled NTP Mode : Broadcast
Synchronization Status : Synchronized Peer Dispersion : 8.01 sec
Stratum Number : 2 Leap Direction : 1
Reference Assoc Id : 1 Clock Offset : 0.0000 sec
Reference : 192.0.2.1 Root Delay : 0.00 sec
Precision : 2**7 Root Dispersion : 15.91 sec
NTP Uptime : 01d 09h 15m Time Resolution : 1
Drift : 0.000000000 sec/sec
System Time : Tue Aug 25 04:59:11 2015
Reference Time : Mon Jan 1 00:00:00 1990
show ntp associations
Syntax
show ntp associations [detail
<IP-ADDR>]
Description
Show the status of configured NTP associations.
Options
detail
Show the detailed status of NTP associations configured for the system.
Switch(config)# show ntp associations
NTP Associations Entries
Address St T When Poll Reach Delay Offset Dispersion
-------------- --- -- ---- ----- ------ ------- ------- ----------
121.0.23.1 16 u - 1024 0 0.000 0.000 0.000
231.45.21.4 16 u - 1024 0 0.000 0.000 0.000
55.21.56.2 16 u - 1024 0 0.000 0.000 0.000
23.56.13.1 3 u 209 1024 377 54.936 -6.159 12.688
91.34.255.216 4 u 132 1024 377 1.391 0.978 3.860
Switch(config)# show ntp associations detail <IP ADDR>
NTP association information
IP address : 172.31.32.2 Peer Mode : Server
Status : Configured, Insane, Invalid Peer Poll Intvl : 64
Stratum : 5 Root Delay : 137.77 sec
Ref Assoc ID : 0 Root Dispersion : 142.75
Association Name : NTP Association 0 Reach : 376
Reference ID : 16.93.49.4 Delay : 4.23 sec
Our Mode : Client Offset : -8.587 sec
Our Poll Intvl : 1024 Precision : 2**19
Chapter 2 Time Protocols 49
Page 50
Dispersion : 1.62 sec
Association In Packets : 60
Association Out Packets : 60
Association Error Packets : 0
Origin Time : Fri Jul 3 11:39:40 2015
Receive Time : Fri Jul 3 11:39:44 2015
Transmit Time : Fri Jul 3 11:39:44 2015
-----------------------------------------------------------------------------
Filter Delay = 4.23 4.14 2.41 5.95 2.37 2.33 4.26 4.33
Filter Offset = -8.59 -8.82 -9.91 -8.42 -10.51 -10.77 -10.13 -10.11
show ntp authentication
Syntax
Description
Show the authentication status and other information about the authentication key.
show ntp authentication
Switch(config)# show ntp authentication
NTP Authentication Information
Key-ID Auth Mode Trusted
-------- ---------- -------
67 md5 yes
7 md5 no
1 sha1 yes
2 sha1 no
50 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 51
Validation rules
Validation Error/Warning/Prompt
If access-list name is not valid. Please enter a valid access-list name.
If the authentication method is being set to
two-factor authentication, various messages
display.
If the authentication method is set to twofactor while installing the public key, a
message displays.
If the username and the key installation user
for that privilege do not match, a message
displays and installation is not allowed.
If both the public key and username/password are not
configured: Public key and username/password should
be configured for a successful two-factor
authentication.
If public key is configured and username is not
configured:
Username and password should be configured for a
successful two-factor authentication.
If the username is configured and public key is not
configured:
Public key should be configured for a successful twofactor authentication.
If “ssh-server” certificate is not installed at the time of
enabling certificate-password authentication:
The “ssh-server” certificate should be installed for a
successful two-factor authentication.
The client public keys without username will not be
considered for the two-factor authentication for the SSH
session.
The username in the key being installed does not
match the username configured on the switch.
This will also happen when the
authentication method is set for two-factor.
If the maximum number of <username : TA
profile> associations is reached for a given
TA profile, a message displays.
If secondary authentication type for twofactor authentication chosen is not "none", a
message displays.
If the authentication method is anything other
than two-factor and the two-factor
authentication method options are set, a
message displays.
If two-factor authentication is set and user
tries to SSH into another system using ssh
<ip | hostname> command, a message
displays.
Maximum number of username associations with a TA
profile is 10.
Not legal combination of authentication methods.
Not legal combination of authentication methods.
SSH client is not supported when the two-factor
authentication is enabled.
Table Continued
Chapter 2 Time Protocols 51
Page 52
Validation Error/Warning/Prompt
If timeSync is in SNTP or Timep when NTP
is enabled.
If timesync is NTP and NTP is enabled and
we try to change timesync to SNTP.
If we try to configure NTP servers more than
the configured max-associations value.
If we have ‘n’ NTP servers configured and
we try to configure a max-associations value
less than (n) number of NTP servers already
configured.
If authentication key-id is not configured. Authentication key-id %d has not been configured.
If key-id is not marked as trusted. Key-id %d is not trusted.
If min poll value is more than max poll value. NTP max poll value should be more than min poll
If ipv6 is not enabled on vlan interface. IPv6 address not configured on the VLAN.
Timesync is not configured to NTP.
Disable NTP before changing timesync to SNTP or
TIMEP.
The maximum number of NTP servers allowed is 2.
Max-associations value cannot be less than the
number of NTP servers configured.
value.
52 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 53
Event log messages
Cause
Event Message
RMON_AUTH_TWO_FACTOR_AUTHEN_STATUS W 01/01/15 18:24:03 03397: auth: %s.
Examples:
W 01/01/15 18:24:03 03397: auth: Public key and
username/password should be configured for the
successful two-factor authentication.
W 01/01/15 18:24:03 03397: auth: Username and
password should be configured for the successful
two-factor authentication.
W 01/01/15 18:24:03 03397: auth: Public key should
be configured for the successful two-factor
authentication.
I 01/01/15 18:24:03 03397: auth: The validation of
certificate of SSH user ‘user1’ is successful.
RMON_SSH_KEY_TWO_FACTOR_EN W 01/01/15 18:24:03 03399: ssh: %s.
Examples:
W 01/01/15 18:24:03 03399: ssh: The client public
keys without username will not be considered for the
two-factor authentication for SSH session.
W 01/01/15 18:24:03 03399: ssh: The privilege level
for the user with the SSH key conflicts with the user
configured.
RMON_SSH_TWO_FACTOR_AUTH_FAIL W 01/01/15 18:24:03 03398: ssh: %s.
Examples:
W 01/01/15 18:24:03 03398: ssh: The two-factor
authentication for SSH session failed due to the
failure in public key authentication.
W 01/01/15 18:24:03 03398: ssh: The two-factor
authentication for SSH session failed due to the
failure in username/password authentication.
W 01/01/15 18:24:03 03398: ssh: The two-factor
authentication for SSH session failed due to the
failure in validating the client certificate.
W 01/01/15 18:24:03 03398: ssh: The two-factor
authentication for SSH session failed as “ssh-server”
certificate is not installed.
When NTP client enabled. NTP client is enabled.
When NTP client disabled. NTP client is disabled.
Table Continued
Chapter 2 Time Protocols 53
Page 54
Event Message
When NTP found a new broadcast server. A new broadcast server at %s.
When system clock was updated with new time. The system clock time was changed by %ld sec %lu
nsec. The new time is %s.
When NTP stratum was updated. The NTP Stratum was changed from %d to %d.
When all NTP associations are cleared. All the NTP server associations are reset.
When server is not reachable. The NTP Server 10.1.1.2 is unreachable. (2 times in
60 seconds)
When MD5/SHA1 authentication failed. The MD5 authentication on the NTP packet failed.
The SHA1 authentication on the NTP packet failed.
54 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 55
Chapter 3
Port Status and Configuration
Viewing port status and configuring port parameters
Connecting transceivers to fixed-configuration devices
If the switch either fails to show a link between an installed transceiver and another device or demonstrates errors
or other unexpected behavior on the link, check the port configuration on both devices for a speed and/or duplex
(mode) mismatch.
• To check the mode setting for a port on the switch, use either the Port Status screen in the menu interface or
show interfaces brief in the CLI (see Viewing port status and configuration (CLI)).
• To display information about the transceivers installed on a switch, enter the show tech receivers
command in the CLI (The show tech transceivers command on page 63).
Viewing port configuration (Menu)
The menu interface displays the configuration for ports and (if configured) any trunk groups.
From the Main Menu, select:
1. Status and Counters 4. Port Status
A switch port status screen
==========================- CONSOLE - MANAGER MODE -==========================
Status and Counters - Port Status
Intrusion MDI Flow Bcast
Port Type Alert Enabled Status Mode Mode Ctrl Limit
----- --------- --------- ------- ------ ---------- ----- ----- ------
1 100/1000T No Yes Down 100FDx Auto off 0
2 100/1000T No Yes Down 1000FDx Auto off 0
3 100/1000T No Yes Down 1000FDx Auto off 0
4 100/1000T No Yes Down 1000FDx Auto off 0
5 100/1000T No Yes Down 1000FDx Auto off 0
6 100/1000T No Yes Down 1000FDx Auto off 0
7 100/1000T No Yes Down 1000FDx Auto off 0
8 100/1000T No Yes Down 1000FDx Auto off 0
9 100/1000T No Yes Down 1000FDx Auto off 0
10 100/1000T No Yes Down 1000FDx Auto off 0
11 100/1000T No Yes Down 1000FDx Auto off 0
Actions-> Back Intrusion log Help
Return to previous screen.
Use up/down arrow keys to scroll to other entries, left/right arrow keys to
change action selection, and <Enter> to execute action.
Chapter 3 Port Status and Configuration 55
Page 56
Port Type
The port Type field represents the IEEE or other industry protocol in operation on that port. For
example, 1000Base-SX is a gigabit protocol for gigabit operation over fiber optic cable.
Status of
Ports
Flow
Control
A port can be enabled or disabled:
• Yes: Enabled, the default. This indicates the port is ready for a network connection.
• No: Disabled, the port will not operate, even if properly connected to a network. Use the setting,
For example, to shut the port down for diagnostic purposes or while you are making topology
changes.
The status of a port can be up or down (Read-only):
Up: The port senses a link beat.
Down: The port is not enabled, has no cables connected, or is experiencing a network error. For
troubleshooting information, see the installation and getting started guide for your switch.
With the port mode set to Auto (the default) and flow control on (enabled), the switch negotiates
flow control on the indicated port. If the port mode is not set to Auto, or if flow control is off
(disabled) on the port, then flow control is not used. Flow control must be enabled on both ends of
a link.
• On: Enabled. The port uses 802.3x Link Layer Flow Control, generates flow control packets,
and processes received flow control packets.
• Off: Disabled (default).The port does not generate flow control packets, and drops any flow
control packets it receives.
Broadcast
Limit
Modes
The broadcast limit specifies the percentage of the theoretical maximum network bandwidth that
can be used for broadcast and multicast traffic. Any broadcast or multicast traffic exceeding that
limit will be dropped. Zero (0) means the feature is disabled.
The broadcast-limit command operates at the port context level to set the broadcast limit for a
port on a switch.
NOTE: This feature is not appropriate for networks that require high levels of IPX or
RIP broadcast traffic.
The mode is the port’s speed and duplex (date transfer operation) setting. The following table
shows possible modes available, depending on the port type (copper or fiber) and port speed.
Table 3: Supported Modes
Mode Speed and Duplex Settings
Auto-MDIX Senses speed and negotiates with the port at the other end of the link for port operation (MDI-X
or MDI). To see what the switch negotiates for the Auto setting, use the CLI show interfaces
brief command or the menu commands “1. Status and Counters”, “3. Port Status”.This
features applies only to copper port switches using twisted-pair copper Ethernet cables.
MDI Sets the port to connect with a PC using a crossover cable (Manual mode— applies only to
copper port switches using twisted-pair copper Ethernet cables).
Table Continued
56 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 57
Mode Speed and Duplex Settings
MDIX Sets the port to connect with a PC using a straight-through cable (Manual mode—applies only to
copper port switches using twisted-pair copper Ethernet cables).
Auto-10 Allows the port to negotiate between half-duplex (HDx) and full-duplex (FDx) while keeping
speed at 10Mbps. Also negotiates flow control (enabled or disabled). Hewlett Packard
Enterprise recommends Auto-10 for links between 10/100 auto-sensing ports connected with
Cat 3 cabling. (Cat 5 cabling is required for 100 Mbps links.)
Auto-100 Uses 100 Mbps and negotiates with the port at the other end of the link for other port operation
features.
Auto-10-100 Allows the port to establish a link with the port at the other end at either 10 Mbps or 100 Mbps,
using the highest mutual speed and duplex mode available. Only these speeds are allowed with
this setting.
Auto-1000 Uses 1000 Mbps and negotiates with the port at the other end of the link for other port operation
features.
10HDx Uses 10 Mbps, Half-Duplex
100HDx Uses 100 Mbps, Half-Duplex
10FDX Uses 10 Mbps, Full-Duplex
100FDx Uses 100 Mbps, Full-Duplex
1000FDx Uses 1000 Mbps, Full-Duplex
10 GbE FDx Uses 10 Gigabits/sec Full-Duplex
The next two tables display the protocols and modes supported for copper ports and fiber optic ports, respectively.
Table 4: Protocols and modes supported for copper ports
10/100 Mbps Gigabit 10 Gigabit
10/100 TX 10/100/1000-T 10GBASE-CX4
Modes Settings Modes Settings Modes Settings
Auto
10HDx
100HDx
10FDx
100FDx
10HDx
100HDx
10FDx
Auto
Auto-10
Auto-100
Auto-10-100
1000FDx
10HDx
100FDx
100FDx
Auto 10 Gigabit FDx
100FDx
Chapter 3 Port Status and Configuration 57
100FDX
Auto-1000
10HDx
100HDX
1000FDx
10HDx
100HDx
Page 58
Table 5: Protocols and modes supported for fiber optic ports
100 Mbps Gigabit 10 Gigabit
Protocols
Modes
100BASE-FX
100BASE-BX10
100HDx
100FDx
1000BASE-SX
1000BASE-LX
1000BASE-BX
101000BASE-LH
Auto1000FDx Auto
10GBASE-SR
10GBASE-LR
10GBASE-LRM
Configuring ports (Menu)
The menu interface uses the same screen for configuring both individual ports and port trunk groups. For
information on port trunk groups, see the chapter on "Port Trunking".
Procedure
1. From the Main Menu, select:
2. Switch Configuration…
2. Port/Trunk Settings
Port/trunk settings with a trunk group configured
=====================- TELNET - MANAGER MODE -=====================
Switch Configuration - Port/Trunk Settings
Port Type Enabled Mode Flow Ctrl Group Type
---- -------- + -------- ----------- --------- ----- ---- A1 1000T | Yes Auto-10-100 Disable
A2 1000T | Yes Auto-10-100 Disable
A3 1000T | Yes Auto Disable
A3 1000T | Yes Auto Disable
A4 1000T | Yes Auto Disable
A5 1000T | Yes Auto Disable
A6 1000T | Yes Auto Disable
A7 1000T | Yes Auto Disable Trk1 Trunk
A8 1000T | Yes Auto Disable Trk2 Trunk
Actions-> Cancel Edit Save Help
Cancel changes and return to previous screen.
Use arrow keys to change action selection and <Enter> to execute
action.
2. Press [E] (for Edit).
The cursor moves to the Enabled field for the first port.
For further information on configuration options for these features, see the online help provided with this
screen.
3. When you have finished making changes to the above parameters, press [Enter], then press [S] (for
Save).
58 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 59
Viewing port status and configuration (CLI)
Use the following commands to display port status and configuration data.
Syntax:
show interfaces [brief | config | < port-list >]
brief
Lists the current operating status for all ports on the switch.
config
Lists a subset of configuration data for all ports on the switch; that is, for each port, the display shows whether
the port is enabled, the operating mode, and whether it is configured for flow control.
<port-list>
Shows a summary of network traffic handled by the specified ports.
The show interfaces brief command listing
switch(config)# show interfaces brief
Status and Counters - Port Status
| Intrusion MDI Flow Bcast
Port Type | Alert Enabled Status Mode Mode Ctrl Limit
----- --------- + --------- ------- ------ ---------- ----- ----- ------
B1 100/1000T | No Yes Down Auto-10-100 Auto off 0
B2 100/1000T | No Yes Down 1000FDx Auto off 0
B3 100/1000T | No Yes Down 1000FDx Auto off 0
B4 100/1000T | No Yes Down 1000FDx Auto off 0
B5 100/1000T | No Yes Down 1000FDx Auto off 0
B6 100/1000T | No Yes Down 1000FDx Auto off 0
The show interfaces config command listing
switch(config)# show interfaces config
Port Settings
Port Type | Enabled Mode Flow Ctrl MDI
----- --------- + ------- ------------ --------- ----
B1 100/1000T | Yes Auto-10-100 Disable Auto
B2 100/1000T | Yes Auto Disable Auto
B3 100/1000T | Yes Auto Disable Auto
B4 100/1000T | Yes Auto Disable Auto
B5 100/1000T | Yes Auto Disable Auto
B6 100/1000T | Yes Auto Disable Auto
Dynamically updating the show interfaces command (CLI/Menu)
Syntax:
show interfaces display
Uses the display option to initiate the dynamic update of the show interfaces command, with the output
being the same as the show interfaces command.
Chapter 3 Port Status and Configuration 59
Page 60
NOTE: Select Back to exit the display.
Example:
switch# show interfaces display
When using the display option in the CLI, the information stays on the screen and is updated every 3 seconds, as
occurs with the display using the menu feature. The update is terminated with Cntl-C.
You can use the arrow keys to scroll through the screen when the output does not fit in one screen.
Figure 6: show interfaces display command with dynamically updating output
Customizing the show interfaces command (CLI)
You can create show commands displaying the information that you want to see in any order you want by using
the custom option.
Syntax:
show interfaces custom [port-list] column-list
Select the information that you want to display. Supported columns are shown in the table below.
Table 6: Supported columns, what they display, and examples:
Parameter column Displays Examples
port Port identifier A2
type Port type 100/1000T
status Port status up or down
Table Continued
60 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 61
Parameter column Displays Examples
speed Connection speed and duplex 1000FDX
mode Configured mode auto, auto-100, 100FDX
mdi MDI mode auto, MDIX
flow Flow control on or off
name Friendly port name
vlanid The vlan id this port belongs to, or "tagged" if it
belongs to more than one vlan
enabled port is or is not enabled yes or nointrusion
intrusion Intrusion alert status no
bcast Broadcast limit 0
The custom show interfaces command
switch(config)# show int custom 1-4 port name:4 type vlan intrusion speed enabled mdi
Status and Counters - Custom Port Status
Intrusion
Port Name Type VLAN Alert Speed Enabled MDI-mode
---- ---------- ---------- ----- --------- ------- ------- --------
1 Acco 100/1000T 1 No 1000FDx Yes Auto
2 Huma 100/1000T 1 No 1000FDx Yes Auto
3 Deve 100/1000T 1 No 1000FDx Yes Auto
4 Lab1 100/1000T 1 No 1000FDx Yes Auto
You can specify the column width by entering a colon after the column name, then indicating the number of
characters to display. In the above example, the Name column displays only the first four characters of the name.
All remaining characters are truncated.
4tagged
NOTE: Each field has a fixed minimum width to be displayed. If you specify a field width smaller than
the minimum width, the information is displayed at the minimum width. For example, if the minimum
width for the Name field is 4 characters and you specify Name:2, the Name field displays 4
characters.
You can enter parameters in any order. There is a limit of 80 characters per line; if you exceed this limit an error
displays.
Error messages associated with the show interfaces command
The following table provides information on error messages associated with the show interfaces custom
command.
Chapter 3 Port Status and Configuration 61
Page 62
Error Error message
Requesting too many fields (total characters exceeds
80)
Field name is misspelled Invalid input: <input>
Mistake in specifying the port list Module not present for port or invalid port: <input>
The port list is not specified Incomplete input: custom
Total length of selected data exceeds one line
Note on using pattern matching with the show interfaces custom command
If you have included a pattern matching command to search for a field in the output of the show int custom
command, and the show int custom command produces an error, the error message may not be visible and
the output is empty. For example, if you enter a command that produces an error (such as vlan is misspelled) with
the pattern matching include option, the output may be empty:
HP Switch(config)# show int custom 1-3 name vlun | include vlan1
It is advisable to try the show int custom command first to ensure there is output, and then enter the
command again with the pattern matching option.
Note that in the above command, you can substitute int for interface; that is: show int custom.
Viewing port utilization statistics (CLI)
Use the show interface port-utilization command to view a real-time rate display for all ports on the
switch. The example below shows a sample output from this command.
A show interface port-utilization command listing
switch(config)# show interfaces port-utilization
Status and Counters - Port Utilization
Rx Tx
Port Mode | -------------------------- | ------------------------- | Kbits/sec Pkts/sec Util | Kbits/sec Pkts/sec Util
----- -------- + ---------- --------- ----- + ---------- --------- -----
B1 1000FDx | 0 0 0 | 0 0 0
B2 1000FDx | 0 0 0 | 0 0 0
B3 1000FDx | 0 0 0 | 0 0 0
B4 1000FDx | 0 0 0 | 0 0 0
B5 1000FDx | 0 0 0 | 0 0 0
B6 1000FDx | 0 0 0 | 0 0 0
B7 100FDx | 624 86 00.62 | 496 0 00.49
62 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 63
Operating notes for viewing port utilization statistics
• For each port on the switch, the command provides a real-time display of the rate at which data is received
(Rx) and transmitted (Tx) in terms of kilobits per second (KBits/s), number of packets per second (Pkts/s), and
utilization (Util) expressed as a percentage of the total bandwidth available.
• The show interfaces <port-list> command can be used to display the current link status and the port
rate average over a 5 minute period. Port rates are shown in bits per second (bps) for ports up to 1 Gigabit; for
10 Gigabit ports, port rates are shown in kilobits per second (Kbps).
Viewing transceiver status (CLI)
The show interfaces transceivers command allows you to:
• Remotely identify transceiver type and revision number without having to physically remove an installed
transceiver from its slot.
• Display real-timestatus information about all installed transceivers, including non-operational transceivers.
The example shows sample output from the show tech transceivers command.
NOTE: Part # column below enables you to determine the manufacturer for a specified transceiver
and revision number.
The show tech transceivers command
switch# show tech transceivers
Transceiver Technical Information:
Port # | Type | Prod # | Serial # | Part #
-------+-----------+--------+------------------+----------
21 | 1000SX | J4858B | CN605MP23K |
22 | 1000LX | J4859C | H11E7X | 2157-2345
23 | ?? | ?? | non operational |
25 | 10GbE-CX4 | J8440A | US509RU079 |
26 | 10GbE-CX4 | J8440A | US540RU002 |
27 | 10GbE-LR | J8437B | PPA02-2904:0017 | 2157-2345
28 | 10GbE-SR | J8436B | 01591602 | 2158-1000
29 | 10GbE-ER | J8438A | PPA03-2905:0001 |
The following transceivers may not function correctly:
Port # Message
-------- ------------------------
Port 23 Self test failure.
Operating Notes
The following information is displayed for each installed transceiver:
• Port number on which transceiver is installed.
• Type of transceiver.
• Product number — Includes revision letter, such as A, B, or C. If no revision letter follows a product number,
this means that no revision is available for the transceiver.
• Part number — Allows you to determine the manufacturer for a specified transceiver and revision number.
Chapter 3 Port Status and Configuration 63
Page 64
• For a non-HPE switches installed transceiver (see line 23 of "The show tech transceivers command"
example), no transceiver type, product number, or part information is displayed. In the Serial Number field,
non-operational is displayed instead of a serial number.
• The following error messages may be displayed for a non-operational transceiver:
◦ Unsupported Transceiver. (SelfTest Err#060)
◦ This switch only supports revision B and above transceivers.
◦ Self test failure.
◦ Transceiver type not supported in this port.
◦ Transceiver type not supported in this software version.
◦ Not an HPE Switch Transceiver.
Enabling or disabling ports and configuring port mode (CLI)
You can configure one or more of the following port parameters.
Syntax:
[no] interface <port-list> [<disable|enable>]
Disables or enables the port for network traffic. Does not use the no form of the command. (Default: enable.)
speed-duplex [<auto-10|10-full|10-half|100-full|100-half|auto|auto-100|1000-full>]
Note that in the above Syntax:, you can substitute int for interface (for example, int <port-list> ).
Specifies the port's data transfer speed and mode. Does not use the no form of the command. (Default: auto.)
The 10/100 auto-negotiation feature allows a port to establish a link with a port at the other end at either 10 Mbps
or 100 Mbps, using the highest mutual speed and duplex mode available. Only these speeds are allowed with this
setting.
Examples:
To configure port C5 for auto-10-100, enter this command:
switch(config)# int c5 speed-duplex auto-10-100
To configure ports C1 through C3 and port C6 for 100Mbps full-duplex, enter these commands:
switch(config)# int c1-c3,c6 speed-duplex 100-full
Similarly, to configure a single port with the above command settings, you could either enter the same command
with only the one port identified or go to the context level for that port and then enter the command. For example,
to enter the context level for port C6 and then configure that port for 100FDx:
switch(config)# int e c6
switch(eth-C6)# speed-duplex 100-full
64 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 65
If port C8 was disabled, and you wanted to enable it and configure it for 100FDx with flow-control active, you
could do so with either of the following command sets:
Figure 7: Two methods for changing a port configuration
For more on flow control, see Enabling or disabling flow control (CLI) on page 65.
Enabling or disabling flow control (CLI)
NOTE: You must enable flow control on both ports in a given link. Otherwise, flow control does not
operate on the link and appears as Off in the show interfaces brief port listing, even if flow
control is configured as enabled on the port in the switch. (See The show interfaces brief
command listing example.) Also, the port (speed-duplex) mode must be set to Auto (the default).
To disable flow control on some ports, while leaving it enabled on other ports, just disable it on the individual ports
you want to exclude.
Syntax:
[no] interface <port-list> flow-control
Enables or disables flow control packets on the port. The no form of the command disables flow control on the
individual ports. (Default: Disabled.)
Examples:
Suppose that:
1. You want to enable flow control on ports A1-A6.
2. Later, you decide to disable flow control on ports A5 and A6.
3. As a final step, you want to disable flow control on all ports.
Chapter 3 Port Status and Configuration 65
Page 66
Assuming that flow control is currently disabled on the switch, you would use these commands:
Figure 8: Configuring flow control for a series of ports
switch(config)# int a1-a6 flow-control
switch(config)# show interfaces brief
Status and Counters - Port Status
| Intrusion MDI Flow Bcast
Port Type | Alert Enabled Status Mode Mode Ctrl Limit
------ --------- + --------- ------- ------ ---------- ---- ---- -----
A1 10GbE-T | No Yes Up 1000FDx NA on 0
A2 10GbE-T | No Yes Up 10GigFD NA on 0
A3 10GbE-T | No Yes Up 10GigFD NA on 0
A4 10GbE-T | No Yes Up 10GigFD NA on 0
A5 10GbE-T | No Yes Up 10GigFD NA on 0
A6 10GbE-T | No Yes Up 10GigFD NA on 0
A7 10GbE-T | No Yes Down 10GigFD NA off 0
A8 10GbE-T | No Yes Up 10GigFD NA off 0
switch(config)# no int a5-a6 flow-control
switch(config)# show interfaces brief
Status and Counters - Port Status
| Intrusion MDI Flow Bcast
Port Type | Alert Enabled Status Mode Mode Ctrl Limit
------ --------- + --------- ------- ------ ---------- ---- ---- -----
A1 10GbE-T | No Yes Up 1000FDx NA on 0
A2 10GbE-T | No Yes Down 10GigFD NA on 0
A3 10GbE-T | No Yes Down 10GigFD NA on 0
A4 10GbE-T | No Yes Down 10GigFD NA on 0
A5 10GbE-T | No Yes Down 10GigFD NA off 0
A6 10GbE-T | No Yes Down 10GigFD NA off 0
A7 10GbE-T | No Yes Down 10GigFD NA off 0
A8 10GbE-T | No Yes Down 10GigFD NA off 0
switch(config)# no int a1-a4 flow-control
switch(config)# show interfaces brief
Status and Counters - Port Status
| Intrusion MDI Flow Bcast
Port Type | Alert Enabled Status Mode Mode Ctrl Limit
------ --------- + --------- ------- ------ ---------- ---- ---- -----
A1 10GbE-T | No Yes Down 1000FDx NA off 0
A2 10GbE-T | No Yes Down 10GigFD NA off 0
A3 10GbE-T | No Yes Down 10GigFD NA off 0
A4 10GbE-T | No Yes Down 10GigFD NA off 0
A5 10GbE-T | No Yes Down 10GigFD NA off 0
A6 10GbE-T | No Yes Down 10GigFD NA off 0
A7 10GbE-T | No Yes Down 10GigFD NA off 0
A8 10GbE-T | No Yes Down 10GigFD NA off 0
66 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 67
Configuring a broadcast limit
Broadcast-Limit on switches covered in this guide is configured on a per-port basis. You must be at the port
context level for this command to work, for example:
switch(config)#int 1
switch(int 1)# broadcast-limit 1
Broadcast-limit
Syntax:
broadcast-limit <0-99>
Enables or disables broadcast limiting for outbound broadcasts on a selected port on the switch. The value
selected is the percentage of traffic allowed, for example, broadcast-limit 5 allows 5% of the maximum
amount of traffic for that port. A value of zero disables broadcast limiting for that port.
NOTE:
You must switch to port context level before issuing the broadcast-limit command.
This feature is not appropriate for networks requiring high levels of IPX or RIP broadcast traffic.
Syntax:
show config
Displays the startup-config file. The broadcast limit setting appears here if enabled and saved to the startup-config
file.
Syntax:
show running-config
Displays the running-config file. The broadcast limit setting appears here if enabled. If the setting is not also saved
to the startup-config file, rebooting the switch returns broadcast limit to the setting currently in the startup-config
file.
For example, the following command enables broadcast limiting of 1 percent of the traffic rate on the selected port
on the switch:
switch(int 1)# broadcast-limit 1
For a one Gbps port this results in a broadcast traffic rate of ten Mbps.
Port shutdown with broadcast storm
A LAN broadcast storm arises when an excessively high rate of broadcast packets flood the LAN. Occurrence of
LAN broadcast storm disrupts traffic and degrades network performance. To prevent LAN traffic from being
disrupted, an enhancement of fault-finder commands adds new options, and the corresponding MIBs, that trigger
a port disablement when a broadcast storm is detected on that port.
Under this enhancement, the CLI commands given only supports broadcast traffic and not multicast and unicast
types of traffic.
The waiting period range for re-enabling ports is 0 to 604800 seconds. The default waiting period to re-enable a
port is zero which prevents the port from automatic re-enabling.
Chapter 3 Port Status and Configuration 67
Page 68
NOTE: Avoid port flapping when choosing the waiting period by considering the time to re-enable
carefully.
Use the following commands to configure the broadcast-storm on a port.
Syntax:
[no] fault-finder broadcast-storm [ethernet] <port-list> action [warn|warn-and-disable <seconds>] [percent <percent>|pps <rate>]
To remove the current configuration of broadcast-storm on a port, use:
Syntax:
no fault-finder broadcast-storm [ethernet] <port-list>
broadcast-storm
Configure broadcast storm control.
pps
Rising threshold level in number of broadcast packets per second.
percent
Rising threshold level as a percentage of bandwidth of the port. The percentage is calculated on 64 byte
packet size.
warn
Log the event only.
warn-and-disable
Log the event and disable the port.
seconds
Re-enable the port after waiting for the specified number of seconds. Default is not to re-enable.
Configuration examples:
switch(config)# fault-finder broadcast-storm [ethernet] <A1> action [warn-and-disable <65535>]< percent 10>
switch(config)# fault-finder broadcast-storm [ethernet] <A2> action [warn-and-disable <pps 100>
switch(config)# fault-finder broadcast-storm [ethernet] <A22> action [warn] <pps 100>
Viewing broadcast storm
Use the following command to display the broadcast-storm-control configuration.
Syntax:
show fault-finder broadcast-storm [[ethernet] port-list]
Examples:
switch# show fault-finder broadcast-storm [A1]
68 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 69
Port Bcast Storm Port Status Rising
Threshold
Action Disable
Timer
Disable
Timer Left
A1 Yes Down 10% warn-and-
disable
switch (config)# show fault-finder broadcast-storm
Port Bcast Storm Port Status Rising
Threshold
A1 Yes Down 200 pps warn-and-
switch (config)# show fault-finder broadcast-storm A1
Port Bcast Storm Port Status Rising
Threshold
A1 No Up — none — —
switch (config)# show fault-finder broadcast-storm
Port Bcast Storm Port Status Rising
Threshold
Action Disable
disable
Action Disable
Action Disable
65535 —
Timer
10 9
Timer
Timer
Disable
Timer Left
Disable
Timer Left
Disable
Timer Left
A1 Yes Up 75% warn — —
SNMP MIB
SNMP support will be provided through the following MIB objects:
hpicfFfBcastStormControlPortConfig OBJECT IDENTIFIER
:: = { hpicfFaultFinder 5 }
hpicfFfBcastStormControlPortConfigTable OBJECT-TYPE
• syntax sequence: HpicfFfBcastStormControlPortConfigEntry
• max-access: not-accessible
• status: current
• description: This table provides information about broadcast storm control configuration of all ports.::=
{hpicfFfBcastStormControlPortConfig 1}
hpicfFfBcastStormControlPortConfigEntry OBJECT-TYPE
• syntax HpicfFfBcastStormControlPortConfigEntry
• max-access: not-accessible
• status: current
Chapter 3 Port Status and Configuration 69
Page 70
• description: This object provides information about broadcast storm control configuration of each port.
• index: {hpicfffbcaststormcontrolportindex}::= {hpicfFfBcastStormControlPortConfigTable 1}
hpicfFfBcastStormControlPortConfigEntry ::=
Syntax sequence:hpicfFfBcastStormControlPortIndex InterfaceIndex,
hpicfFfBcastStormControlMode Integer,
hpicfFfBcastStormControlRisingpercent Integer32,
hpicfFfBcastStormControlRisingpps Integer32,
hpicfFfBcastStormControlAction Integer,
hpicfFfBcastStormControlPortDisableTimer Unsigned32
hpicfFfBcastStormControlPortIndex OBJECT-TYPE
• Syntax: Interfaceindex
• max-access: not-accessible
• status: current
• description: The Index Value Which Uniquely Identifies A Row In The Interfaces Table.
::= {hpicfFfBcastStormControlPortConfigEntry 1}
hpicfFfBcastStormControlMode OBJECT-TYPE
• Syntax Integer: disabled(1), Bcastrisinglevelpercent(2), Bcastrisinglevelpps(3)
• max-access: read-write
• status: current
• description: The broadcast storm control mode of a port. A value of disable (1) indicates that no rising
threshold value is set for broadcast storm traffic on this port. A value of bcastrisinglevelpercent (2) indicates
that the rising threshold rate for broadcast storm traffic is configured in percentage of port bandwidth. A value
of bcastrisinglevelpps (3) indicates that the rising threshold rate for broadcast storm traffic is configured in
packets per second.
• DEFVAL: disabled
::= {hpicfFfBcastStormControlPortConfigEntry 2}
hpicfFfBcastStormControlRisingpercent OBJECT-TYPE
• Syntax Integer32 (1..100)
• max-access: read-write
• status: current
• description: This Is The Rising Threshold Level in percent of bandwidth of the port.
hpicfFfBcastStormControlAction occurs when broadcast traffic reaches this level.
::= {hpicfFfBcastStormControlPortConfigEntry 3}
70 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 71
hpicfFfBcastStormControlRisingpps OBJECT-TYPE
• Syntax Integer32 (1..10000000)
• max-access: read-write
• status: current
• description: This object indicates the rising threshold for broadcast storm control. This value is in packets-persecond of received broadcast traffic. hpicfffbcaststormcontrolaction object takes action when broadcast
traffic reaches this level.
::= {hpicfFfBcastStormControlPortConfigEntry 4}
hpicfFfBcastStormControlAction OBJECT-TYPE
• Syntax integer: none(1), warn(2), warnanddisable(3)
• max-access: read-write
• status: current
• Description: This object defines the action taken by the switch when a broadcast storm occurs on a port. A
value of none (1) indicates that no action is performed. A value of warn (2) indicates that an event is logged
when broadcast traffic crosses the threshold value set on that port. A value of warn-and-disable (3) indicates
that the port is disabled and an event is logged as soon as the broadcast traffic reaches the threshold value
set on that port.
• DEFVAL: none
::= {hpicfFfBcastStormControlPortConfigEntry 5}
hpicfFfBcastStormControlPortDisableTimer OBJECT-TYPE
• Syntax Unsigned32 (0..604800)
• Units: seconds
• max-access: read-write
• status: current
• Description: This object specifies the time period for which the port remains in disabled state. A port is disabled
when broadcast traffic reaches the threshold value set on that port. This time period is specified in seconds.
The default value is zero which means that the port remains disabled and is not enabled again.
• DEFVAL {0}
::= {hpicfFfBcastStormControlPortConfigEntry 6}
Configuring auto-MDIX
Copper ports on the switch can automatically detect the type of cable configuration (MDI or MDI-X) on a
connected device and adjust to operate appropriately.
This means you can use a "straight-through" twisted-pair cable or a "crossover" twisted-pair cable for any of the
connections—the port makes the necessary adjustments to accommodate either one for correct operation. The
following port types on your switch support the IEEE 802.3ab standard, which includes the "Auto MDI/MDI-X"
feature:
Chapter 3 Port Status and Configuration 71
Page 72
• 10/100-TX xl module ports
• 100/1000-T xl module ports
• 10/100/1000-T xl module ports
Using the above ports:
• If you connect a copper port using a straight-through cable on a switch to a port on another switch or hub that
uses MDI-X ports, the switch port automatically operates as an MDI port.
• If you connect a copper port using a straight-through cable on a switch to a port on an end node—such as a
server or PC—that uses MDI ports, the switch port automatically operates as an MDI-X port.
Auto-MDIX was developed for auto-negotiating devices, and was shared with the IEEE for the development of the
IEEE 802.3ab standard. Auto-MDIX and the IEEE 802.3ab Auto MDI/MID-X feature are completely compatible.
Additionally, Auto-MDIX supports operation in forced speed and duplex modes.
For more information on this subject, see the IEEE 802.3ab standard reference. For more information on MDI-X,
the installation and getting started guide for your switch.
Manual override
If you require control over the MDI/MDI-X feature, you can set the switch to either of these non-default modes:
• Manual MDI
• Manual MDI-X
The table below shows the cabling requirements for the MDI/MDI-X settings.
Table 7: Cable types for auto and manual MDI/MDI-X settings
Setting MDI/MDI-X device type
PC or other MDI device type Switch, hub, or other MDI-X device
Manual MDI Crossover cable Straight-through cable
Manual MDI-X Straight-through cable Crossover cable
Auto-MDI-X (the default) Either crossover or straight-through cable
The AutoMDIX features apply only to copper port switches using twisted-pair copper Ethernet cables.
Configuring auto-MDIX (CLI)
The auto-MDIX features apply only to copper port switches using twisted-pair copper Ethernet cables. For
information about auto-MDIX, see Configuring auto-MDIX on page 71.
Syntax:
interface <port-list> mdix-mode < {auto-mdix | mdi | mdix>}
72 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 73
auto-mdix
The automatic,default setting. This configures the port for automatic detection of the cable
(either straight-through or crossover).
mdi
mdix
Syntax:
show interfaces config
Lists the current per-port Auto/MDI/MDI-X configuration.
Syntax:
show interfaces brief
• Where a port is linked to another device, this command lists the MDI mode the port is currently using.
• In the case of ports configured for Auto ( auto-mdix), the MDI mode appears as either MDI or MDIX,
depending upon which option the port has negotiated with the device on the other end of the link.
• In the case of ports configured for MDI or MDIX, the mode listed in this display matches the configured setting.
The manual mode setting that configures the port for connecting to either a PC or other MDI
device with a crossover cable, or to a switch, hub, or other MDI-X device with a straightthrough cable.
The manual mode setting that configures the port for connecting to either a switch, hub, or
other MDI-X device with a crossover cable, or to a PC or other MDI device with a straightthrough cable.
• If the link to another device was up, but has gone down, this command shows the last operating MDI mode the
port was using.
• If a port on a given switch has not detected a link to another device since the last reboot, this command lists
the MDI mode to which the port is currently configured.
The show interfaces config displays the following data when port A1 is configured for auto-mdix, port A2
is configured for mdi, and port A3 is configured for mdix:
Displaying the current MDI configuration
switch(config)# show interfaces config
Port Settings
Port Type | Enabled Mode Flow Ctrl MDI
------ --------- + ------- ------------ --------- ----
A1 10GbE-T | Yes Auto Disable Auto
A2 10GbE-T | Yes Auto Disable MDI
A3 10GbE-T | Yes Auto Disable MDIX
A4 10GbE-T | Yes Auto Disable Auto
A5 10GbE-T | Yes Auto Disable Auto
A6 10GbE-T | Yes Auto Disable Auto
A7 10GbE-T | Yes Auto Disable Auto
A8 10GbE-T | Yes Auto Disable Auto
Chapter 3 Port Status and Configuration 73
Page 74
Displaying the current MDI operating mode
switch(config)# show interfaces brief
Status and Counters - Port Status
| Intrusion MDI Flow Bcast
Port Type | Alert Enabled Status Mode Mode Ctrl Limit
------ --------- + --------- ------- ------ ---------- ---- ---- -----
A1 10GbE-T | No Yes Up 1000FDx MDIX off 0
A2 10GbE-T | No Yes Down 10GigFD MDI off 0
A3 10GbE-T | No Yes Down 10GigFD MDIX off 0
A4 10GbE-T | No Yes Down 10GigFD Auto off 0
A5 10GbE-T | No Yes Down 10GigFD Auto off 0
A6 10GbE-T | No Yes Down 10GigFD Auto off 0
A7 10GbE-T | No Yes Down 10GigFD Auto off 0
A8 10GbE-T | No Yes Down 10GigFD Auto off 0
Using friendly (optional) port names
This feature enables you to assign alphanumeric port names of your choosing to augment automatically assigned
numeric port names. This means you can configure meaningful port names to make it easier to identify the source
of information listed by some show commands. (Note that this feature augments port numbering, but does not
replace it.)
Configuring and operating rules for friendly port names
• At either the global or context configuration level, you can assign a unique name to a port. You can also assign
the same name to multiple ports.
• The friendly port names you configure appear in the output of the show name [port-list], show config, and
show interface <port-number > commands. They do not appear in the output of other show
commands or in Menu interface screens. (See Displaying friendly port names with other port data (CLI) on
page 75.)
• Friendly port names are not a substitute for port numbers in CLI commands or Menu displays.
• Trunking ports together does not affect friendly naming for the individual ports. (If you want the same name for
all ports in a trunk, you must individually assign the name to each port.)
• A friendly port name can have up to 64 contiguous alphanumeric characters.
• Blank spaces within friendly port names are not allowed, and if used, cause an invalid input error. (The switch
interprets a blank space as a name terminator.)
• In a port listing, not assigned indicates that the port does not have a name assignment other than its fixed
port number.
• To retain friendly port names across reboots, you must save the current running-configuration to the startupconfig file after entering the friendly port names. (In the CLI, use the write memory command.)
Configuring friendly port names (CLI)
For detailed information about friendly port names, see Using friendly (optional) port names on page 74.
Syntax:
interface <port-list> name <port-name-string>
74 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 75
Assigns a port name to port-list.
Syntax:
no interface <port-list> name
Deletes the port name from <port-list>.
Configuring a single port name (CLI)
Suppose that you have connected port A3 on the switch to Bill Smith's workstation, and want to assign Bill's name
and workstation IP address (10.25.101.73) as a port name for port A3:
Configuring a friendly port name
switch(config)# int A3 name
Bill_Smith@10.25.101.73
switch(config)# write mem
switch(config)# show name A3
Port Names
Port : A3
Type : 10/100TX
Configuring the same name for multiple ports (CLI)
Suppose that you want to use ports A5 through A8 as a trunked link to a server used by a drafting group. In this
case you might configure ports A5 through A8 with the name "Draft-Server:Trunk."
Configuring one friendly port name on multiple ports
switch(config)# int a5-a8 name Draft-Server:Trunk
switch(config)# write mem
switch(config)# show name a5-a8
Port Names
Port : A5
Type : 10GbE-T
Name : Draft-Server:Trunk
Port : A6
Type : 10GbE-T
Name : Draft-Server:Trunk
Port : A7
Type : 10GbE-T
Name : Draft-Server:Trunk
Port : A8
Type : 10GbE-T
Name : Draft-Server:Trunk
Displaying friendly port names with other port data (CLI)
You can display friendly port name data in the following combinations:
Syntax:
show name
Chapter 3 Port Status and Configuration 75
Page 76
Displays a listing of port numbers with their corresponding friendly port names and also quickly shows you which
ports do not have friendly name assignments. (show name data comes from the running-config file.)
Syntax:
show interface <port-number>
Displays the friendly port name, if any, along with the traffic statistics for that port. (The friendly port name data
comes from the running-config file.)
Syntax:
show config
Includes friendly port names in the per-port data of the resulting configuration listing. (show config data comes
from the startup-config file.)
Listing all ports or selected ports with their friendly port names (CLI)
Syntax:
show name [port-list]
Lists the friendly port name with its corresponding port number and port type. The show name command without
a port list shows this data for all ports on the switch.
Friendly port name data for all ports on the switch
switch(config)# show name
Port Names
Port Type Name
------ --------- ----------------------------
A1 10GbE-T
A2 10GbE-T
A3 10GbE-T Bill_Smith@10.25.101.73
A4 10GbE-T
A5 10GbE-T Draft-Server:Trunk
A6 10GbE-T Draft-Server:Trunk
A7 10GbE-T Draft-Server:Trunk
A8 10GbE-T Draft-Server:Trunk
Friendly port name data for specific ports on the switch
switch(config)# show name A3-A5
Port Names
Port : A3
Type : 10GbE-T
Name : Bill_Smith@10.25.101.73
Port : A4
Type : 10GbE-T
Name :
Port : A5
Type : 10GbE-T
Name : Draft-Server:Trunk
76 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 77
Including friendly port names in per-port statistics listings (CLI)
Syntax:
show interface <port-number>
Includes the friendly port name with the port's traffic statistics listing. A friendly port name configured to a port is
automatically included when you display the port's statistics output.
If you configure port A1 with the name "O'Connor_10.25.101.43," the show interface output for this port
appears similar to the following:
A friendly port name in a per-port statistics listing
switch(config)# show interface a1
Status and Counters - Port Counters for port A1
Name : O’Connor@10.25.101.43
MAC Address : 001871-b995ff
Link Status : Up
Totals (Since boot or last clear) :
Bytes Rx : 2,763,197 Bytes Tx : 22,972
Unicast Rx : 2044 Unicast Tx : 128
Bcast/Mcast Rx : 23,456 Bcast/Mcast Tx : 26
Errors (Since boot or last clear) :
FCS Rx : 0 Drops Tx : 0
Alignment Rx : 0 Collisions Tx : 0
Runts Rx : 0 Late Colln Tx : 0
Giants Rx : 0 Excessive Colln : 0
Total Rx Errors : 0 Deferred Tx : 0
Others (Since boot or last clear) :
Discard Rx : 0 Out Queue Len : 0
Unknown Protos : 0
Rates (5 minute weighted average) :
Total Rx (bps) : 3,028,168 Total Tx (bps) : 1,918,384
Unicast Rx (Pkts/sec) : 5 Unicast Tx (Pkts/sec) : 0
B/Mcast Rx (Pkts/sec) : 71 B/Mcast Tx (Pkts/sec) : 0
Utilization Rx : 00.30 % Utilization Tx : 00.19 %
For a given port, if a friendly port name does not exist in the running-config file, the Name line in the above
command output appears as:
Name :
Searching the configuration for ports with friendly port names (CLI)
This option tells you which friendly port names have been saved to the startup-config file. (show config does
not include ports that have only default settings in the startup-config file.)
Syntax:
show config
Includes friendly port names in a listing of all interfaces (ports) configured with non-default settings. Excludes
ports that have neither a friendly port name nor any other non-default configuration settings.
See Listing of the startup-config file with a friendly port name configured (and saved) on page 78 to
configure port A1 with a friendly port name. Notice that the command sequence saves the friendly port name for
port A1 in the startup-config file. The name entered for port A2 is not saved because it was executed after write
memory.
Chapter 3 Port Status and Configuration 77
Page 78
Listing of the startup-config file with a friendly port name configured (and saved)
switch(config)# int A1 name Print_Server@10.25.101.43
switch(config)# write mem
switch(config)# int A2 name Herbert's_PC
switch(config)# show config
Startup configuration:
; J9091A Configuration Editor; Created on release xx.15.05.xxxx
hostname "HPSwitch"
interface AQ
name "Print_Server@10.25.101.43
exit
snmp-server community "public" Unrestricted
.
.
.
Uni-directional link detection (UDLD)
Uni-directional link detection (UDLD) monitors a link between two switches and blocks the ports on both ends of
the link if the link fails at any point between the two devices. This feature is particularly useful for detecting failures
in fiber links and trunks. Figure 9: UDLD Example: on page 78 shows an Example:.
Figure 9: UDLD Example:
In this Example:, each switch load balances traffic across two ports in a trunk group. Without the UDLD feature, a
link failure on a link that is not directly attached to one of the HPE switches remains undetected. As a result, each
switch continue to send traffic on the ports connected to the failed link. When UDLD is enabled on the trunk ports
on each switch, the switches detect the failed link, block the ports connected to the failed link, and use the
remaining ports in the trunk group to forward the traffic.
Similarly, UDLD is effective for monitoring fiber optic links that use two uni-direction fibers to transmit and receive
packets. Without UDLD, if a fiber breaks in one direction, a fiber port may assume the link is still good (because
the other direction is operating normally) and continue to send traffic on the connected ports. UDLD-enabled
ports; however, will prevent traffic from being sent across a bad link by blocking the ports in the event that either
the individual transmitter or receiver for that connection fails.
78 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 79
Ports enabled for UDLD exchange health-check packets once every five seconds (the link-keepalive interval). If a
port does not receive a health-check packet from the port at the other end of the link within the keepalive interval,
the port waits for four more intervals. If the port still does not receive a health-check packet after waiting for five
intervals, the port concludes that the link has failed and blocks the UDLD-enabled port.
When a port is blocked by UDLD, the event is recorded in the switch log or via an SNMP trap (if configured); and
other port blocking protocols, like spanning tree or meshing, will not use the bad link to load balance packets. The
port will remain blocked until the link is unplugged, disabled, or fixed. The port can also be unblocked by disabling
UDLD on the port.
Configuring UDLD
When configuring UDLD, keep the following considerations in mind:
• UDLD is configured on a per-port basis and must be enabled at both ends of the link. See the note below for a
list of switches that support UDLD.
• To configure UDLD on a trunk group, you must configure the feature on each port of the group individually.
Configuring UDLD on a trunk group's primary port enables the feature on that port only.
• Dynamic trunking is not supported. If you want to configure a trunk group that contains ports on which UDLD is
enabled, you must remove the UDLD configuration from the ports. After you create the trunk group, you can
re-add the UDLD configuration.
Configuring uni-directional link detection (UDLD) (CLI)
For detailed information about UDLD, see Uni-directional link detection (UDLD) on page 78.
Syntax:
[no] interface <port-list> link-keepalive
Enables UDLD on a port or range of ports.
To disable this feature, enter the no form of the command.
Default: UDLD disabled
Syntax:
link-keepalive interval <interval>
Determines the time interval to send UDLD control packets. The interval parameter specifies how often the ports
send a UDLD packet. You can specify from 10 to 100, in 100-ms increments, where 10 is 1 second, 11 is 1.1
seconds, and so on.
Default: 50 (5 seconds)
Syntax:
link-keepalive retries <num>
Determines the maximum number of retries to send UDLD control packets. The num parameter specifies the
maximum number of times the port will try the health check. You can specify a value from 3 to 10.
Default: 5
Syntax:
[no] interface <port-list> link-keepalive vlan <vid>
Chapter 3 Port Status and Configuration 79
Page 80
Assigns a VLAN ID to a UDLD-enabled port for sending tagged UDLD control packets.Under default settings,
untagged UDLD packets can still be transmitted and received on tagged only ports; however, a warning message
is logged.
The no form of the command disables UDLD on the specified ports.
Default: UDLD packets are untagged; tagged-only ports transmit and receive untagged UDLD control packets
Enabling UDLD (CLI)
UDLD is enabled on a per-port basis.
Example:
To enable UDLD on port a1, enter:
switch(config)#interface al link-keepalive
To enable the feature on a trunk group, enter the appropriate port range. For example:
switch(config)#interface al-a4 link-keepalive
NOTE:
When at least one port is UDLD-enabled, the switch will forward out UDLD packets that arrive on
non-UDLD-configured ports out of all other non-UDLDconfigured ports in the same vlan. That is,
UDLD control packets will “pass through” a port that is not configured for UDLD. However, UDLD
packets will be dropped on any blocked ports that are not configured for UDLD.
Changing the keepalive interval (CLI)
By default, ports enabled for UDLD send a link health-check packet once every 5 seconds. You can change the
interval to a value from 10 to 100 deciseconds, where 10 is 1 second, 11 is 1.1 seconds, and so on.
Example:
To change the packet interval to seven seconds, enter the following command at the global configuration level:
switch(config)# link-keepalive interval 70
Changing the keepalive retries (CLI)
By default, a port waits 5 seconds to receive a health-check reply packet from the port at the other end of the link.
If the port does not receive a reply, the port tries four more times by sending up to four more health-check
packets. If the port still does not receive a reply after the maximum number of retries, the port goes down.
You can change the maximum number of keepalive attempts to a value from 3 to 10.
Example:
To change the maximum number of attempts to four, enter the following command at the global configuration
level:
switch(config)# link-keepalive retries 4
Configuring UDLD for tagged ports
The default implementation of UDLD sends the UDLD control packets untagged, even across tagged ports. If an
untagged UDLD packet is received by a non-HPE switch, that switch may reject the packet. To avoid such an
occurrence, you can configure ports to send out UDLD control packets that are tagged with a specified VLAN.
80 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 81
To enable ports to receive and send UDLD control packets tagged with a specific VLAN ID, enter a command
such as the following at the interface configuration level:
switch(config)#interface link-keepalive vlan 22
NOTE:
• You must configure the same VLANs that will be used for UDLD on all devices across the
network; otherwise, the UDLD link cannot be maintained.
• If a VLAN ID is not specified, UDLD control packets are sent out of the port as untagged packets.
• To re-assign a VLAN ID, re-enter the command with the new VLAN ID number. The new
command overwrites the previous command setting.
• When configuring UDLD for tagged ports, you may receive a warning message if there are any
inconsistencies with the VLAN configuration of the port.
Viewing UDLD information (CLI)
Syntax:
show link-keepalive
Displays all the ports that are enabled for link-keepalive.
Syntax:
show link-keepalive statistics
Displays detailed statistics for the UDLD-enabled ports on the switch.
Syntax:
clear link-keepalive statistics
Clears UDLD statistics. This command clears the packets sent, packets received, and transitions counters in the
show link-keepalive statistics display.
Viewing summary information on all UDLD-enabled ports (CLI)
Enter the show link-keepalive command.
Chapter 3 Port Status and Configuration 81
Page 82
Example:
Figure 10: Example: of show link-keepalive command
Viewing detailed UDLD information for specific ports (CLI)
Enter the show link-keepalive statistics command.
Example:
Figure 11: Example: of show link-keepalive statistics command
Clearing UDLD statistics (CLI)
Enter the following command:
switch# clear link-keepalive statistics
82 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 83
This command clears the packets sent, packets received, and transitions counters in the show link
keepalive statistics display (see Figure 11: Example: of show link-keepalive statistics command on
page 82 for an Example:).
Chapter 3 Port Status and Configuration 83
Page 84
Chapter 4
Power Over Ethernet (PoE/PoE+) Operation
Introduction to PoE
PoE technology allows IP telephones, wireless LAN access points, and other appliances to receive power and
transfer data over existing ethernet LAN cabling. For more information about PoE technology, see the PoE/PoE+
planning and implementation guide, which is available on the HPE Networking website at http://www.hpe.com/
networking. Enter your Switch number.
Additionally, PoE+ provides more power-management capability, allowing the switch to have more power
available for more PDs. Power can be allocated exactly and automatically according to what the PD actually
requires at a given time.
PoE terminology
Power-over-ethernet (PoE) and Power-over-ethernet plus (PoE+ or POEP) operate similarly in most cases. Any
differences between PoE and PoE+ operation are noted; otherwise, the term "PoE" is used to designate both PoE
and PoE+ functionality.
Planning and implementing a PoE configuration
This section provides an overview of some considerations for planning a PoE application. For additional
information on this topic, refer to the HPE PoE/PoE+ planning and implementation guide which is available on the
HPE Networking web site at http://www.hpe.com/networking.
Some of the elements you may want to consider for a PoE installation include:
• Port assignments to VLANs
• Use of security features
• Power requirements
This section can help you to plan your PoE installation. If you use multiple VLANs in your network, or if you have
concerns about network security, you should read the first two topics. If your PoE installation comes close to (or is
likely to exceed) the system’s ability to supply power to all devices that may request it, then you should also read
the third topic. (If it is unlikely that your installation will even approach a full utilization of the PoE power available,
then you may find it unnecessary to spend much time on calculating PoE power scenarios.)
Power requirements
To get the best PoE performance, you should provide enough PoE power to exceed the maximum amount of
power that is needed by all the PDs that are being used.
By connecting an external power supply you can optionally provision more PoE wattage per port and or supply
the switch with redundant 12V power to operate should an internal power supply fail. A Power Supply Shelf
(external power supply) can also be connected to these switches to provide extra or redundant PoE power.
See the HPE PoE/PoE+ planning and implementation guide for detailed information about the PoE/PoE+ power
requirements for your switch.
84 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 85
Assigning PoE ports to VLANs
If your network includes VLANs, you may want to assign various PoE-configured ports to specific VLANs. For
example, if you are using PoE telephones in your network, you may want to assign ports used for telephone
access to a VLAN reserved for telephone traffic.
Applying security features to PoE configurations
You can utilize security features built into the switch to control device or user access to the network through PoE
ports in the same way as non-PoE ports.
MAC Address Security: Using Port Security, you can configure each switch port with a unique list of MAC
addresses for devices that are authorized to access the network through that port. For more information, refer to
the titled “Configuring and Monitoring Port Security” in the access security guide for your switch.
Assigning priority policies to PoE traffic
You can use the configurable QoS (Quality of Service) features in the switch to create prioritization policies for
traffic moving through PoE ports. The available classifiers and their order of precedence are show in the table
below.
Table 8: Classifiers for prioritizing outbound packets
Priority QoS classifier
1 UDP/TCP application type (port)
2 Device priority (destination or source IP address)
3 IP type of service (ToS) field (IP packets only)
4 VLAN priority
5 Incoming source-port on the switch
6 Incoming 802.1 priority (present in tagged VLAN environments)
For more on this topic, refer to the titled “Quality of Service: Managing Bandwidth More Effectively” in the
Advanced Traffic Management Guide for your switch.
PoE Event Log messages
Please see the event log message reference guide for information about Event Log messages. To see these
manuals, go to http://www.hpe.com/networking. Auto search the model number for your switch, for Example:
“HPE Switch 2530”, then select the device from the list and click on Product manuals. Click on the “User guide”
link under Manuals.
About PoE operation
Using the commands described in this chapter, you can:
• Enable or disable PoE operation on individual ports.
• Monitor PoE status and performance per module.
Chapter 4 Power Over Ethernet (PoE/PoE+) Operation 85
Page 86
• Configure a non-default power threshold for SNMP and Event Log reporting of PoE consumption on either all
PoE ports on the switch or on all PoE ports in one or more PoE modules.
• Specify the port priority you want to use for provisioning PoE power in the event that the PoE resources
become oversubscribed.
Power-sourcing equipment (PSE) detects the power needed by a powered device (PD) before supplying that
power, a detection phase referred to as "searching." If the PSE cannot supply the required amount of power, it
does not supply any power. For PoE using a Type 1 device, a PSE will not supply any power to a PD unless the
PSE has at least 17 watts available. For example, if a PSE has a maximum available power of 382 watts and is
already supplying 378 watts, and is then connected to a PD requiring 10 watts, the PSE will not supply power to
the PD.
For PoE+ using Type 2 devices, the PSE must have at least 33 watts available.
Configuration options
In the default configuration, PoE support is enabled on the ports in a PoE module installed on the switch. The
default priority for all ports is low and the default power notification threshold is 80%. Using the CLI, you can:
• Disable or re-enable PoE operation on individual PoE ports
• Enable support for pre-standard devices
• Change the PoE priority level on individual PoE ports
• Change the threshold for generating a power level notice
• Manually allocate the amount of PoE power for a port by usage, value, or class
• Allocate PoE power based on the link-partner’s capabilities via LLDP
NOTE:
The ports support standard networking links and PoE links. You can connect either a non-PoE device
or a PD to a port enabled for PoE without reconfiguring the port.
PD support
To best utilize the allocated PoE power, spread your connected PoE devices as evenly as possible across
modules. Depending on the amount of power delivered to a PoE module, there may or may not always be enough
power available to connect and support PoE operation on all ports in the module. When a new PD connects to a
PoE module and the module does not have enough power left for that port, if the new PD connects to a port "X"
that has a:
• Higher
PoEpriority than another port "Y" that is already supporting another PD, the power is removed from port "Y"
and delivered to port "X." In this case the PD on port "Y" loses power and the PD on port "X" receives power.
• Lower
priority than all other PoE ports currently providing power to PDs, power is not supplied to port "X" until one or
more PDs using higher priority ports are removed.
In the default configuration (usage), when a PD connects to a PoE port and begins operating, the port retains
only enough PoE power to support the PD's operation. Unused power becomes available for supporting other PD
connections. However, if you configure the poe-allocate-by option to either value or class, all of the power
configured is allocated to the port.
86 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 87
For PoE (not PoE+), while 17 watts must be available for a PoE module on the switch to begin supplying power to
a port with a PD connected, 17 watts per port is not continually required if the connected PD requires less power.
For example, with 20 watts of PoE power remaining available on a module, you can connect one new PD without
losing power to any connected PDs on that module. If that PD draws only 3 watts, 17 watts remain available, and
you can connect at least one more PD to that module without interrupting power to any other PoE devices
connected to the same module. If the next PD you connect draws 5 watts, only 12 watts remain unused. With only
12 unused watts available, if you then connect yet another PD to a higher-priority PoE port, the lowest-priority port
on the module loses PoE power and remains unpowered until the module once again has 17 or more watts
available. (For information on power priority, see Power priority operation on page 87.)
For PoE+, there must be 33 watts available for the module to begin supplying power to a port with a PD
connected.
Disconnecting a PD from a PoE port makes that power available to any other PoE ports with PDs waiting for
power. If the PD demand for power becomes greater than the PoE power available, power is transferred from the
lower-priority ports to the higher-priority ports. (Ports not currently providing power to PDs are not affected.)
Power priority operation
If a PSE can provide power for all connected PD demand, it does not use its power priority settings to allocate
power. However, if the PD power demand oversubscribes the available power, the power allocation is prioritized
to the ports that present a PD power demand. This causes the loss of power from one or more lower-priority ports
to meet the power demand on other, higher-priority ports. This operation occurs regardless of the order in which
PDs connect to the module's PoE-enabled ports.
Power allocation is prioritized according to the following methods:
• Priority class methodAssigns a power priority of low (the default), high, or critical to each enabled PoE port.
• Port-number priority methodA lower-numbered port has priority over a higher-numbered port within the same
configured priority class, for example, port A1 has priority over port A5 if both are configured with high priority.
Configuring PoE operation
Disabling or re-enabling PoE port operation
Syntax:
[no] interface <port-list> power-over-ethernet
Re-enables PoE operation on <port-list> and restores the priority setting in effect when PoE was disabled on
<port-list>.
The no form of the command disables PoE operation on <port-list>.
Default: All PoE ports are initially enabled for PoE operation at Low priority. If you configure a higher priority, this
priority is retained until you change it.
NOTE:
For PoE, disabling all ports allows the 22 watts of minimum PoE power or the 38 watts for PoE+
power allocated for the module to be recovered and used elsewhere. You must disable ALL ports for
this to occur.
Enabling support for pre-standard devices
The HPE switches covered in this guide also support some pre-802.3af devices. For a list of the supported
devices, see the FAQ for your switch model.
Chapter 4 Power Over Ethernet (PoE/PoE+) Operation 87
Page 88
Syntax:
[no] power-over-ethernet pre-std-detect
Detects and powers pre-802.3af standard devices.
NOTE:
The default setting for the pre-std-detect PoE parameter has changed.
Configuring the PoE port priority
Syntax:
interface <port-list> power-over-ethernet [critical | high | low]
Reconfigures the PoE priority level on <port-list>. For a given level, ports are prioritized by port number in
ascending order. For example, if ports 1-24 have a priority level of critical, port 1 has priority over ports 2-24.
If there is not enough power available to provision all active PoE ports at a given priority level, the lowestnumbered port at that level is provisioned first. For chassis switches, the lowest-numbered port at that level
starting with module A, then B, C, and so on is provisioned. PoE priorities are invoked only when all active PoE
ports cannot be provisioned (supplied with PoE power)
Critical
High
Low
The following table shows some examples of PoE priority configuration.
Specifies the highest-priority PoE support for <port-list>. The active PoE ports at this level are
provisioned before the PoE ports at any other level are provisioned.
Specifies the second priority PoE support for <port-list>. The active PoE ports at this level are
provisioned before the Low priority PoE ports are provisioned.
(Default) Specifies the third priority PoE support for <port-list>. The active PoE ports at this level
are provisioned only if there is power available after provisioning any active PoE ports at the
higher priority levels.
88 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 89
Table 9: PoE priority operation on a PoE module
Port Priority setting Configuration command1 and resulting operation with PDs connected
to ports C3 through C24
C3 - C17
C18 - C21
Critical
high
In this Example:, the following CLI command sets ports C3 to C17 to
Critical:
switch(config)# interface c3-c17 power-over-ethernet
critical
The critical priority class always receives power. If there is not enough
power to provision PDs on all ports configured for this class, no power goes
to ports configured for high and low priority. If there is enough power to
provision PDs on only some of the critical-priority ports, power is allocated to
these ports in ascending order, beginning with the lowest-numbered port in
the class, which, in this case, is port 3.
In this Example:, the following CLI command sets ports C19 to C22 to high:
switch(config)# interface c19-c22 power-over-ethernet
high
The high priority class receives power only if all PDs on ports with a critical
priority setting are receiving power. If there is not enough power to provision
PDs on all ports with a high priority, no power goes to ports with a low
priority. If there is enough power to provision PDs on only some of the highpriority ports, power is allocated to these ports in ascending order, beginning,
in this Example:, with port 18, until all available power is in use.
C22 - C24
low
In this Example:, the CLI command sets ports C23 to C24 to low2:
switch(config)# interface c23-c24 power-over-ethernet
low
This priority class receives power only if all PDs on ports with high and
critical priority settings are receiving power. If there is enough power to
provision PDs on only some low- priority ports, power is allocated to the ports
in ascending order, beginning with the lowest-numbered port in the class
(port 22, in this case), until all available power is in use.
C1 - C2
N/A
In this Example:, the CLI command disables PoE power on ports C1 to C2:
switch(config)# no interface c1-c2 power-over-ethernet
There is no priority setting for the ports in this Example:.
1
For a listing of PoE configuration commands with descriptions, see
2
In the default PoE configuration, the ports are already set to
Configuring PoE operation.
low priority. In this case, the command is not necessary.
Controlling PoE allocation
Syntax:
[no] int <port-list> poe-allocate-by [usage | class | value]
Allows you to manually allocate the amount of PoE power for a port by either its class or a defined value.
Chapter 4 Power Over Ethernet (PoE/PoE+) Operation 89
Page 90
The default option for PoE allocation is usage, which is what a PD attached to the port is allocated. You can
override this value by specifying the amount of power allocated to a port by using the class or value options.
usage
class
value
(Default) The automatic allocation by a PD.
Uses the power ramp-up signature of the PD to identify which power class the device will be in.
Classes and their ranges are shown in the following table.
A user-defined level of PoE power allocated for that port.
NOTE: The allowable PD requirements are lower than those specified for PSEs to allow for power
losses along the Cat-5 cable.
Table 10: Power classes and their values
Power class Value
0 Depends on cable type and PoE architecture. Maximum power level output of 15.4 watts at the
PSE.This is the default class; if there is not enough information about the load for a specific
classification, the PSE classifies the load as class 0 (zero).
1 Requires at least 4 watts at the PSE.
2 Requires at least 7 watts at the PSE.
3 15.4 watts
4 For PoE+Maximum power level output of 30 watts at the PSE.
Example:
To allocate by class for ports 6 to 8:
switch(config)# int 6-8 PoE-allocate-by class
Manually configuring PoE power levels
You can specify a power level (in watts) allocated for a port by using the value option. This is the maximum
amount of power that will be delivered.
To configure a port by value:
Procedure
1. Set the PoE allocation by entering the poe-allocate-by value command:
switch(config) # int A6 poe-allocate-by value
2. or in interface context:
switch(eth-A6) # poe-allocate-by value
90 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 91
3. Select a value:
switch(config) # int A6 poe-value 15
4. or in interface context:
switch(eth-A6) # poe-value 15
Chapter 4 Power Over Ethernet (PoE/PoE+) Operation 91
Page 92
To view the settings, enter the show power-over-ethernet command, shown in Figure 12: PoE allocation
by value and the maximum power delivered on page 92.
Figure 12: PoE allocation by value and the maximum power delivered
switch(config)# show power-over-ethernet A6
Status and Counters - Port Power Status for port A7
Power Enable : Yes
LLDP Detect : enabled
Priority : low Configured Type :
AllocateBy : value Value : 15 W
Detection Status : Delivering Power Class : 2
Over Current Cnt : 0 MPS Absent Cnt : 0
Power Denied Cnt : 0 Short Cnt : 0
Voltage : 55.1 V Current : 154 mA
Power : 8.4 W
Maximum power delivered.
If you set the PoE maximum value to less than what the PD requires, a fault occurs, as shown in Figure 13: PoE
power value set too low for the PD on page 92.
Figure 13: PoE power value set too low for the PD
switch(config)# int A7 poe-value 4
switch(config)# show power-over-ethernet A7
Status and Counters - Port Power Status for port A7
Power Enable : Yes
LLDP Detect : enabled
Priority : low Configured Type :
AllocateBy : value Value : 4 W
Detection Status : fault Power Class : 2
Over Current Cnt : 1 MPS Absent Cnt : 0
Power Denied Cnt : 2 Short Cnt : 0
Voltage : 55.1 V Current : 154 mA
Power : 8.4 W
‘Fault’ appears when the PoE power value is set too low.
Changing the threshold for generating a power notice
By default, PoE support is enabled on the switch’s 10/100Base-TX ports, with the power priority set to Low and
the power threshold set to 80 (%). The following commands allow you to adjust these settings.
Syntax:
power threshold <1-99>
92 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 93
The power threshold is a configurable percentage of the total PoE power available on the switch. When PoE
consumption exceeds the threshold, the switch automatically generates an SNMP trap and also sends a message
to the Event Log. For example, if the power threshold is set to 80% (the default), and an increasing PoE power
demand crosses this threshold, the switch sends an SNMP trap and generates this Event Log message:
PoE usage has exceeded threshold of 80 %.
If the switch is configured for debug logging, it also sends the same message to the configured debug
destination(s).
The switch automatically invokes the power threshold at the global configuration level with a default setting of
80%. You can configure the power threshold to a value in the range of 1% to 99%.
If an increasing PoE power load (1) exceeds the configured power threshold (which triggers the log message and
SNMP trap), and then (2) later begins decreasing and drops below the threshold again, the switch generates
another SNMP trap, plus a message to the Event Log and any configured Debug destinations. To continue the
above Example:
PoE usage is below configured threshold of 80 %.
Cycling power on a port
Simply disabling a PoE port does not affect power delivery through that port. To cycle the power on a PD receiving
power from a PoE port on the switch, disable, then re-enable the power to that port.
Syntax:
[no] interface [e] <port-list> power
Re-enables PoE operation on <port-list> and restores the priority setting in effect when PoE was disabled on
<port-list>. The [no] form of the command disables PoE operation on <port-list>. (Default: All 10/100Base-TX
ports on the switch enabled for PoE operation at Low priority.)
For example, to cycle the power on a PoE device connected to port 1 on a switch covered in this guide:
switch(config)# no interface 1 power
switch(config)# interface 1 power
PoE/PoE+ allocation using LLDP information
LLDP with PoE
When using PoE, enabling poe-lldp-detect allows automatic power configuration if the link partner supports
PoE. When LLDP is enabled, the information about the power usage of the PD is available, and the switch can
then comply with or ignore this information. You can configure PoE on each port according to the PD (IP phone,
wireless device, and so on) specified in the LLDP field. The default configuration is for PoE information to be
ignored if detected through LLDP.
NOTE:
Detecting PoE information via LLDP affects only power delivery; it does not affect normal Ethernet
connectivity.
Enabling or disabling ports for allocating power using LLDP
Syntax:
int <port-list> poe-lldp-detect [enabled | disabled]
Enables or disables ports for allocating PoE power based on the link-partner's capabilities via LLDP.
Chapter 4 Power Over Ethernet (PoE/PoE+) Operation 93
Page 94
Default: Disabled
Example:
You can enter this command to enable LLDP detection:
switch(config) # int A7 poe-lldp-detect enabled
or in interface context:
switch(eth-A7) # poe-lldp-detect enabled
For more information on PoE/PoE+ and LLDP, see PoE/PoE+ allocation using LLDP information on page 93.
Enabling PoE detection via LLDP TLV advertisement
Use this command and insert the desired port or ports:
switch(config) # lldp config <port-number> medTlvenable poe
For more information on LLDP, see
PoE/PoE+ allocation using LLDP information on page 93.
LLDP with PoE+
Overview
The DLC for PoE provides more exact control over the power requirement between a PSE and PD. The DLC
works in conjunction with the PLC and is mandatory for any Type-2 PD that requires more than 12.95 watts of
input power.
NOTE:
DLC is defined as part of the IEEE 802.3at standard.
You can implement the power negotiation between a PSE and a PD at the physical layer or at the data link layer.
After the link is powered at the physical layer, the PSE can use LLDP to query the PD repeatedly to discover the
power needs of the PD. Communication over the data link layer allows finer control of power allotment, which
makes it possible for the PSE to supply dynamically the power levels needed by the PD. Using LLDP is optional
for the PSE but mandatory for a Type 2 PD that requires more than 12.95 watts of power.
If the power needed by the PD is not available, that port is shut off.
PoE allocation
There are two ways LLDP can negotiate power with a PD:
• Using LLDP MED TLVs
Disabled by default. Can be enabled using the int <port-list> PoE-lldp-detect [enable|
disable] command, as shown below.LLDP MED TLVs sent by the PD are used to negotiate power only if
the LLDP PoE+ TLV is disabled or inactive; if the LLDP PoE+ TLV is sent as well (not likely), the LLDP MED
TLV is ignored.
• Using LLDP PoE+ TLVs
Enabled by default. The LLDP PoE+ TLV is always advertised unless it has been disabled (enable it by using
the lldp config <port-list> dot3TlvEnable poe_config command.)For the Command syntax,
Initiating advertisement of PoE+ TLVs on page 95. It always takes precedence over the LLDP MED
see
TLV.
Enabling PoE-lldp-detect allows the data link layer to be used for power negotiation. When a PD requests
power on a PoE port, LLDP interacts with PoE to see if there is enough power to fulfill the request. Power is set at
94 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 95
the level requested. If the PD goes into power-saving mode, the power supplied is reduced; if the need for power
increases, the amount supplied is increased. PoE and LLDP interact to meet the current power demands.
Syntax:
int <port-list> poe-lldp-detect [enabled | disabled]
Allows the data link layer to be used for power negotiation between a PD on a PoE port and LLDP.
Default: Disabled
Example:
You can enter this command to enable LLDP detection:
switch(config) # int 7 PoE-lldp-detect enabled
or in interface context:
switch(eth-7) # PoE-lldp-detect enabled
NOTE:
Detecting PoE information via LLDP affects only power delivery; it does not affect normal Ethernet
connectivity.
You can view the settings by entering the show power-over-ethernet brief command, as shown in Port
with LLDP configuration information obtained from the device on page 95.
Port with LLDP configuration information obtained from the device
switch(config)# show power-over-ethernet brief
Status and Counters - Port Power Status
POE | Power Power Alloc Alloc Actual Configured Detection Power
Port | Enable Priority By Power Power Type Status Class
----- + ------- --------- ----- ------ ------ ----------- ----------- ----
A1 | Yes low usage 17 W 0.0 W Phone1 Delivering 1
A2 | Yes low usage 17 W 0.0 W Searching 0
A3 | Yes low usage 17 W 0.0 W Searching 0
A4 | Yes low usage 17 W 0.0 W Searching 0
A5 | Yes low usage 17 W 0.0 W Searching 0
A6 | Yes low usage 17 W 8.4 W Delivering 0
Initiating advertisement of PoE+ TLVs
Syntax:
lldp config <port-list> dot3TlvEnable poe_config
Enables advertisement of data link layer power using PoE+ TLVs. The TLV is processed only after the physical
layer and the data link layer are enabled. The TLV informs the PSE about the actual power required by the device.
Default: Enabled
Chapter 4 Power Over Ethernet (PoE/PoE+) Operation 95
Page 96
NOTE:
If LLDP is disabled at runtime, and a PD is using PoE+ power that has been negotiated through
LLDP, there is a temporary power drop; the port begins using PoE+ power through the PLC. This
event is recorded in the Event Log. An Example: message would look like the following:
W 08/04/13 13:35:50 02768 ports: Port A1 PoE power dropped.
Exceeded physical classification for a PoE Type1 device (LLDP process
disabled)
When LLDP is enabled again, it causes a temporary power drop. This event is also recorded in the
Event Log. An Example: message looks like the following:
W 08/04/13 13:36:31 02771 ports: Port A1 PoE power dropped.
Exceeded physical classification due to change in classification type (LLDP
process enabled)
Viewing PoE when using LLDP information
Syntax:
show lldp config <port-list>
Displays the LLDP port configuration information, including the TLVs advertised.
LLDP port configuration information with PoE
switch(config)# show lldp config 4
LLCP Port Configuration Detail
Port : 4
AdminStatus [Tx_Rx] : Tx_Rx
NotificationsEnabled [False] : False
Med Topology Trap Enabled [False] : False
TLVS Advertised:
* port_descr
* system_name
* system_descr
* system_cap
* capabilities
* network_policy
* location_id
* poe
* macphy_config
* poeplus_config
IpAddress Advertised:
Local power information on page 96 shows an Example: of the local device power information using the show
lldp info local-device <port-list> command.
Local power information
switch(config)# show lldp info local-device A1
96 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 97
LLCP Local Port Information Detail
Port : A1
PortType : local
PortId : 1
PortDesc : A1
Pvid : 1
Poe Plus Information Detail
Poe Device Type : Type2 PSE
Power Source : Primary
Power Priority : low
PD Requested Power Value : 20 Watts
PSE Actual Power Value : 20 Watts
Remote power information on page 97 shows the remote device power information using the show lldp
info remote-device <port-list> command.
Remote power information
switch(config)# show lldp info remote-device A3
LLCP Remote Device Information Detail
Local Port : A3
ChassisType : mac-address
ChassisId : 00 16 35 ff 2d 40
PortType : local
PortId : 23
SysName : HPSwitch
System Descr : HP Switch, revision YA.14.xx
PortDescr : 23
Pvid : 55
System Capabilities Supported : bridge, router
System Capabilities Enabled : bridge
Remote Management Address
Type : ipv4
Address : 10.0.102.198
Poe Plus Information Detail
Poe Device Type : Type2 PD
Power Source : Only PSE
Power Priority : low
PD Requested Power Value : 20 Watts
PSE Actual Power Value : 20 Watts
Operation note
The advertisement of power with TLVs for LLDP PoE+ is enabled by default. If LLDP is disabled at runtime and a
PD is using PoE+ power that has been negotiated through LLDP, there will be a temporary power drop. The port
will begin using PoE+ power through the PLC. This event is recorded in the event log. An Example: message
would look like the following:
W 08/04/13 13:35:50 02768 ports: Port A1 PoE power dropped.
Exceeded physical classification for a PoE Type1 device
(LLDP process disabled)
Chapter 4 Power Over Ethernet (PoE/PoE+) Operation 97
Page 98
When LLDP is enabled again, it causes a temporary power drop. This event is also recorded in the event log. An
Example: message looks like the following:
W 08/04/13 13:36:31 02771 ports: Port A1 PoE power dropped.
Exceeded physical classification due to change in
classification type (LLDP process enabled)
Viewing the global PoE power status of the switch
Syntax:
show power-over-ethernet
Displays the switch's global PoE power status, including:
• Pre-standard Detect
Shows whether PoE for pre-802.3af-standard powered devices is enabled on the switch. (Default: Off; shows
On when PoE for pre-802.3af-standard powered devices has been enabled.)
• Operational Status
Indicates whether PoE power is available on the switch. (Default: On; shows Off if PoE power is not available.
Shows Faulty if internal or external PoE power is oversubscribed or faulty.)
• Usage Threshold (%)
Lists the configured percentage of available PoE power provisioning the switch must exceed to generate a
usage notice in the form of an Event Log message and an SNMP trap. If this event is followed by a drop in
power provisioning below the threshold, the switch generates another SNMP trap and Event Log message.
Event Log messages are also sent to any optionally configured debug destinations. (Default: 80%)
• Total Available Power
Lists the maximum PoE wattage available to provision active PoE ports on the switch. This is the amount of
usable power for PDs.
• Total Failover Power
Lists the amount of PoE power available in the event of a single power supply failure. This is the amount of
power the switch can maintain without dropping any PDs.
• Total Redundancy Power
Indicates the amount of PoE power held in reserve for redundancy in case of a power supply failure.
• Total Remaining Power
The amount of PoE power still available.
brief Displays PoE information for each port. See Viewing PoE status on all ports on page 99.
<port-
list>
Displays PoE information for the ports in port-list. See Viewing the PoE status on specific
ports on page 101.
The show power-over-ethernet displays data similar to that shown in Output for the show power-overethernet command on page 99.
98 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Page 99
Output for the show power-over-ethernet command
switch(config)# show power-over-ethernet
Status and Counters - System Power Status
Pre-standard Detect : On
System Power Status : No redundancy
PoE Power Status : No redundancy
Chassis power-over-ethernet
Total Available Power : 600 W
Total Failover Power : 300 W
Total Redundancy Power : 0 W
Total Used Power : 9 W +/- 6W
Total Remaining Power : 591 W
Internal Power
1 300W/POE /Connected.
2 300W/POE /Connected.
3 Not Connected.
4 Not Connected.
External Power
EPS1 /Not Connected.
EPS2 /Not Connected.
Viewing PoE status on all ports
Syntax:
show power-over-ethernet brief
Displays the port power status:
PoE Port
Power Enable
Power Priority
Alloc by
Alloc Power
Actual Power
Configured Type
Lists all PoE-capable ports on the switch.
Shows Yes for ports enabled to support PoE (the default) and No for ports on which PoE is
disabled.
Lists the power priority (Low, High, and Critical) configured on ports enabled for PoE. (For
more information on this topic, see Configuring PoE operation on page 87.)
Displays how PoE is allocated (usage, class, value).
The maximum amount of PoE power allocated for that port (expressed in watts).Default: 17
watts for PoE; 33 watts for PoE+.
The power actually being used on that port.
If configured, shows the user-specified identifier for the port. If not configured, this field is
empty.
Table Continued
Chapter 4 Power Over Ethernet (PoE/PoE+) Operation 99
Page 100
Detection Status
• Searching: The port is trying to detect a PD connection.
• Delivering: The port is delivering power to a PD.
• Disabled: On the indicated port, either PoE support is disabled or PoE power is enabled
but the PoE module does not have enough power available to supply the port's power
needs.
• Fault: The switch detects a problem with the connected PD.
• Other Fault: The switch has detected an internal fault that prevents it from supplying
power on that port.
Power Class
The show power-over-ethernet brief displays this output:
Output for the show power-over-ethernet brief command
switch(config)# show power-over-ethernet brief
Status and Counters - System Power Status
System Power Status : No redundancy
PoE Power Status : No redundancy
Available: 600 W Used: 9 W Remaining: 591 W
Module A Power
Available: 408 W Used: 9 W Remaining: 399 W
Shows the 802.3af power class of the PD detected on the indicated port. Classes include:
0: 0.44 to 12.95 watts can be drawn by the PD. Default class.
1: 0.44 to 3.84 watts
2: 3.84 to 6.49 watts
3: 6.49 to 12.95 watts
4: For PoE+; up to 25.5 watts can be drawn by the PD
POE | Power Power Alloc Alloc Actual Configured Detection Power
Port | Enable Priority By Power Power Type Status Class
----- + ------- --------- ----- ------ ------ ----------- ---------- --- A1 | Yes low usage 17 W 0.0 W Searching 0
A2 | Yes low usage 17 W 0.0 W Searching 0
A3 | Yes low usage 17 W 0.0 W Searching 0
A4 | Yes low usage 17 W 0.0 W Searching 0
A5 | Yes low usage 17 W 0.0 W Searching 0
A6 | Yes low usage 17 W 8.4 W Delivering 2
A7 | Yes low usage 17 W 0.0 W Searching 0
A8 | Yes low usage 17 W 0.0 W Searching 0
A9 | Yes low usage 17 W 0.0 W Searching 0
You can also show the PoE information by slot:
Showing the PoE information by slot
switch(config)# show power-over-ethernet slot A
Status and Counters - System Power Status for slot A
100 Aruba 2530 Management and Configuration Guide for
ArubaOS-Switch 16.05
Loading...