HP (Hewlett-Packard) GbE2c User Manual

0 (0)

HP GbE2c Layer 2/3 Ethernet Blade Switch for c-Class BladeSystem

User Guide

Part Number 440948-001

December 2006 (First Edition)

The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

Microsoft, Windows, and Windows NT are U.S. registered trademarks of Microsoft Corporation. Windows Server 2003 is a trademark of Microsoft Corporation. Intel, Pentium, and Itanium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. UNIX is a registered trademark of The Open Group.

Audience assumptions

This document is for the person who installs, administers, and troubleshoots servers and storage systems. HP assumes you are qualified in the servicing of computer equipment and trained in recognizing hazards in products with hazardous energy levels.

Introduction..................................................................................................................................	6
Overview .................................................................................................................................................	6
Additional references.................................................................................................................................	6
Features ...................................................................................................................................................	6
Enterprise class performance.............................................................................................................	6
Switch redundancy ..........................................................................................................................	8
Configuration and management ........................................................................................................	8
Diagnostic tools...............................................................................................................................	9
Switch architecture ....................................................................................................................................	9
Port Mapping..................................................................................................................................	9
Dual switches..................................................................................................................................	9
Redundant crosslinks........................................................................................................................	9
Redundant paths to server bays .......................................................................................................	10
Supported technologies............................................................................................................................	10
Layer 2 switching ..........................................................................................................................	10
Layer 3 switching ..........................................................................................................................	10
IEEE 802.1 Q-based VLAN.............................................................................................................	10
Spanning Tree Protocol ..................................................................................................................	11
SNMP..........................................................................................................................................	11
Port mirroring................................................................................................................................	11
Port trunking and load balancing.....................................................................................................	11
TFTP support .................................................................................................................................	12
Store and forward switching scheme................................................................................................	12
BOOTP ........................................................................................................................................	12
NTP .............................................................................................................................................	12
RADIUS........................................................................................................................................	12
TACACS+ ....................................................................................................................................	13
SSH and SCP................................................................................................................................	13
XModem ......................................................................................................................................	13
IGMP Snooping ............................................................................................................................	14
Jumbo frames................................................................................................................................	14
Auto-MDI/MDIX ............................................................................................................................	14
Auto-negotiation of duplex mode and speed .....................................................................................	14
Redundant images in firmware ........................................................................................................	14
Component identification.............................................................................................................	15
GbE2c Layer 2/3 front panel ...................................................................................................................	15
Installing the switch .....................................................................................................................	16
Planning the switch configuration ..............................................................................................................	16
Default settings..............................................................................................................................	16
Switch security ..............................................................................................................................	17
Manually configuring a switch ........................................................................................................	18
Configuring multiple switches..........................................................................................................	18
Installing the switch..................................................................................................................................	19
Preparing for installation ................................................................................................................	19
Installing the switch........................................................................................................................	19
Contents	3

Accessing the switch................................................................................................................................	20
Logging on and configuring the switch.......................................................................................................	21
Installing SFP transceivers .........................................................................................................................	21
Supporting software and special considerations ..........................................................................................	22
Replacing a switch......................................................................................................................	23
Replacing an existing switch .....................................................................................................................	23
Regulatory compliance notices .....................................................................................................	25
Class A equipment ..................................................................................................................................	25
Modifications..........................................................................................................................................	25
Cables...................................................................................................................................................	25
Canadian notice .....................................................................................................................................	25
European Union regulatory notice .............................................................................................................	25
BSMI notice ............................................................................................................................................	26
Japanese class A notice ...........................................................................................................................	26
Korean class A notice ..............................................................................................................................	26
Laser compliance ....................................................................................................................................	27
Technical specifications ...............................................................................................................	28
General specifications .............................................................................................................................	28
Runtime switching software default settings .................................................................................................	29
General default settings..................................................................................................................	29
Port names, VLANs, STP, trunking default settings ..............................................................................	35
Physical and environmental specifications...................................................................................................	36
Performance specifications .......................................................................................................................	36
Performing a serial download ......................................................................................................	38
Introduction ............................................................................................................................................	38
Serial upgrade of boot code firmware image procedure...............................................................................	38
Serial upgrade of operating system firmware procedure...............................................................................	40
SNMP MIBs support ....................................................................................................................	43
MIB overview..........................................................................................................................................	43
SNMP Manager software.........................................................................................................................	43
Supported MIBs ......................................................................................................................................	44
Supported traps ......................................................................................................................................	44
Electrostatic discharge.................................................................................................................	46
Preventing electrostatic discharge ..............................................................................................................	46
Grounding methods to prevent electrostatic discharge..................................................................................	46
RJ-45 pin specification.................................................................................................................	47
Standard RJ-45 receptacle/connector ........................................................................................................	47
Troubleshooting ..........................................................................................................................	48
Forgotten administrator user name and password that was configured on the switch ........................................	48
Health LED on the switch is not on .............................................................................................................	48
Health LED on the switch stays amber for more than 30 seconds and switch does not boot ...............................	49
No link LED appears, even after plugging the Category 5 cable in the RJ-45 connector of the external port ........	49
Cannot access the switch serial console interface using null modem connection from a PC Terminal Emulation
Program.................................................................................................................................................	49
Error message that the switch failed to complete the system self-testing appears on the serial console screen .......	50
The switch fails to get its IP settings from the BOOTP server, even though by default it is configured for BOOTP...	50
The keyboard locks up when using HyperTerminal to log on to the switch through the console interface .............	50
Cannot connect to the switch console interface remotely using Telnet .............................................................	50
Contents	4

Password is not accepted by the switch using the remote console interface immediately after a reboot ...............	51
Cannot connect to the switch console interface remotely using SSH................................................................	51
Cannot connect to the switch SNMP interface .............................................................................................	51
The port activity LEDs continuously indicate activity after connecting more than one port to another switch or
destination device ...................................................................................................................................	51
Cannot connect to the switch remotely using the Web interface.....................................................................	52
Cannot enable a port in multiple VLANs while configuring VLANS.................................................................	52
The switch does not let the user enable two adjacent ports into two different VLANs while assigning the ports to
VLANs ...................................................................................................................................................	52
While using TFTP to download firmware, the switch fails to connect to the TFTP server, or after connection the
download fails........................................................................................................................................	53
The switch fails to connect to the TFTP server while using TFTP to download or upload a configuration file, or after
connection the download or upload fails ....................................................................................................	53
The console screen displays a message to change the baud rate for the terminal emulation session for XModem
transfer after forcing the switch into the download mode, and does not display CCCC.....................................	54
The download fails after starting to download the firmware file .....................................................................	54
The switch configuration is corrupt.............................................................................................................	54
Acronyms and abbreviations........................................................................................................	55
Index.........................................................................................................................................	59

Contents 5

Introduction

In this section
Overview ................................................................................................................................................	6
Additional references................................................................................................................................	6
Features ..................................................................................................................................................	6
Switch architecture ...................................................................................................................................	9
Supported technologies...........................................................................................................................	10

Overview

This user guide provides installation and reference information for the HP GbE2c Layer 2/3 Ethernet Blade Switch for c-class BladeSystem.

Additional references

Configure the switch after installation. Detailed information about how to configure the switch is available in the reference guides listed below. To obtain these guides, see the HP website (http://www.hp.com/go/bladesystem/documentation).

•HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Application Guide

•HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Command Reference Guide

•HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Browser-based Interface Reference Guide

•HP GbE2c Layer 2/3 Ethernet Blade Switch for c-Class BladeSystem Quick Setup Instructions

The HP GbE2c Layer 2/3 Ethernet Blade Switch for c-Class BladeSystem interconnect kit contains one switch.

The switch uses Gigabit Layer 2/3 switching technology to provide between 16-to-1 to 16-to-5 reduction in the number of networking cables per BL c-Class server blade enclosure.

Each switch reduces sixteen server networking ports to one to five uplink Gigabit ports.

Features

The switch is designed for easy installation and high performance in an environment where traffic on the network and the number of users increases continually.

Enterprise class performance

The switch features include:

•Up to a 16-to-1 reduction in networking cables and connections, concentration of sixteen Gigabit Ethernet server ports down to as little as one Gigabit Ethernet port, or up to five Gigabit Ethernet uplink ports for additional bandwidth and redundant connections to the network backbone

•Fully supported on the HP c-Class BladeSystem server blade enclosure and infrastructure compatible with any combination of HP c-Class BladeSystem server blades

Introduction 6

•Ability to replace an existing switch without having to power down the server blades or the server blade enclosure

•Pre-configured for immediate use with the HP c-Class BladeSystem server blade enclosure

•System security including SSH, SCP, 255 port-based IEEE 802.1Q tagged VLANs per switch, RADIUS user authentication and authorization, or TACACS+ AAA

•An extensive list of industry standard protocol support, compatible with widely-used networking components

•9K jumbo frames that improve performance by increasing application throughput and decreasing server processor utilization

•Robust configuration and management from any switch port using the included browser-based and scriptable command line user interfaces

•Support for Telnet, SNMP, SCP, FTP, and TFTP file transfer, human read/write configuration file, XModem, and an extensive list of MIB objects further enhance the management capabilities

•Fully redundant end-to-end architecture maximizing server availability from the network

•Support for IGMP snooping for multicasting

•Support for UFD for network path resiliency. It works in conjunction with NIC teaming functionality that is supported on the blade servers. This feature tracks the link state on uplink ports. When an uplink port goes down or is in STP blocking state, this feature will enable the switch to auto disable the downlinks which are connected to the blade server NICs. This enables NIC teaming software to detect link failure on the primary NIC port and fail over to the secondary NIC in the team. As a result, the secondary path is enabled for continued blade server access.

When used in conjunction with UFD, NIC teams on the blade server must be configured for switch redundancy. That is, the team will span ports on both Switch 1 and Switch 2. See the HP network adapter teaming: load balancing in ProLiant servers running Microsoft Windows operating systems white paper for additional information. To locate this white paper:

a.Go to the HP website (http://www.hp.com/support).

b.Enter "nic" in the product search box.

c.A product list displays. Select one of the NIC products.

d.Select the "Manuals" link to display the documentation list. This white paper will be under the "White papers" category.

•RMON feature, which allows network devices to exchange network monitoring data. RMON performs these major functions:

oGathers cumulative statistics for Ethernet interfaces

o Tracks a history of statistics for Ethernet interfaces

o Creates and triggers alarms for user-defined events

•An administrator can define end user accounts that permit limited access to the switch. The switch requires username/password authentication for end users.

•Fast Uplink Convergence that enables the switch to quickly recover from the failure of the primary link or trunk group in a Layer 2 network using Spanning Tree Protocol.

•Support for SSH version 2. SSH is a protocol that enables remote administrators to log securely into the switch over a network to execute management commands.

•Switch software provides SNMP support for access through any network management software, such as HP OpenView.

•Support for HTTP software upgrade using the BBI. FTP or TFTP server is not required to perform a software upgrade.

•Port Fast Forwarding that allows a port that participates in Spanning Tree to bypass the Listening and Learning states and enter directly into the Forwarding state.

•Allows secure browser access (HTTPS) to management functions

Introduction 7

Switch redundancy

In a dual switch configuration, the switches offer several redundancy and failover features. With these features, the network configuration is designed to allow for continued network access to each server blade in case of a component or link failure. The switch redundancy and failover features include:

•Up to eight separate switches per one HP c-Class BladeSystem server blade enclosure

•Five Gigabit Ethernet uplink ports, per switch, for designing fully meshed uplink paths to the network backbone

•Server networking connections routed to each of the separate switches for redundant paths to tolerate a switch or port malfunction

•Redundant data path Gigabit Ethernet cross connections between switches

•STP support that eliminates potential problems caused by redundant networking paths and provides for failover with a secondary path in case of primary path failure; supports IEEE 802.1D Spanning Tree Protocol and is compatible with Cisco® PVST+ and Cisco PVST, when the other device is configured as untagged or configured to use 802.1q tagging. The switch also supports IEEE 802.1s MSTP and IEEE 802.1w RSTP.

•Redundant power supplies and redundant cooling fans within the server blade enclosure

•Redundant firmware images and configuration settings on switch flash memory

•Redundant, configurable DNS clients, syslog servers, gateways, and community strings and SNMP trap manager hosts

Configuration and management

The switch provides these configuration and management interfaces and tools:

•A scriptable CLI allows local, Telnet, or SSH access.

•A BBI allows remote access using a Web browser such as Microsoft® Internet Explorer or Netscape Navigator.

•SNMP manageability and monitoring are supported.

•The switch functionality allows uploading and downloading of switch configurations through TFTP and SCP, thus allowing the rapid deployment of multiple server blade systems, and providing robust backup and restore capabilities.

•NTP is supported, allowing the switch to display and record the accurate date and time as provided by an NTP server.

•Two firmware images, either of which can be selected to be the current runtime image, can be held in memory.

•RADIUS provides support for user authentication and authorization.

•TACACS+ provides support for Cisco TACACS+ server compatible authentication, authorization, and accounting.

•The user interfaces provide multi-level password protected user accounts.

•IP settings are set manually or obtained automatically from a BOOTP server.

•A text-based, human read/write configuration file provides viewing, printing, and editing capabilities.

•A DNS client supports primary and secondary DNS servers.

•Any port can be enabled or disabled as desired.

•Any switch port can be used to perform switch management and PXE.

Introduction 8

Diagnostic tools

The hardware, software, and firmware diagnostic tools that are available include:

•HP Systems Insight Manager automatic discovery and identification

•POST built into the switch boot process

•Switch port mirroring

•Switch LED panel displaying per port status and speed

•System, management, and option compatibility status LEDs

•Rear panel reset power switch and DB-9 management serial port

•Statistic monitoring including port utilization, data packets received/transmitted, port error packets, trunk utilization, and so on

•Ping and trace route capability

•Remote syslog with support for primary and secondary syslog server

•The ability to return the switch to known good condition in case of firmware corruption

•State information dump for tuning and debugging switch performance

•Panic command for immediate state dump to flash memory and automatic switch boot

•Ability to set NVRAM diagnostic flags

Switch architecture

The HP c-Class BladeSystem provides Ethernet switching technology for network cable reduction.

The switch does not affect or determine NIC enumeration and the associated mapping of NIC interfaces to switch ports. The numbering of the NICs on the server (for example, NIC 1, NIC 2, NIC 3) is determined by the server type, the server operating system, and what NICs are enabled on the server.

Port Mapping

For detailed port mapping information, see the HP BladeSystem enclosure installation poster or the HP BladeSystem enclosure setup and installation guide on the HP website (http://www.hp.com/go/bladesystem/documentation).

Dual switches

In a dual switch configuration, two switches in the server blade enclosure provide switch redundancy and redundant paths to the network ports on the server blades. Each switch has five external Gigabit Ethernet ports and sixteen internal Gigabit Ethernet ports providing connectivity to the blade servers within the enclosure.

Each pair of switches consolidates up to thirty-two Gigabit Ethernet signals into one-to-ten Gigabit ports (on the back of the enclosure).

Redundant crosslinks

In a dual switch configuration, the two switches are connected through redundant Gigabit crosslinks. These two crosslinks provide an aggregate throughput of 2 Gb/s for traffic between the switches.

These crosslinks are disabled by default. The crosslinks must be enabled for use.

Introduction 9

Redundant paths to server bays

In a dual switch configuration, redundant Ethernet signals from each blade server are routed through the enclosure backplane to separate switches within the enclosure. This configuration provides redundant paths to each server bay.

Redundant Ethernet signals from each blade server are routed through the enclosure backplane to separate switches within the enclosure. However, specific switch port to server mapping varies depending on which type of server blade is installed.

On a heavily used system, using a single uplink port for 32 Ethernet signals causes a traffic bottleneck. For optimum performance, HP recommends using at least one uplink port per switch.

Supported technologies

Layer 2 switching

The switch uses Gigabit Layer 2 switching technology. Layer 2 refers to the Data Link layer of the OSI model, which is concerned with moving data packets across a network by enforcing CSMA/CD. This layer performs:

•Ethernet packet framing

•MAC addressing

•Physical medium transmission error detection

•Medium allocation (collision avoidance)

•Contention resolution (collision handling)

Layer 2 switching technology allows the switch to look into data packets and redirect them based on the destination MAC address. This reduces traffic congestion on the network because packets, instead of being transmitted to all ports, are transmitted to the destination port only.

Layer 3 switching

In addition to Layer 2 features, the switch also supports Layer 3 switching. Layer 3 switching features include:

•IP forwarding

•Static routing

•Dynamic routing based on RIP V1/V2 or OSPF protocols

•High availability VRRP

Layer 3 switching provides more power, flexibility, and security capabilities to network administrators. Network traffic is managed much more efficiently and broadcast traffic between servers remains within the enclosure. Security features provide added protection for switch configuration data, while packet filtering helps secure and segment sensitive traffic or network access.

IEEE 802.1 Q-based VLAN

The switch provides support for a total of 255 IEEE 802.1Q VLANs for server grouping and isolation. A VLAN is a network segment configured according to a logical scheme rather than a physical layout. VLANs are used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN.

Introduction 10

VLANs also logically segment the physical network into different broadcast domains so that packets are forwarded only between ports within the VLAN. This technology enhances performance by conserving bandwidth and improves security by limiting traffic to specific domains. For example, isolate the server blade iLO ports from the rest of the NICs. The iLO ports on Switch 2 are assigned to their own VLAN and go to a dedicated uplink or share an uplink using VLAN tagging.

IMPORTANT: The greater the number of VLANs, the greater the switch CPU utilization. For maximum switch performance, HP recommends being judicious when configuring the number of VLANs.

NOTE: VLAN 4095 is reserved for future functionality.

Spanning Tree Protocol

The switch supports IEEE 802.1D STP, which allows the blocking of links that form loops between switches in a network. When multiple links between switches are detected, a primary link is established. Duplicated links are blocked from use and become standby links. If the primary link fails, the standby link is activated.

In addition, the switch provides a spanning tree domain per VLAN. The switch is compatible with Cisco® PVST+ and Cisco PVST, when the other device is configured as untagged or configured to use 802.1q tagging. Sixteen spanning tree domains are supported per switch.

NOTE: STP 16 is reserved for future functionality.

The switch also provides IEEE 802.1s-based MSTP and IEEE 802.1w-based RSTP.

SNMP

The switch is configured and monitored remotely from an SNMP-based network management station. The switch supports industry-standard SNMP MIBs and proprietary HP enterprise switch MIBs for fault detection and monitoring of switch functionality. In addition, the switch supports various environmental traps such as temperature and fan failure traps.

To secure the management interface, the switch administrator configures community strings with two levels of access: Read and Read/Write. Access to the switch is also restricted to only management stations that are members of a specific IP network. This is achieved by configuring the address/mask of that specific network as a restricted management network address/mask.

Port mirroring

The switch allows mirroring of one or multiple ports (source ports) to another port (destination port) for network monitoring and troubleshooting purposes. This technology offers a way for network packet analyzers to view the traffic moving through the switch by providing a copy of the traffic that is currently being passed through any other port. The packets are sent to a network packet analyzer or other monitoring device attached to the mirror port.

Port trunking and load balancing

The switch supports EtherChannel compatible IEEE 802.3ad (without LACP) port trunking allowing several ports to be grouped together and act as a single logical link called a trunk. This feature provides a

Introduction 11

bandwidth that is a multiple of the bandwidth of a single link. It also improves reliability since load balancing is automatically applied to the ports in the trunked group. A link failure within the group causes the network traffic to be directed to the remaining links in the group.

TFTP support

TFTP support allows the switch firmware to be upgraded by downloading a new firmware file from a TFTP server to the switch. Firmware images of the switch are also uploaded to a TFTP server, a configuration file is downloaded into a switch from a TFTP server, and configuration settings are saved to the TFTP server.

Store and forward switching scheme

The switch provides a store and forward switching scheme that allows each packet to be buffered (stored) before it is forwarded to its destination. While this method creates latency, it improves reliability in a heavily used switch. Packets that cannot be forwarded are saved immediately, rather than dropped, so that packets behind them are less likely to be dropped in periods of heavy usage.

BOOTP

By default, the switch is configured to obtain an IP address from a BOOTP server during the boot process. The IP settings are also manually configured by means of the serial interface. The IP settings are configurable from the browser-based interface, but because the connection is based on an IP address for these interfaces, users will have to reconnect with the newly assigned IP address.

NTP

The switch maintains the current date and time. This information displays on the management interfaces and is used to record the date and time of switch events. Current date and time information are manually set on the switch or are obtained through NTP. NTP allows the switch to send a request to a primary NTP server in each polling period asking for GMT.

RADIUS

The switch supports the RADIUS method to authenticate and authorize remote administrators for managing the switch. This method is based on a client/server model. The RAS, the switch, is a client to the back-end database server. A remote user (the remote administrator) interacts only with the RAS, not the back-end server and database.

RADIUS authentication consists of:

•A protocol with a frame format that utilizes UDP over IP, based on RFC 2138 and 2866

•A centralized server that stores all the user authorization information

•A client, in this case, the switch

The switch, acting as the RADIUS client, communicates to the RADIUS server to authenticate and authorize a remote administrator using the protocol definitions specified in RFC 2138 and 2866. Transactions between the client and the RADIUS server are authenticated using a shared key that is not sent over the network. In addition, the remote administrator passwords are sent encrypted between the RADIUS client (the switch) and the back-end RADIUS server.

The benefits of using RADIUS are:

•Authentication of remote administrators

Introduction 12

•Identification of the administrator using name/password

•Authorization of remote administrators

•Determination of the permitted actions and customizing service for individual administrators

TACACS+

The switch supports the TACACS+ method to authenticate, authorize, and account for remote administrators managing the switch. This method is based on a client/server model. The switch is a client to the back-end TACACS+ AAA server. A remote user (the remote administrator) interacts only with the client, and not with the back end AAA server.

The TACACS+ AAA method consists of:

•A protocol with a frame format that utilizes TCP over IP

•A centralized AAA server that stores all the user authentication, authorization, and accounting (of usage) information

•A NAS or client (in this case, the switch)

The switch, acting as the TACACS+ client or NAS, communicates to the TACACS+ server to authenticate, authorize, and account for user access. Transactions between the client and the TACACS+ server are authenticated using a shared key that is not sent over the network. In addition, the remote administrator passwords are sent encrypted between the TACACS+ client (the switch) and the back-end TACACS+ server.

The switch supports:

•Only standard ASCII inbound login authentication. PAP, CHAP, or ARAP login methods are not supported. One-time password authentication is also not supported.

•Authorization privilege levels of only 0, 3, and 6. These map to management levels of user, oper, and admin, respectively.

•The accounting attributes of protocol, start_time, stop_time, and elapsed_time. For BBI users, accounting stop records are only sent if the user presses the QUIT button.

SSH and SCP

SSH and SCP use secure tunnels to encrypt and secure messages between a remote administrator and the switch. Telnet does not provide this level of security. The Telnet method of managing a switch does not provide a secure connection.

SSH is a protocol that enables remote administrators to log securely into the switch over a network to execute management commands.

SCP is used to copy files securely from one machine to another. SCP uses SSH for encryption of data on the network. On a switch, SCP is used to download and upload the switch configuration via secure channels.

XModem

The switch supports XModem for transferring files during direct dial-up communications. XModem sends blocks of data in 128-byte blocks, and includes an error-detection system called a checksum. When the data is received, the error detection system ensures that the entire message reached its destination. If not, the receiving computer sends a request for retransmission of the data.

Introduction 13

IGMP Snooping

The switch supports IGMP Snooping for multicasting. Both Version 1- and Version 2-based IGMP Snooping are supported. In addition, auto detection of the multicast router port and manual configuration of the multicast router port is supported. For efficient multicast traffic management, the IGMP Filtering option is supported.

Jumbo frames

By default, the switch supports jumbo frames up to 9216 bytes, which help reduce server CPU utilization and increase application throughput. No configuration is required. The switch does not fragment frames as they exit, or assemble packets into jumbo frames as they enter the switch.

Auto-MDI/MDIX

The switch Ethernet ports are MDI/MDI crossover capable. MDI/MDIX is a type of Ethernet port connection using twisted pair cabling. The MDI is the component of the MAU that provides the physical and electrical connection to the cabling medium. An MDIX is a version of MDI that enables connection between like devices. MDI ports connect to MDIX ports via straight-through twisted pair cabling whereas both MDI-to-MDI and MDIX-to-MDIX connections use crossover twisted pair cabling. The switch has the capability to automatically detect the cable selection/type, making the distinction between a straightthrough cable and a crossover cable unimportant.

Auto-negotiation of duplex mode and speed

Auto-negotiation of duplex mode and speed are configured on the switch. Network adapters that support multiple data speeds, such as Fast Ethernet and Gigabit Ethernet, choose the speed at which they run through a procedure called auto-negotiation. Auto-negotiation involves probing the capability of the network using low-level signaling techniques to select compatible Ethernet speeds. Auto-negotiation was originally developed to make the migration from traditional Ethernet to Fast Ethernet products easier.

Redundant images in firmware

The switch stores up to two different software images, called image1 and image2, as well as boot software, called boot. When downloading new software, the ability to specify where it is to be placed (into image1, image2, or boot) is activated.

For example, if the active image is currently loaded into image1, load the new image software into image2. This allows a test of the new software and the option to revert back to the original image stored in image1, if needed.

CAUTION: Unlike the firmware that has two images, there is only one image of boot supported. Upgrading the boot image replaces the original boot image.

Introduction 14

Component identification

In this section
GbE2c Layer 2/3 front panel ..................................................................................................................	15

GbE2c Layer 2/3 front panel

	CAUTION: Pressing the Reset button while the Health LED is green resets the switch.

Item	Description

1	UID LED

2	Health LED
	• Off—Not powered up
	• Green—Powered up and all ports match
	• Amber—Indicates a problem such as a port mismatch. For more
	information, see the HP BladeSystem enclosure setup and
	installation guide.

3	DB-9 management serial port

4	RJ-45 port 20

5	SFP transceiver cages 21-24

6	RJ-45 ports 21-24

7	Reset button

Component identification 15

Installing the switch

In this section
Planning the switch configuration .............................................................................................................	16
Installing the switch ................................................................................................................................	19
Accessing the switch...............................................................................................................................	20
Logging on and configuring the switch......................................................................................................	21
Installing SFP transceivers........................................................................................................................	21
Supporting software and special considerations.........................................................................................	22

Planning the switch configuration

NOTE: Only one port number can be used at a time. SFP transceiver ports have priority over the RJ-45 ports.

The switch ships with a default configuration in which all downlink and uplink ports are enabled and assigned a default VLAN with a VID equal to 1. This default configuration simplifies the initial setup by allowing use of a single uplink cable (from any external Ethernet connector) to connect the server blade enclosure to the network. By default, the X-connect ports (17 and 18) are disabled. Assess the particular server environment to determine any requirements for other considerations.

The switch does not affect or determine NIC numeration and the associated mapping of NIC interfaces to switch ports. The numbering of the NICs on the server (for example, NIC 1, NIC 2, NIC 3) is determined by the server type, the server operating system, and which NICs are enabled on the server.

NOTE: Port 19 is reserved for connection to the Onboard Administrator module for switch management. This allows a user to enable the functionality of future firmware upgrade releases.

The Onboard Administrator module controls all port enabling. Enabling is based on matching ports between the server and the interconnect bay. Before power up, the Onboard Administrator module verifies that the server NIC option matches the switch bay that is selected and enables all ports for the NICs installed.

Default settings

Installing the switch 16

NOTE: Port 19 is reserved for connection to the Onboard Administrator module for switch management. This allows a user to enable the functionality of future firmware upgrade releases.

When planning the configuration, consider the default settings for these parameters:

•Switch IP settings

•VLAN settings

•STP settings

•Port names and types

•Port trunking settings

•Interswitch X-Connect port settings

•SNMP settings

•User name and password settings

•Default access to various management interfaces

•NTP settings

IMPORTANT: See "Runtime switching software default settings (on page 29)" for a complete list of default configuration settings.

Switch security

When planning the switch configuration, secure access to the management interface by:

•Creating users with various access levels

•Enabling or disabling access to various management interfaces to fit the security policy

•Changing default SNMP community strings for read-only and read-write access

User, operator, and administrator access rights

To enable better switch management and user accountability, three levels or classes of user access have been implemented on the switch. Levels of access to CLI, Web management functions, and screens increase as needed to perform various switch management tasks. Conceptually, access classes are defined as:

•User interaction with the switch is completely passive. Nothing can be changed on the switch. Users can display information that has no security or privacy implications, such as switch statistics and current operational state information.

•Operators can only effect temporary changes on the switch. These changes will be lost when the switch is rebooted/reset. Operators have access to the switch management features used for daily switch operations. Because any changes an operator makes are undone by a reset of the switch, operators cannot severely impact switch operation.

Installing the switch 17

•Administrators are the only ones that can make permanent changes to the switch configuration, changes that are persistent across a reboot/reset of the switch. Administrators can access switch functions to configure and troubleshoot problems on the switch. Because administrators can also make temporary (operator-level) changes as well, they must be aware of the interactions between temporary and permanent changes.

Access to switch functions is controlled through the use of unique surnames and passwords. Once connected to the switch via the local console, Telnet, or SSH, a password prompt appears.

NOTE: It is recommended to change the default switch passwords after initial configuration and as regularly as required under the network security policies. For more information, see the

HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Command Reference Guide.

The default user name and password for each access level are:

User account	Description and tasks performed	Password

User	The user has no direct responsibility for switch management. He or she	user
	can view all switch status information and statistics, but cannot make
	any configuration changes to the switch.

Operator	The operator manages all functions of the switch. The operator can
	reset ports or the entire switch.
	By default, the operator account is disabled and has no password.

Administrator	The super user administrator has complete access to all menus,	admin
	information, and configuration commands on the switch, including the
	ability to change both the user and administrator passwords.

Manually configuring a switch

The switch is configured manually using a command line interface, a browser-based interface, or an SNMP interface. See the HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Command Reference Guide for more information on using these management interfaces to configure the switch.

After a switch is configured, back up the configuration as a text file to a TFTP server. The backup configuration file is then downloaded from the TFTP server to restore the switch back to the original configuration. This restoration is necessary if one of these conditions apply:

•The switch configuration becomes corrupted during operation.

•The switch must be replaced because of a hardware failure.

Configuring multiple switches

Configure multiple switches by using scripted CLI commands through Telnet or by downloading a configuration file using a TFTP server.

Using scripted CLI commands through Telnet

The CLI, provided with the switch, executes customized configuration scripts on multiple switches. A configuration script is tailored to one of the multiple switches, and then that configuration can be deployed to other switches from a central deployment server.

Installing the switch 18

+ 42 hidden pages