HP T1453-90001 User Manual
Using HP-UX VLANs
HP 9000 Networking for HP-UX 11i
Manufacturing Part Number: T1453-90001
E0302
U. S. A.
© Copyright 2002 Hewlett-Packard Company.
Legal Notices
The information in this document is subject to change without notice.
Hewlett-Packard makes no warranty of any kind with regard to this
manual, including, but not limited to, the implied warranties of
merchantability and fitness for a particular purpose. Hewlett-Packard
shall not be held liable for errors contained herein or direct, indirect,
special, incidental or consequential damages in connection with the
furnishing, performance, or use of this material.
Warranty. A copy of the specific warranty terms applicable to your
Hewlett- Packard product and replacement parts can be obtained from
your local Sales and Service Office.
Restricted Rights Legend. Use, duplication or disclosure by the U.S.
Government is subject to restrictions as set forth in subparagraph (c) (1)
(ii) of the Rights in Technical Data and Computer Software clause at
DFARS 252.227-7013 for DOD agencies, and subparagraphs (c) (1) and
(c) (2) of the Commercial Computer Software Restricted Rights clause at
FAR 52.227-19 for other agencies.
HEWLETT-PACKARD COMPANY
3000 Hanover Street
Palo Alto, California 94304
U.S.A.
Use of this manual and flexible disk(s) or tape cartridge(s) supplied for
this pack is restricted to this product only. Additional copies of the
programs may be made for security and back-up purposes only. Resale of
the programs in their present form or with alterations, is expressly
prohibited.
Copyright Notices. ©copyright 2002 Hewlett-Packard Company, all
rights reserved. ProCurve is a registered trademark of Hewlett-Packard
Company. DecNet is a trademark of Compaq Corporation. AppleTalk is a
trademark of Apple Computer Inc. Extreme and Summit are trademarks
of Extreme Networks Inc. Cisco and Catalyst are trademarks of Cisco
Systems Inc.
Reproduction, adaptation, or translation of this document without prior
written permission is prohibited, except as allowed under the copyright
laws.
2
1. What are HP-UX VLANs?
HP-UX VLAN Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Benefits of HP-UX VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Types of VLANs Supported by HP-UX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
HP-UX VLAN Tagging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
System and Software Requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Patches Required for the March 2002 HP-UX 11i-based Version . . . . . . . . . . . . . . . 17
Supported Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Unsupported Functionality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
2. Overview of Installation and Configuration
Planning HP-UX VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
How to Configure VLANs on the Switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
How to Configure VLANs on HP-UX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Choose Configuration Method: Use SAM; Edit vlanconf; Use lanadmin. . . . . . . . . . 25
Configuration Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Properties of a VLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Special Case of VLAN ID 0--Priority Tagged Frames . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Promiscuous Mode Characteristics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Allowable Values for HP VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Using VLANs with MC/ServiceGuard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
How is 802.1p Priority Set?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
How do Pri and ToS Override Affect My Inbound and Outbound frames?. . . . . . . . . . 33
Setting 802.1p Priority, ToS, and Overrides. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Where to Get More Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Contents
3. Configuring VLANs Using SAM
Configuring VLANs Using SAM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
4. Configuring VLANs by Editing vlanconf File
Modifying Parameters in vlanconf File. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
5. Using lanadmin -V to Administer VLANs
Using the lanadmin -V Command for Administering VLANs. . . . . . . . . . . . . . . . . . . . 48
lanadmin Syntax. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Using lanadmin to Create a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Using a VLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Using lanadmin to Modify a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
3
Contents
Using lanadmin to Delete a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
A. Troubleshooting
Diagnostic Flowcharts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Flowchart 1: Link Level Tests. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Flowchart 1a: Linkloop Test. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Flowchart 2: Network Level Tests. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Flowchart 2 Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
NetTL Trace and Log of VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
4
Tables
Table 1-1. Needed Patches for HP-UX VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Table 2-1. Summary of VLAN Tagging Assignment . . . . . . . . . . . . . . . . . . . . . . . . . 24
Table 2-2. Allowable Values for Parameters in vlanconf File . . . . . . . . . . . . . . . . . . 29
Table 2-3. ToS to 802.1 User Priority Mappings Based on IP Precedence . . . . . . . . 32
Table 2-4. Allowable Settings for VLAN_PRI_OVERRIDE Value in vlanconf File . 33
Table 2-5. Allowable Settings for VLAN_TOS_OVERRIDE Value in vlanconf File. 34
Table A-1. Flowchart Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
5
Tables
6
Figures
Figure 1-1. VLANs (Virtual LANs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Figure 1-2. IEEE 802.1Q VLAN Tag in Ethernet Frame. . . . . . . . . . . . . . . . . . . . . . 15
Figure 1-3. VLANS Overlapping or Sharing the Same LAN Card Port . . . . . . . . . . 16
Figure 2-1. Communication between VLANS Requires an External Router . . . . . . 22
Figure 2-2. Tagged and Untagged VLAN Technology in Same Network . . . . . . . . . 23
Figure 2-3. VLANs and Service Guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Figure 3-1. List Pulldown with Virtual LANs Displayed. . . . . . . . . . . . . . . . . . . . . . 38
Figure 3-2. Action Pulldown for Creating Virtual LANs. . . . . . . . . . . . . . . . . . . . . . 39
Figure 3-3. Create Virtual LANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Figure 3-4. Add an IP Address for the VLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Figure A-1. Flowchart 1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Figure A-2. Flowchart 1a. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Figure A-3. Flowchart 1b. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Figure A-4. Flowchart 2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Figure A-5. Flowchart 2a. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Figure A-6. Flowchart 2b. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
Figure A-7. Flowchart 2b (continued) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
7
Figures
8
1 What are HP-UX VLANs?
Chapter 1 9
What are HP-UX VLANs?
A Virtual LAN (VLAN) is a logical or virtual network segment that can
span multiple physical network segments. Using VLANs, you can group
switched-network end-stations by:
• department, such as engineering and manufacturing,
• type of user, such as power users or those with special needs,
• application, or
• project
instead of physical location (Figure 1-1).
Figure 1-1 VLANs (Virtual LANs)
End
Users
Switches
Servers
Internetwork
Router
LAN 2
Physical View
Marketing VLAN
Engineering VLAN
Manufacturing VLAN
Internetwork
Router
Logical View
VLANs isolate broadcast and multicast traffic by determining which
destinations should receive that traffic, thereby making better use of
switch and end-station resources. With VLANs, broadcasts and
multicasts go only to the intended nodes in the virtual LAN.
Chapter 110
What are HP-UX VLANs?
VLANs create broadcast domains using switches instead of routers.
While VLANs in some environments may reduce the number of routers
needed (and their latency), you still need a router if you want the VLANs
to communicate with each other.
Chapter 1 11
What are HP-UX VLANs?
HP-UX VLAN Features
HP-UX VLAN Features
Following are some of the features of HP-UX VLANs:
• HP-UX VLANs are implemented with host-based IEEE 802.1Q/p
• HP VLANs are for use over fast Ethernet or gigabit Ethernet LAN
• HP-UX VLANs do not require you to rewrite applications, install
compliant tagging to allow configuring multiple VLANs on a given
Ethernet LAN card based on their IP-subnet, protocol, or LAN card
port.
cards running on HP-UX 11i (11.11) PA-RISC-based servers and
workstations. HP-UX supports up to 1024 VLANS per LAN card
port.
new hardware, or recable. They are also compatible with HP
MC/ServiceGuard as well as HP’s online addition and replacement
(OLAR) capabilities.
Chapter 112
What are HP-UX VLANs?
Benefits of HP-UX VLANs
Benefits of HP-UX VLANs
The advantages of HP-UX VLANs are:
• Physically dispersed workgroups can be logically connected within
the same broadcast domain to appear as if they are on the same
physical LAN.
• A single physical link can simultaneously serve several IP subnets
when subnet-based VLANs are configured on that link.
• Switches no longer need to classify and tag traffic. They focus on
forwarding packets.
• Workgroups requiring increased security can be logically connected
within the same broadcast domain. Broadcast traffic will be isolated
within the secure group.
• End stations using VLANs can offer rudimentary class of service
(CoS) locally by prioritizing traffic for certain activities.
• HP-UX VLANs can be created, modified, and deleted without
rebooting.
• HP-UX VLANs are interoperable with non-VLAN aware devices,
that is, devices such as servers or bridges that do not transmit or
receive tagged packets.
Chapter 1 13
What are HP-UX VLANs?
Types of VLANs Supported by HP-UX
Types of VLANs Supported by HP-UX
The types of HP-UX VLANs that you can create are as follows:
• NIC-Port Based--A group of physical LAN card ports belong to the
same layer-2 broadcast domain. Each LAN card port transmits and
receives frames belonging to the VLAN associated with that port.
Members of the same port-based VLAN all have the same VLAN ID.
A VLAN ID uniquely identifies the VLAN to which a frame belongs.
• Protocol Based--Common protocols such as IP, IPX, AppleTalk,
Decnet, and NetBIOS are grouped into layer-2 broadcast domains.
• IP Subnet Based--Each IP subnet has its own unique VLAN. Traffic
from different subnets is logically separated from each other as if
each subnet were on a different LAN segment.
Please refer to “Planning HP-UX VLANs” in this document for more
information on setting up the different types of VLANs described.
HP-UX VLANs conform to IEEE specifications 802.1Q (for VLAN
tagging) and IEEE 802.1p (MAC-level frame prioritizing) to provide
end-to-end class of service (CoS).
Chapter 114
HP-UX VLAN Tagging
Network switches and end stations that know about VLANs are said to
be VLAN-aware. Network switches and end stations that can interpret
VLAN tags are said to be VLAN-tag-aware. HP-UX VLAN-tag-aware
end stations add VLAN tags to standard Ethernet frames--a process
called explicit tagging. A VLAN tag (Figure 1-2) identifies which
VLAN a data frame belongs to and enables traffic from more than one
VLAN to use the same switch or LAN card port (Figure 1-3).
When a VLAN-aware switch receives data from an end-station, the
switch determines where the data is to go and whether the VLAN ID
should be retained. If the data is to go to a device that can recognize the
VLAN tag, the VLAN tag is retained. If the data is to go to a device that
has no knowledge of VLANs (VLAN-unaware), the switch sends the
data without the VLAN tag.
Figure 1-2 IEEE 802.1Q VLAN Tag in Ethernet Frame
4 Bytes
What are HP-UX VLANs?
HP-UX VLAN Tagging
Destination
Address
2 Bytes
Tag
Protocol
ID
Source
Address
2 Bytes (Tag Control Information)
User
Priority
3 bits
802.1Q
VLAN Tag
Canonical
Format
Indicator
1 bit
Type/Len Data Frame
Check
VLAN ID
12 bits
You must configure VLAN tagging on switch ports that interface to
end-stations that have tagged VLANs. If a switch or end-station port is
member of only a single, port-based VLAN, tagging is not required.
To transmit tagged frames, you must configure a VLAN on the
end-station with a VLAN ID that matches the VLAN ID of a tagged
VLAN on the switch port and the VLAN ID of a VLAN at the remote
end-station. Refer to the next 3 chapters in this guide for complete
details on configuring VLANs on your HP-UX end stations.
Chapter 1 15
What are HP-UX VLANs?
HP-UX VLAN Tagging
Figure 1-3 VLANS Overlapping or Sharing the Same LAN Card Port
Server
HP Gigabit or Fast Ethernet
LAN Card
Port
VLAN0 VLAN1024
Chapter 116
What are HP-UX VLANs?
System and Software Requirements
System and Software Requirements
Following are the hardware and software requirements for VLANs as of
March 2002:
• Type of HP System Required
— HP-UX Precision Architecture (PA-RISC).
• OS Required
— HP-UX 11i (11.11). New HP servers and workstations shipped
after March 2002 already have VLAN technology pre-installed in
the operating environment. For computers shipped before March
2002, check the product Information Sheet to see if the VLAN
product can be loaded by way of required patches.
• VLANs work over all HP HSC and PCI 100Base LAN cards and all
HP HSC and PCI 1000Base LAN cards.
PatchesRequired for the March 2002 HP-UX 11i-based Version
The following patches are required in order to use the HP-UX VLAN
software on HP-UX 11i-based systems.
These patch numbers are current at the time of publication and may be
superseded. Check to see if these patches are superseded, and download
patches at the following URL: http://us-support.external.hp.com/
Table 1-1 Needed Patches for HP-UX VLANs
Driver 11i Patch #
Transport PHNE_25644
100Base-T * PHNE_23465
Gigabit * PHNE_24491
nettl, netfmt, and nettladm PHNE_24473
LAN--core patch that enables
VLANs
Chapter 1 17
PHNE_25388
What are HP-UX VLANs?
System and Software Requirements
Table 1-1 Needed Patches (Continued)for HP-UX VLANs (Continued)
Driver 11i Patch #
SAM PHCO_25866
* Either the 100Base-T or Gigabit patch
may be optional depending on which
link type you have.
Chapter 118
What are HP-UX VLANs?
Supported Switches
Supported Switches
HP-UX VLANs are supported with switches that implement IEEE
802.1Q-compliant VLAN tagging. The switches must implement at least
port-based VLANs and must be VLAN-tag aware. The following switches
are among those that support HP-UX VLANs:
• HP ProCurve 9304M
• HP ProCurve 4000M/8000M
• Extreme Summit 7i
• Cisco Catalyst 6509
Chapter 1 19
What are HP-UX VLANs?
Unsupported Functionality
Unsupported Functionality
HP-UX VLANs do not support the following functionality:
• GARP VLAN registration protocol (GVRP) is currently not
• HP-UX VLANs do not operate on:
supported. HP-UX VLANs will not send GVRP messages or interpret
them.
— Any Itanium-based servers whether the LAN card is factory
installed or customer installed.
— HP-UX 11.20, 11.0, and 10.20.
— FDDI, Token Ring, ATM, 100VG, EISA, and HP-PB LAN cards.
Chapter 120
2 Overview of Installation and
Configuration
Chapter 2 21
Overview of Installation and Configuration
Planning HP-UX VLANs
Planning HP-UX VLANs
The following requirements must be satisfied before setting up VLANs in
an HP-UX network:
• In order for both end stations of a VLAN to communicate, both the
end-station LAN cards and the switch ports that are connected to
those LAN cards on a point-to-point link need to be VLAN-tag-aware.
• For VLANs to communicate with each other, an external
VLAN-aware switch or router is required (Figure 2-1). However,it is
not possible to extend a single vlan across a router.
• If a hub is connected to a network of VLANs, every port on the hub
must belong to the same VLAN. Hubs do not have the ability to
provide VLANs to individual ports.
VLAN awareness does not provide any benefit in a shared LAN
environment (using hubs or repeaters). In these shared LAN
environments, all stations see all traffic whether it is VLAN tagged or
not.
Figure 2-1 Communication between VLANS Requires an External Router
LAN Card with Two
Port-Based
VLANs Configured
Port A2
Port A4
Chapter 222
External
Router
Red VLAN
Port A1
Port A3
Green VLAN
Overview of Installation and Configuration
How to Configure VLANs on the Switch
How to Configure VLANs on the Switch
IEEE 802.1Q compliant devices and legacy/untagged VLANs can coexist
on the same networks, but legacy/untagged VLANS require a separate
link, whereas the 802.1Q tagged VLANs can combine several VLANs
into one link. On 802.1Q-compliant devices, separate ports (configured as
untagged) must be used to connect separate VLANs to non-802.1Q
devices.
Figure 2-2 Tagged and Untagged VLAN Technology in Same Network
Switch Port
untagged or native VLAN
tagged VLAN
tagged VLAN
tagged VLAN
LAN
Card
Port
Untagged
Tagged
VLAN 1
VLAN 2
VLAN 3
VLAN 4
When you assign a switch port to a given VLAN,you must implement the
VLAN tag if the switch port will carry traffic for more than one VLAN.
Otherwise, the port VLAN assignment can remain untagged because
the tag is not needed. On a given switch, use the untagged designation
for a port VLAN assignment where the port is connected to a
non-802.1Q-compliant device or is assigned to only one VLAN as in
VLAN 1 in Figure 2-2. Use the tagged designation when more than one
VLAN is assigned to the port, or the port is connected to a device that
does comply with the 802.1Q standard as in VLANs 2 through 4 in
Figure 2-2. These simple rules are summarized in Table 2-1.
Chapter 2 23
Overview of Installation and Configuration
How to Configure VLANs on the Switch
Table 2-1 Summary of VLAN Tagging Assignment
VLANs Per
Port
1 Untagged or Tagged. If the device connected
2 or more 1 VLAN Untagged; all others Tagged
A given VLAN must have the same VLAN ID on any
802.1Q-compliant device in which the VLAN is configured.
Tagging Scheme
to the port is 802.1Q-compliant, then the
recommended choice is “Tagged.”
or
All VLANs Tagged
Chapter 224
Loading...