Two months ago, as I blogged about it I passed HP ProCurve AIS exam and shared a summary of my preparation notes, Last week I passed Master ASE – HP ProCurve Campus LANs [2010] online exam (HP2-Z04) and became HP Master ASE – MASE, so I thought to share parts of my study notes as some customers are buying ProCurve instead of Cisco Catalyst (Budget reasons) it’s good to know equivalent terminologies and commands. Do I recommend HP ProCurve over Cisco Catalyst? No.
Cisco vs. HP terminology
- Trunk Port = Tagged Port
- Port Channel Interface = Trunk Port
- Access port = Untagged Port
- Auxiliary VLAN (voice) = tagged/untagged
- Access port with Auxiliary = tagged (voice) + untagged (data)
vlan11
untagged a1
vlan12
voice
tagged a1 - Interface Gigabitethernet0/1 = interface 1
- Modular switches = interface a1 "Module name: a,b,c… from top left"
- HP does not send CDP (can receive) – HP speaks LLDP – IEEE802.1AB
- BPDU Guard = BPDU protection
- Keepalive = Loop protection
- SPAN = traffic mirroring
HP ProCurve software license
Edge License Features:
- IPv4 RIP + Static Routes
- IGMP
- ACLs
- QoS
- Bandwidth Control
- Edge Security
- Basic IPv6
Premium Features:
- OSPF + ECMP
- PIM
- IPv6 RIP + OSPFv3
- VRRP
- QinQ VLANs
WLAN Evolution
- 1st Gen: Standalone Access Points
- 2nd Gen: Centralized WLAN Management with Thin APs
- 3rd Gen: Multiservice Controller
- 4th Gen: Unified WLAN Architecture (Controller Blades) Mobility Controller
- Multi-Service Mobility Solution (MSM7xx)
- Mobility License: Guest Roaming
- Mobility Manager Software (on top of ProCurve Manager – PCM)
- Software updates
- WLAN Security settings
- Radio settings
- Rogue detection
- Monitoring and Troubleshooting
- ProCurve Guest Management Software
- Authentication
- Temporary Credentials + expiration + Printable Vouchers
- RF Manager
- IDS/IPS
- RF Planner
- Windows based WLAN planning software
- Multi-Service Mobility Solution (MSM7xx)
PoE Devices
- PD – Powered Device
- PSE – Power Sourcing Equipment
- IEEE802.3af
- IEEE802.3at (PoE+) up to 24W
- Keep higher priority ports on lower port numbers
- We can use power shelf (zl switch) or RPS for additional power
LLDP vs. LLDP-MED
- LLDP
- Network Management + Inventory data + IP/speed/duplex
- LLDP-MED
- Voice VLAN, QoS, Location services, advanced PoE. detailed inventory management:
- Class I IP communications controller
- Class II IP phones, end user IP communication
- Class III media streams, conference bridges
- Voice VLAN, QoS, Location services, advanced PoE. detailed inventory management:
Quality of Service
- Queues per port: 8
- Rate limits: ingress & egress
- GMB (guaranteed minimum bandwidth): egress only
- Classification
- CoS
- DSCP/IPP
- VLAN
- Interface
- L2 Protocol
- IP Address/port
- Marking
- 802.1p
- DSCP
Configurations
- CLI
- Menu Interface
- GUI (HTTP/HTTPS)
- PCM/PCM+
- User Level:
- Operator Level
- Manager Level
#password operator user-name operator plaintext password
#password manager user-name manager plaintext password
#include-credentials > to include security hashed texts in configuration views (Passwords/SSH key/RADIUS key, etc)
show front-panel-security > to check reset/clear button setting
Port Configurations
#speed-duplex 1000-full
Aggregated Port (Trunk)
#trunk 47-48 trunk1 trunk
#trunk 47-48 trunk1 lacp
#vlan 11 tagged trunk1
#interface 47 name ‘link to other switch’
show trunk
Once the trunk is configured ports will become "untagged vlan1"
Spanning Tree
#spanning tree
#spanning tree 1-3 admin-edge-port (default is auto-edge-port which will wait for 3 seconds to see if there’s any BPDU)
#no spanning tree 4 edge-port
#spanning tree protocol-version mstp
reload
#spanning tree config-name "name"
#spanning tree config-revision 1
#spanning tree instance 1 vlan 1,2
#spanning tree instance 2 vlan 3,4
show spanning tree mst-config
#spanning tree priority 0 (on root switch)
#spanning tree priority 1 (on secondary root switch)
#spanning tree instance 1 priority 0 (on root switch)
#spanning tree instance 2 priority 1 (on secondary root/instance)
PoE
show power-management
show power-management brief
#power threshold n (1-99) to alert if power usage raises
DHCP
#dhcp-snooping
#dhcp-snooping vlan 2
#dhcp-snooping trust a1 (trusted port)
#dhcp-snooping authorized-server 1.1.1.1 (DHCP server)
Traffic Mirroring
#interface a1 monitor all both mirror 1
#vlan 2 monitor ip access-group acl1 mirror 1
#mirror 1 port a2
show monitor
VLAN sample
vlan 11
name "VLAN11"
untagged a9-a12
ip helper-address 10.10.10.10
ip address 10.11.11.11 255.255.255.0
exit
IP Routing
#ip routing
#interface loopback 1 ip address 10.1.1.1
#ip route 10.0.0.0/24 10.1.1.254
router ospf
area backbone
vlan 2
ip address 10.1.1.1 255.255.255.0
ip ospf 10.1.1.1 passive
ip ospf 10.1.1.1 area backbone
ip ospf cost 10
Posted by tjb on December 8, 2009 at 12:18 pm
I’m curious as to why you make such a blanket statement about not recommending procurves over catalysts. Surely it’s a case by case decision?
Posted by Shafagh on December 8, 2009 at 4:08 pm
In my opinion ProCurve has a disparate/disjointed product line in comparison with Cisco. It’s not their mistake but it reveals when you compare them with Cisco System.
Too many end of sales products, no Cisco TAC-class support, no much training material/references available (it’s going to be improved) no application networking, limited security product line (announced partnership with fortinet last week)
Inconsistent feature delivery, lots of OEM and third parties in product line (more than other vendors) and more importantly ProCurve is less than 1% of HP’s revenues.
So if you have the budget why not Cisco, years of experience, market lead, great compatibility/integration and the best support (TAC) by the way, They look sexy when you mount them in the rack ;)
Posted by Irfan on January 25, 2010 at 11:18 pm
Great stuff Shafagh very well explained the diffrneces keep it up
Posted by Michael on February 12, 2010 at 5:37 pm
For your info: IPv6 RIPng and OSPFv3 is not available for HP Procurve, yet…