HP_(Hewlett-Packard)_Network_Hardware

Legal Notices

The information in this document is subject to change without notice.

Hewlett-Packard makes no warranty of any kind with regard to this manual, including, but not limited to, the implied warranties of merchantability and ???tness for a particular purpose. Hewlett-Packard shall not be held liable for errors contained herein or direct, indirect, special, incidental or consequential damages in connection with the furnishing, performance, or use of this material.

Warranty. A copy of the speci???c warranty terms applicable to your Hewlett- Packard product and replacement parts can be obtained from your local Sales and Service Of???ce.

Restricted Rights Legend. Use, duplication or disclosure by the U.S. Government is subject to restrictions as set forth in subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 for DOD agencies, and subparagraphs (c) (1) and

HEWLETT-PACKARD COMPANY

3000 Hanover Street

Palo Alto, California 94304

U.S.A.

Use of this manual and ???exible disk(s) or tape cartridge(s) supplied for this pack is restricted to this product only. Additional copies of the programs may be made for security and back-up purposes only. Resale of the programs in their present form or with alterations, is expressly prohibited.

Copyright Notices. ??copyright 2002 Hewlett-Packard Company, all rights reserved. ProCurve is a registered trademark of Hewlett-Packard Company. DecNet is a trademark of Compaq Corporation. AppleTalk is a trademark of Apple Computer Inc. Extreme and Summit are trademarks of Extreme Networks Inc. Cisco and Catalyst are trademarks of Cisco Systems Inc.

Reproduction, adaptation, or translation of this document without prior written permission is prohibited, except as allowed under the copyright laws.

What are HP-UX VLANs?

A Virtual LAN (VLAN) is a logical or virtual network segment that can span multiple physical network segments. Using VLANs, you can group switched-network end-stations by:

???department, such as engineering and manufacturing,

???type of user, such as power users or those with special needs,

???application, or

???project

instead of physical location (Figure 1-1).

LAN 2

Physical View

Manufacturing VLAN

Logical View

VLANs isolate broadcast and multicast traf???c by determining which destinations should receive that traf???c, thereby making better use of switch and end-station resources. With VLANs, broadcasts and multicasts go only to the intended nodes in the virtual LAN.

What are HP-UX VLANs?

HP-UX VLAN Features

Following are some of the features of HP-UX VLANs:

???HP-UX VLANs are implemented with host-based IEEE 802.1Q/p compliant tagging to allow con???guring multiple VLANs on a given Ethernet LAN card based on their IP-subnet, protocol, or LAN card port.

???HP VLANs are for use over fast Ethernet or gigabit Ethernet LAN cards running on HP-UX 11i (11.11) PA-RISC-based servers and workstations. HP-UX supports up to 1024 VLANS per LAN card port.

???HP-UX VLANs do not require you to rewrite applications, install new hardware, or recable. They are also compatible with HP MC/ServiceGuard as well as HP???s online addition and replacement (OLAR) capabilities.

What are HP-UX VLANs?

Bene???ts of HP-UX VLANs

The advantages of HP-UX VLANs are:

???Physically dispersed workgroups can be logically connected within the same broadcast domain to appear as if they are on the same physical LAN.

???A single physical link can simultaneously serve several IP subnets when subnet-based VLANs are con???gured on that link.

???Switches no longer need to classify and tag traf???c. They focus on forwarding packets.

???Workgroups requiring increased security can be logically connected within the same broadcast domain. Broadcast traf???c will be isolated within the secure group.

???End stations using VLANs can offer rudimentary class of service (CoS) locally by prioritizing traf???c for certain activities.

???HP-UX VLANs can be created, modi???ed, and deleted without rebooting.

???HP-UX VLANs are interoperable with non-VLAN aware devices, that is, devices such as servers or bridges that do not transmit or receive tagged packets.

What are HP-UX VLANs?

Types of VLANs Supported by HP-UX

The types of HP-UX VLANs that you can create are as follows:

???NIC-Port Based--A group of physical LAN card ports belong to the same layer-2 broadcast domain. Each LAN card port transmits and receives frames belonging to the VLAN associated with that port.

Members of the same port-based VLAN all have the same VLAN ID. A VLAN ID uniquely identi???es the VLAN to which a frame belongs.

???Protocol Based--Common protocols such as IP, IPX, AppleTalk, Decnet, and NetBIOS are grouped into layer-2 broadcast domains.

???IP Subnet Based--Each IP subnet has its own unique VLAN. Traf???c from different subnets is logically separated from each other as if each subnet were on a different LAN segment.

Please refer to ???Planning HP-UX VLANs??? in this document for more information on setting up the different types of VLANs described.

HP-UX VLANs conform to IEEE speci???cations 802.1Q (for VLAN tagging) and IEEE 802.1p (MAC-level frame prioritizing) to provide end-to-end class of service (CoS).

What are HP-UX VLANs?

HP-UX VLAN Tagging

Network switches and end stations that know about VLANs are said to be VLAN-aware. Network switches and end stations that can interpret VLAN tags are said to be VLAN-tag-aware. HP-UX VLAN-tag-aware end stations add VLAN tags to standard Ethernet frames--a process called explicit tagging. A VLAN tag (Figure 1-2) identi???es which VLAN a data frame belongs to and enables traf???c from more than one VLAN to use the same switch or LAN card port (Figure 1-3).

When a VLAN-aware switch receives data from an end-station, the switch determines where the data is to go and whether the VLAN ID should be retained. If the data is to go to a device that can recognize the VLAN tag, the VLAN tag is retained. If the data is to go to a device that has no knowledge of VLANs (VLAN-unaware), the switch sends the data without the VLAN tag.

VLAN ID 12 bits

You must con???gure VLAN tagging on switch ports that interface to end-stations that have tagged VLANs. If a switch or end-station port is member of only a single, port-based VLAN, tagging is not required.

To transmit tagged frames, you must con???gure a VLAN on the end-station with a VLAN ID that matches the VLAN ID of a tagged VLAN on the switch port and the VLAN ID of a VLAN at the remote end-station. Refer to the next 3 chapters in this guide for complete details on con???guring VLANs on your HP-UX end stations.

What are HP-UX VLANs?

System and Software Requirements

Following are the hardware and software requirements for VLANs as of March 2002:

???Type of HP System Required

???HP-UX Precision Architecture (PA-RISC).

???OS Required

???HP-UX 11i (11.11). New HP servers and workstations shipped after March 2002 already have VLAN technology pre-installed in the operating environment. For computers shipped before March 2002, check the product Information Sheet to see if the VLAN product can be loaded by way of required patches.

???VLANs work over all HP HSC and PCI 100Base LAN cards and all HP HSC and PCI 1000Base LAN cards.

Patches Required for the March 2002 HP-UX 11i-based Version

The following patches are required in order to use the HP-UX VLAN software on HP-UX 11i-based systems.

These patch numbers are current at the time of publication and may be superseded. Check to see if these patches are superseded, and download patches at the following URL: http://us-support.external.hp.com/

What are HP-UX VLANs?

Supported Switches

HP-UX VLANs are supported with switches that implement IEEE 802.1Q-compliant VLAN tagging. The switches must implement at least port-based VLANs and must be VLAN-tag aware. The following switches are among those that support HP-UX VLANs:

???HP ProCurve 9304M

???HP ProCurve 4000M/8000M

???Extreme Summit 7i

???Cisco Catalyst 6509

What are HP-UX VLANs?

Unsupported Functionality

HP-UX VLANs do not support the following functionality:

???GARP VLAN registration protocol (GVRP) is currently not supported. HP-UX VLANs will not send GVRP messages or interpret them.

???HP-UX VLANs do not operate on:

???Any Itanium-based servers whether the LAN card is factory installed or customer installed.

???HP-UX 11.20, 11.0, and 10.20.

???FDDI, Token Ring, ATM, 100VG, EISA, and HP-PB LAN cards.

Overview of Installation and Con???guration

Planning HP-UX VLANs

The following requirements must be satis???ed before setting up VLANs in an HP-UX network:

???In order for both end stations of a VLAN to communicate, both the end-station LAN cards and the switch ports that are connected to those LAN cards on a point-to-point link need to be VLAN-tag-aware.

???For VLANs to communicate with each other, an external VLAN-aware switch or router is required (Figure 2-1). However, it is not possible to extend a single vlan across a router.

???If a hub is connected to a network of VLANs, every port on the hub must belong to the same VLAN. Hubs do not have the ability to provide VLANs to individual ports.

VLAN awareness does not provide any bene???t in a shared LAN environment (using hubs or repeaters). In these shared LAN environments, all stations see all traf???c whether it is VLAN tagged or not.

LAN Card with Two

Port-Based

VLANs Con???gured

Port A2

Red VLAN

Green VLAN

Port A4

Overview of Installation and Con???guration

How to Con???gure VLANs on the Switch

IEEE 802.1Q compliant devices and legacy/untagged VLANs can coexist on the same networks, but legacy/untagged VLANS require a separate link, whereas the 802.1Q tagged VLANs can combine several VLANs into one link. On 802.1Q-compliant devices, separate ports (con???gured as untagged) must be used to connect separate VLANs to non-802.1Q devices.

When you assign a switch port to a given VLAN, you must implement the VLAN tag if the switch port will carry traf???c for more than one VLAN. Otherwise, the port VLAN assignment can remain untagged because the tag is not needed. On a given switch, use the untagged designation for a port VLAN assignment where the port is connected to a non-802.1Q-compliant device or is assigned to only one VLAN as in VLAN 1 in Figure 2-2. Use the tagged designation when more than one VLAN is assigned to the port, or the port is connected to a device that does comply with the 802.1Q standard as in VLANs 2 through 4 in Figure 2-2. These simple rules are summarized in Table 2-1.

CAUTION

Overview of Installation and Con???guration

How to Con???gure VLANs on HP-UX

Choose Con???guration Method: Use SAM; Edit vlanconf; Use lanadmin

There are three ways to con???gure VLANs: the ???rst two methods preserve con???guration changes across reboots; the third applies changes immediately but doesn???t preserve con???guration changes across reboots:

To permanently save your con???gurations, you can either:

???Use the GUI-based system admin manager (SAM). To use SAM, refer to the instructions in ???Con???guring VLANs Using SAM??? in this document for details, and then do the steps for verifying VLANs. Using SAM reduces risk of errors and saves your data permanently.

If you use, SAM, con???guration doesn???t require a reboot to take effect.

???Edit the /etc/rc.con???g.d/vlanconf con???guration ???le using an editor such as ???vi.??? Changes will not take effect until the next reboot. Refer to ???Con???guring VLANs by Editing the vlanconf File??? in this document for instructions on editing the con???guration ???le for VLANs.

To temporarily con???gure VLANs on a live system, you can:

???Use the lanadmin command from the HP-UX command line.

If you use the lanadmin command to administer VLANs, those changes are not preserved across reboots. See ???Using the lanadmin Command for Administering VLANs??? for details on the lanadmin command.

Overview of Installation and Con???guration

Con???guration Process

Following are the steps to con???gure HP-UX VLANs. These steps are for de???ning VLAN membership, assigning names, VLAN IDs, and port assignments. This procedure assumes that the switches can add VLAN tags:

1.Determine the network topology affected. Either draw the affected network topology or list it. Include all affected end stations--workstations and servers.

2.De???ne the VLANs. Decide, according to your requirements, which systems belong to which logical groups.

3.Assign VLAN IDs to each VLAN. Ensure that the assignments are consistent across endstations and switches; otherwise, stations will not communicate with each other. A VLAN ID can be any number between 0 and 4094 that is used only once within that port.

4.Determine which LAN card ports need tagged VLANs and which do not. Typically, you may need to put a server LAN card port in several VLANs while a desktop LAN card port can belong to just one VLAN.

5.Assign VLAN IDs to each LAN card port on end stations and switches. Mark VLANs on the switches as tagged or untagged according to the LAN card port to which they are connected.

6.On HP-UX servers that must belong to several VLANs, create VLANs on the corresponding LAN card ports.

Overview of Installation and Con???guration

Properties of a VLAN

When a VLAN is created on a given LAN card port, (see ???Creating a VLAN???), the system generates a virtual PPA or VPPA which can be used to send and receive 802.1Q tagged frames on that LAN card. Each HP-UX VLAN has a Virtual PPA associated with it. A VPPA has essentially the same properties as a physical point of attachment (PPA) on a LAN card. The differences are:

1.A VPPA is associated with a VLAN, the properties of which are determined by the create (or modify) command. The PPA of a physical interface doesn???t have a VLAN associated with it.

2.A VLAN doesn???t have a unique hardware instance. VPPA values are assigned such that they don???t overlap with hardware instance numbers of physical interfaces on the system.

Note: the PPA assigned to a LAN card port is the same as its hardware instance number.

3.A VLAN shares all the link properties of the physical interface on which it is con???gured. Any changes to the underlying physical interface will be propagated to all its VPPAs.

In the sample lanscan output in the section ???Displaying a VLAN and its Properties,??? lan5000 shares all the properties (such as speed, duplexity, MTU, MAC address) of the physical port with which it is associated, lan0.

4.All frames transmitted via a VPPA are VLAN tagged. Frames transmitted via a physical PPA are sent untagged.

5.lanadmin non-interactive mode options to set the value of MTU (-M), speed (-S or -X), station address (-A) and reset the MTU (-R) and interactive mode options ???reset??? and ???special??? are not supported for VPPAs.

6.lanadmin interactive mode displays and clears driver statistics for VPPAs.

Overview of Installation and Con???guration

Special Case of VLAN ID 0--Priority Tagged Frames

Special Case of VLAN ID 0--Priority Tagged

Frames

VLAN ID 0 means that the frame doesn???t belong to any VLAN but has 802.1p priority information. Ensure that any switches used with HP-UX VLANs support VLAN ID 0.

Promiscuous Mode Characteristics

Only one stream can be running in un???ltered promiscuous mode per physical interface plus all its VLAN interfaces put together.

The promiscuous stream will be able to see all frames transmitted or received on the physical LAN card port--all tagged and untagged.

Overview of Installation and Con???guration

How is 802.1p Priority Set?

IP packets are classi???ed and marked into different priority levels and the markings are transported through a type of service (ToS) octet in the IPv4 header and a traf???c class ???eld in the IPv6 header.

HP-UX end stations transmit IPv4 type-of-service (ToS) values but do not enforce priority. The end stations perform ToS-to-802.1p conversion and vice-versa for IP packets depending on how the VLAN overrides are set. They also allow 802.1p priority setting for non-IP packets.

Priority may be set by user, destination address, input port, output port, access priority, or by VLAN. User priority is a 3-bit ???eld which allows priority information to be encoded in the frame. The eight levels of IEEE 802.1p recommended user priorities are shown in Table 2-3.

Overview of Installation and Con???guration

How do Pri and ToS Override Affect My Inbound and Outbound frames?

Consider the following command.

lanadmin -V create vlanid VID pri PRI tos TOS pri_override PO tos_override TO 6

This command will create a VLAN interface on PPA 6, with VID as the VLAN ID, PRI as the 802.1p priority, TOS as the IPv4 ToS value.

???All frames transmitted via the newly created interface will be VLAN tagged.

???The VLAN ID ???eld in the tag will be VID without exception.

???Please note that non-IP packets are not affected by PO, TO, and TOS settings. Outbound non-IP packets are always tagged with VLAN ID VID and 802.1p priority PRI.

The following information applies only to inbound and outbound IP traf???c.

???The 802.1p priority value in the VLAN tag is determined by the PRI, PO, and TOS settings as shown in Table 2-4.

???The ToS value of an inbound IP packet header is determined by TOS, TO, and PRI settings as shown in Table 2-5.

Overview of Installation and Con???guration

Setting 802.1p Priority, ToS, and Overrides

802.1p priority is the priority in the tag in the frame header. Switches can use the 802.1p priority.

ToS is the IP precedence in the IP header. Switches ignore ToS. Routers may use it.

The Priority Override Levels for Outbound Traf???c are as follows:

The ToS Override Levels for Inbound Traf???c are as follows:

Where to Get More Information

For information on using the lanadmin command to temporarily modify HP-UX VLANs (between reboots), type:

man vlan.

Con???guring VLANs Using SAM

You can use SAM to con???gure VLANs by completing the following steps:

1.Log in as root.

2.Check the HP-UX version by typing: uname -a. The version should be HP-UX 11i (11.11)

3.At the HP-UX prompt, type: sam

4.At the SAM main window, double click:

Networking and Communications

5.There are then 2 ways to access VLAN con???guration. Either choose the icon Virtual LAN, or choose Network Interface Cards and then show the VLANs by using the List Pulldown.

SAM displays a list of VLAN-aware physical interfaces and all VLANs created on them (Figure 3-1).

Figure 3-1 List Pulldown with Virtual LANs Displayed

Con???guring VLANs Using SAM

6.On the Virtual LAN screen, available VLAN-aware cards are displayed. When you select a LAN card and then use the Create VLAN pulldown (Figure 3-2), the Create VLAN screen appears (Figure 3-3). For the VLAN ID, enter any number between 0 and 4094 and use it only once within that port.

Figure 3-2 Action Pulldown for Creating Virtual LANs

On this screen, you can optionally add a VLAN Name (31 chars, and unique within a LAN card), priority, ToS, and overrides. See the chapter ???Overview of Installation and Con???guration:??? or the online help for details.

Con???guring VLANs by Editing vlanconf File

Modifying Parameters in vlanconf File

Following is the format of the /etc/rc.con???g.d/vlanconf ???le. To permanently save changes to this ???le, either use SAM or use a text editor such as ???vi.??? If you use the lanadmin command line interface to make changes to VLANs, your con???guration will not be preserved after reboots unless you modify the vlanconf ???le manually.

#vlanconf: configuration values to create VLAN Virtual

#Interface. This file will maintain the VLAN

#information across reboot, and will be modified

#by SAM. You can also edit this file.

# VLAN_PHY_INTERFACE : Physical interface name, see

Con???guring VLANs by Editing vlanconf File

Modifying Parameters in vlanconf File

#VLAN_ID[1]=

#VLAN_PRIORITY[1]=

#VLAN_TOS[1]=

#VLAN_PRI_OVERRIDE[1]=

#VLAN_TOS_OVERRIDE[1]=

#VLAN_NAME[1]=??????

#VLAN_VPPA[1]=

Example:

Following is an example where the physical interface lan0 has been assigned a VLAN ID of 1, default values for VLAN priority, VLAN ToS, VLAN priority override, VLAN ToS override, the name ???Red,??? and a VLAN PPA of 5000.

VLAN_PHY_INTERFACE[0]=lan0

VLAN_ID[0]=1

VLAN_PRIORITY[0]=0

VLAN_TOS[0]=0

VLAN_PRI_OVERRIDE[0]=CONF_PRI

VLAN_TOS_OVERRIDE[0]=IP_HEADER

VLAN_NAME[0]=Red

VLAN_VPPA[0]=5000

Using lanadmin -V to Administer VLANs

Using the lanadmin -V Command for Administering VLANs

Using the lanadmin -V Command for

Administering VLANs

To con???gure VLANs, you use either the GUI-based system admin manager (SAM) or edit the con???guration ???le with an editor. VLAN con???guration doesn???t require a reboot to take effect. If you use SAM, your con???gurations will be preserved after reboots in a con???guration ???le called /etc/rc.con???g.d/vlanconf.

If you use the lanadmin command line interface, your con???guration will not be preserved after reboots unless you also save the con???guration in the vlanconf ???le by either using SAM or editing it. See ???Modifying Parameters in vlanconf File??? in this document for the format of the

/etc/rc.con???g.d/vlanconf ???le.

lanadmin Syntax

If you use the lanadmin command line interface to work with VLANs, you can display the general usage string by typing:

lanadmin -V help

General usage string:

lanadmin -V create vlanid <vlanid> (range 0-4094) [pri <priority> (range 0 - 7, default 0)] [tos <ToS value> (range 0-255, default 0)] [vppa <vppa>]

[name <name> (31 characters alphanumeric string)]

[tos_override <level>(IP_HEADER, ETHER_HEADER, CONF_TOS or CONF_PRI,

default IP_HEADER)]

[pri_override <level>(CONF_PRI,IP_HEADER or CONF_TOS, default CONF_PRI)] <ppa>

-V delete <vppa>

-V modify [vlanid <vlanid> (range 0-4094)] [pri <priority> (range 0 - 7)]

[tos <ToS value> (range 0-255)]

[name <name> (31 characters alpha numeric string]

[tos_override <level>(IP_HEADER, ETHER_HEADER,

Using lanadmin -V to Administer VLANs

Using the lanadmin -V Command for Administering VLANs

CONF_TOS or CONF_PRI)

[pri_override <level>(CONF_PRI,IP_HEADER or CONF_TOS)] <vppa>

-V scan

-V info <vppa> -V basevppa -V help

Using lanadmin to Create a VLAN

Assume that the system has the following con???guration as shown by the lanscan command output.

lanscan

MAC HP-DLPI DLPI

Type Support Mjr#

ETHER Yes 119

To con???gure a VPPA with VLAN ID 454 and a priority of 6 on ???lan0???, execute the following command.

lanadmin -V create vlanid 454 pri 6 0

Successfully configured

lan5000: vlanid 454 name UNNAMED pri 6 tos 0 tos_override IP_HEADER pri_override

CONF_PRI ppa 0

This command created a VLAN ???lan5000??? on top of the physical interface lan0. The PPA associated with this VLAN, 5000, is referred to as a VPPA, short for Virtual PPA. Note: the parameters that were not speci???ed in the command have been assigned default values.

Displaying a VLAN and its Properties

You can use the default lanscan command to view all the interfaces as follows.

lanscan

Using lanadmin -V to Administer VLANs

Using the lanadmin -V Command for Administering VLANs

The VLAN (lan5000) appears in lanscan output just like a physical interface. VPPAs are identi???ed by the string ???VLANx??? in the hardware path, where x is a number and is unique per VPPA. In the lanscan output, VPPAs of a given physical interface are displayed just after the corresponding physical interface.

The verbose option of the lanscan command displays more information about the VLAN.

lanscan -v

Driver Specific Information vlan

.......................................................................

Vlan ID Phy-PPA Priority ToS Priority-Override ToS-Override Name

454 0 6 0 CONF_PRI IP_HEADER UNNAMED

Using lanadmin to Set 802.1p Priority, ToS, and Overrides

The lanadmin -V create vlanid command has options to set the 802.1p priority, called pri, and/or the Type of Service (ToS) value, called tos. It also has pri_override and tos_override. For more details, refer to ???Setting 802.1p Priority, ToS, and Overrides??? in this document.

Using lanadmin to Query for VLANs on a System

The following command can be used to query for the list of VPPAs con???gured and their properties.

lanadmin -V scan

A sample output for the successful command is as follows:

Note: UNNAMED will be displayed as the VLAN name if there is no name associated with the VPPA.

Using lanadmin -V to Administer VLANs

Using the lanadmin -V Command for Administering VLANs

Querying for a Single VPPA on a System You can query the Virtual PPA using the following command:

lanadmin -V info <vppa>

The info command will return the output in the following format when successful.

Example: lanadmin -V info 5000

Querying for a Base VPPA Value You can determine the minimum acceptable value for a Virtual PPA using the following command:

lanadmin -V basevppa

Example: lanadmin -V basevppa

5000

Using lanadmin to Modify a VLAN

The properties of a VLAN can be modi???ed using lanadmin. For example, to change the VLAN ID to 53 and priority to 3, on lan5000, type:

Using lanadmin -V to Administer VLANs

Using the lanadmin -V Command for Administering VLANs

lanadmin -V modify vlanid 53 pri 3 5000

Successfully modified lan5000

Old value: vlanid 454 pri 6

New value: vlanid 53 pri 3

After the modi???cation, the lanscan -v output will display:

Driver Specific Information vlan

.......................................................................

Using lanadmin to Delete a VLAN

Before deleting a VLAN, ensure that there are no applications or upper layer protocols active on the VLAN by running:

lanadmin -p <VPPA>.

This command displays the applications and commands that are presently using the interface. For example, if the only thing done to lan5000 is con???gure an IP address, the lanadmin -p command output would look like:

lanadmin -p 5000

ifconfig ifconfig

Since ifconfig command is used to con???gure an IP address the same is displayed. There are two entries because when an IPv4 address is con???gured using ifconfig, it con???gures both IP and ARP on the interface.

To remove the IP and ARP streams, do:

ifconfig lan5000 unplumb.

The lanadmin -p 5000 output will not show any entries now, which means the interface can be deleted. To delete this VLAN use the delete option as follows:

Using lanadmin -V to Administer VLANs

Using the lanadmin -V Command for Administering VLANs

lanadmin -V delete 5000

The lanadmin -p <PPA>, command always displays the displays the applications and commands that use or are con???gured on the interface. Lets take another example. Before deleting, the interface lan5001, check if there are any applications running on it by typing:

lanadmin -p 5001

ifconfig ifconfig mib2agt scopeux

In addition to IP and ARP being con???gured on the interface, two applications, mib2agt and scopeux, are using the interface. These applications are started during system bootup via the startup scripts

/sbin/rc2.d/S565SnmpMib2 and /sbin/rc2.d/S810mwa respectively. To stop these utilities, run the stop sequence of the scripts. To delete the lan5001 interface, type the following commands:

ifconfig lan5001 unplumb /sbin/rc2.d/S565SnmpMib2 stop /sbin/rc2.d/S810mwa stop

Now, lanadmin -p 5001 will not display anything, and the interface can be deleted using lanadmin -V delete vppa.

Once the interface is deleted, you can restart the script by issuing the start sequence:

/sbin/rc2.d/S565SnmpMib2 start /sbin/rc2.d/S810mwa start

NOTE: The start and stop sequence of the startup scripts will affect all the interfaces on the system, and they must be restarted once the delete operation is completed.

The output from the commands just described may not look exactly the same on your system. The output can vary depending on the applications using the interfaces in your environment.

Troubleshooting

Flowchart 1: Link Level Tests

Flowchart 1a Procedures

???Execute linkloop to remote host. If linkloop is successful, continue to Network Test. Else if linkloop fails note which error was returned.

???If loopback failed error = ???Address has bad format??? or ???not an individual address??? then correct the link level address with the proper station address format/value and repeat the Link Level Test.

???Otherwise, loopback failed because the remote host did not respond. Double check the remote host address and VLAN ID, or choose another remote host and re-execute linkloop.

???Ensure VLAN IDs are the same by using lanadmin -V scan on both the source and destination.

???Ensure switches along the path are con???gured with the correct VLAN ID and marked ???tagged??? or ???untagged??? as appropriate.

???Ensure MTUs match as well.

???Ensure that link parameters for autonegotiation, ???ow control speed and duplexity are compatible.

???Ensure that the link is up. Refer to the documentation for each speci???c link for details.

If linkloop is successful, continue to Network Test. You may also want to contact the node manager of the remote that did not respond (if this was the case).

Troubleshooting

Flowchart 1: Link Level Tests

Flowchart 1b Procedures

???Execute lanscan command and verify your interface is displayed by the system.

???If it is displayed, run lanscan -v to ensure the VLAN ID is correct. If so, return to the network Test. If not, modify the VLAN to the correct one by running the command

lanadmin -V modify.

???If the interface is not displayed, run lanadmin -V create to create the VLAN.

???If the problem is ???xed, Stop. Else, check for any error messages.

???If there are error messages correct them according to the error message.

???If there are no error messages, return to the network Test.

Troubleshooting

Flowchart 2: Network Level Tests

Flowchart 2a Procedures

???Use ARP to verify that an entry exists for the remote host in your system's ARP cache by executing arp hostname

???If there is no ARP entry for the remote host, check to see if the remote host is up. If not, bring up remote host and continue to ping Test.

???If the ARP entry is incorrect or not complete, use ARP to enter the correct station address of the remote system and continue to ping Test. Otherwise, continue to ping Test.

Troubleshooting

Flowchart 2: Network Level Tests

Flowchart 2b (continued) Procedures

???If network unreachable error, go to the Con???guration Tests.

???If no response from ping, validate switches in path support VLANs and remote host supports them as well. Otherwise, recon???gure network path, or con???gure VLANs on remote host and/or switches then repeat ping Test. Return to linkloop test.

???If you receive an unknown hosts error, add the missing host name and repeat ping Test.

???If you receive ???error=SendTo: No route to host???, then using route add route table entry for the missing host and repeat ping Test. Otherwise, call HP.

Troubleshooting

NetTL Trace and Log of VLANs

The nettl tool can be used to troubleshoot VLANs. Following is a sample trace output from a Gigabit Ethernet card:

Tracing Output from a Gigabit Ethernet Card

^^^^^^^^^^^^^^^^^^^^^^Gigabit Ethernet LAN/9000 Networking^^^^^^^^^^^^^^^^^^

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

=================================== Ethernet====================================

================================ IP Header (inbound -- [ICS]) ================

.........

.......

1424: 90 91 92 93 94 95 96 97 98 99 -- -- -- -- -- -- ................

^^^^^^^^^^^^^^^^^^^^^^Gigabit Ethernet LAN/9000 Networking^^^^^^^^^^^^^^^^^^

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logging Example

If you try to create a VLAN with a VLANID that is already present on the physical PPA you get the following output in verbose formatting mode:

*********************************VLAN Subsystem*****************************

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

<2003> Create: User specified VLANID 53 is already in use by another VLAN. (Error) The VLANID specified is already in use by another

VLAN created on the same physical interface(PPA). Choose another VLANID or try creating the VLAN on another physical interface(PPA).

Glossary

802.1p: IEEE Standard supplement, now incorporated in IEEE 802.1D. De???nes 8 priority levels for traf???c classi???cation at the data link level and suggests how they might be used.

802.1Q: IEEE Standard that speci???es the architecture for VLAN tagging, association, and VLAN-capable bridges.

100Base-T: A 100 Mbit/s communication method speci???ed in the IEEE 802.3u-1995 standard. The of???cial name for Fast Ethernet.

Alias: Name of the interface that corresponds to a given Internet address on a system.

Canonical format indicator: The CFI bit indicates that all MAC addresses present in the MAC data ???eld are in canonical format.HP-UX always transmits a CFI of 0.

Card Instance Number: A number that uniquely identi???es a device within a class. A class of devices is a logical grouping of similar devices.

CoS: Class of Service. The ability to provide different levels of service to various traf???c ???ows. A ???ow may be determined explicitly via tags or implicitly from the frame contents (such as the IP address or ToS ???eld). Class of Service (CoS) network management is when similar types of traf???c (for example, voice, video, or data) are grouped together and assigned a priority. Unlike Quality of Service (QoS) traf???c management, CoS does not guarantee a level of service in terms of bandwidth and delivery time.

Destination Address: A ???eld in the message packet format identifying the end node(s) to which the packet is being sent.

Ethernet: A 10 Mbit/s LAN, developed by Digital Equipment Corporation, Intel, and Xerox Corporation, upon which the IEEE 802.3 network is based.

Fast Ethernet: A commonly used name applied to 100Base-T.

HSC: High speed connect bus.

Hardware Path: An identi???er assigned by the system according to the physical location (slot) of a card in the hardware backplane.

Hostname: Name of system on the network.

Hub: A network interconnection device that allows multiple devices to share a single logical link segment. Hubs are generally either 10 Mbit/s or 100 Mbit/s devices.

IEEE: The Institute of Electrical and Electronics Engineers. A national association, whose activities include publishing standards applicable to various electronic technologies. The IEEE technical committees are numbered and grouped by area. For example, the 800 committees study local area network technologies. The 802.3 committee produced the standard for a CSMA/CD local area network, which has been adopted by ANSI.

Internet Address: The network address of a computer node. This address identi???es both which network the host is on and which host it is. Refer to the Installing and Administering LAN/9000 Software manual for detailed information about network addressing.

Glossary

IP:

IP: Internet protocol.

IP Address: See Internet Address glossary entry.

LAN: See Local Area Network.

Local Area Network (LAN): A data communications system that allows a number of independent devices to communicate with each other.

Local Network: The network to which a node is directly attached.

Maximum Transmission Unit (MTU).

Largest amount of data that can be transmitted through that interface. This value does not include the LLC or MAC headers.

NetTL. HP???s tracing and logging facility for HP-UX networking.

Network Interface: A communication path through which messages can be sent and received. A hardware network interface has a hardware device associated with it, such as a LAN card. A software network interface does not include a hardware device, for example the loopback interface. For every IP address instance, there must be one network interface con???gured.

NIC: Network interface card.

PCI: Peripheral component interconnect.

PPA: Physical point of attachment. A PPA is the point at which a system is attached to a physical communications medium. All communication on that physical medium funnels through the PPA.

QoS: Quality of Service. The ability to provide guarantees for data transfer -- for example, latency, throughput, and discard priority.

SAM: System admin manager. GUI-based HP tool for system con???guration and management.

Shared media LAN: A local area network (LAN) that shares all its bandwidth among all stations.

Switch: A network interconnection device that allows multiple connected senders and receivers to communicate simultaneously in contrast to a hub (repeater) where only one device can send at a time. Some switches have ???xed port speeds (10 Mbit/s or 100 Mbit/s) while others allow port speeds to be con???gured or autonegotiated.

Tag aware: Devices such as switches, routers, and end-stations that can interpret VLAN tags. See also VLAN-aware.

TCP: Transmission control protocol.

Topology: The physical and logical geometry governing placement of nodes in a computer network. Also, the layout of the transmission medium for a network.

ToS: IPv4 Type of Service ???eld which indicates the desired service expected by an IP packet for delivery through routers across the IP internetwork. The size of this ???eld is 8 bits, which contain bits for precedence, delay, throughput, and reliability characteristics.

UTP (Unshielded Twisted Pair) Cabling: A data cable type consisting of pairs of wires twisted together without an electrically shielding jacket.

Glossary

VPPA:

Virtual PPA or VPPA: Virtual Interfaces which are dynamically created by you (using lanadmin or SAM). The interfaces are ???virtual??? because they do not have a unique hardware instance. A virtual PPA is the PPA associated with a VLAN.

VLAN: Virtual LAN.VLANs, are a mechanism to determine which end stations should receive broadcast traf???c, since it should not be sent arbitrarily to every connected user. Each packet transmitted by an end-station is assigned to a VLAN. An end-station only receives all the multicast and broadcast traf???c on the LANs to which it belongs, and an end-station receives unicast traf???c addressed to it on the VLAN to which it belongs.

VLAN-aware: Devices such as switches and end-stations that can recognize VLAN tags, but they do not actually interpret them. See also tag-aware.

VLAN ID: A VLAN ID uniquely identi???es the VLAN to which a frame belongs.

VLAN tag: A 4-byte extension to the MAC header consisting of a 2-byte VLAN protocol ID (0x8100) and 2-bytes of tag control information. VLAN tags enable traf???c from more than one VLAN to use the same port.

VPPA: see Virtual PPA.