• http://www.rossi-infotech.com
  • http://www.rossi-infotech.com
  • http://www.rossi-infotech.com
  • http://www.rossi-infotech.com
  • http://www.rossi-infotech.com
  • http://www.rossi-infotech.com
  • http://www.rossi-infotech.com
  • http://www.rossi-infotech.com
  • http://www.rossi-infotech.com
  • http://www.rossi-infotech.com
  • http://www.rossi-infotech.com
Home HowTo HP Procurve Switch Setup


phone  +41 079 487 03 51

fax +41 086 79 487 03 51

mail  7f9c9475b2fb7415fb106b244549df26

con_info 08.30-12.00 / 13.00-17.30


Per il scaricare software di gestione remota del vostro PC/Server, cliccate sull'icona, ed eseguite il programma.


HP Procurve Switch Setup PDF Stampa E-mail
Scritto da Marco Rossi   
Mercoledì 06 Maggio 2009 19:39
Using VLANs for Failover/Disaster Recovery

A recent project at work required me to implement a couple of switches with VLANs. I decided that I would be able to include a failover/disaster recovery setup with two VLANs and two switches. Just to refresh anyone about my project; it is a Microsoft Windows 2003 Server (R2) webfarm with Microsoft SQL Server 2005 back-end (click here). The switches I chose were HP procurve 2810-24G for the following reasons:

1. Procurve switches have a lifetime warranty.
2. Procurve switches are one of the top 3 in the switch manufacturer business.
3. The ease in which they can be setup.
4. My personal familiarity and experience working with Procurves.

Some background about these switches.

HP Procurve switches are data center class switches that have a choice of three different interfaces and two forms of accessing them. The three interfaces are; CLI (command line interface), web based and text based. I have never used the CLI but I would imagine that it is similar to Cisco's switch CLI. The text based interface is what I use. This interface can be extremely fast once you get used to navigating the menus. I am able to logon change a port to a different VLAN and logoff within about 10-15 seconds. The web GUI takes that long just to logon. I do like the web GUI to get a "feel" for the switch and the traffic patterns, but the full feature set when configuring these is not available. Creating VLANs for example cannot be done with the web based GUI. The text based or CLI are needed for such configurations. The two way of accessing these switches is either with the console port or by the IP address. The console port is the "first time" way to access the switch. It doesn't have an IP address with the factory default settings.

Initial switch setup
Once you have connected to the switch with the console cable you are presented with a CLI prompt. At this point type "setup" without quotes. This will bring up the Switch Setup menu. You have several options at this point. You can give the switch a name, set up SNMP, change the logon default (CLI or text) and give it an IP address among other options. I filled out all of the needed IP information and chose text for the logon default. I saved the settings then connected by IP address.

How I setup my switches
Once again to review. I am connecting to the switches by IP address through Ethernet and utilizing the text menu to configure them. My webfarm is similar to the majority of webfarms out there. There is a front-end network for handling the Internet traffic and a back-end network for intra-system communication. This is pretty standard stuff, I may write a post about it or you can email me and I can explain it to you (bradATitnetworkguruDOTcom). Back to how I setup my switches. I have two switches, one for each network. But since I only need to use about 8 ports, I setup half of the ports in one VLAN and the other half in another one (photo of my firewall and switch setup is here). The front-end switch currently has the webservers and the uplinks to the firewalls as the only ports used. So, with my two webservers and failover firewalls attached to the switch only 4 ports are used. The photo shows the other ports on the right being used also but this is for firewall external ports and are only used temporarily. The back-end switch (bottom one in the photo) has teamed NICs using LACP (802.3ad). This means that I am using two physical cables per logical network connection. This also means that I am using twice the amount of switch ports.

In order to configure the VLANs with the text menu do the following;

1. Logon to the switch with telnet in manager mode
2. press number 2 "Switch Configuration"
3. press number 7 "VLAN Menu..."
4. press number 1 "VLAN Names"
5. press "Add"

VLANs can be added at this point. The 802.1Q VLAN ID can be any unique number from 1 - 4096. The name can be anything you want also (up to 12 characters). I call it something descriptive like BackEnd for the back-end network.

6. press "save"

Repeat this procedure for adding as many VLANs as you need. We should now have at least 2 VLANs, one of the front-end traffic and one of the back-end traffic. None of our switch ports are in the new VLANs yet but I will go over this in a moment. But first let's create the switch trunks.

I would recommend at this point to create the trunks. We are creating the trunks for the teamed NICs in the back-end, one trunk per teamed NIC. After this step we can go back and add the necessary ports to the VLANs. If we add the ports now and then create the trunks we will have to go back and add the trunks. It seems like double the amount of work.

To create the trunks make sure you are still logged on in manager mode with telnet in text menu mode.

1. press number 2 "Switch Configuration"
2. press number 2 "Port/Trunk Settings"
3. scroll to Edit option with the arrow keys and press enter.
4. scroll to the ports that you are using for your teamed NICs. I always put these NICs in sequential order. So for example port 13 and 14 will be for Trk1
5. scroll over to "Group" and press the space bar to change the trunk number. If this is the first truck then I would recommend "Trk1"
6. scroll to the right to the "Type" column and press the space bar until you see "LACP".
7. scroll to the port of second NIC in the team and follow the same procedure as the first NIC
8. Repeat steps 5 -7 until you have all of the teamed NICs in separate trunks.
9. Once finished press enter and save.

We are now ready to add all of the ports necessary to the proper VLAN. Since I only have 2 VLANs and I want half of the ports in one and the other half in the other it is pretty simple. First we need to get back into the VLAN Menu. We do this by doing the same VLAN steps that we did to create the VLAN.

1. Logon to the switch with telnet in manager mode
2. press number 2 "Switch Configuration"
3. press number 7 "VLAN Menu..."
4. press number 3 "VLAN Port Assignment"
5. Scroll to Edit and press enter.
6. Scroll with the arrow keys to the first port that you want to change.

Each port that you want in a VLAN must be "untagged" only for that VLAN. You can't untag a port in two VLANs. As you look at the GUI, all of the ports should be untagged in the Default_VLAN and a "No" in the second VLAN column. You can use the Default_VLAN as one of your VLANs, as I did. Iif we are adding ports to the back-end VLAN then we need to highlight the port in the default_VLAN column and do the following;

REMEMBER: Changing the port that you are using to connect to the switch will disconnect you!

7. press the space bar twice until it says "No".
8. scroll to the right and press the space bar twice again until it says, "No".
9. repeat this procedure until all of the ports are untagged in the proper port.
10. press enter and scroll to Save and press enter.

That's it, once you are ready to log off press 0 twice to exit the menu and confirm the logoff.

How the Failover/Disaster Recovery Works
The reason for setting up the switches in the manner is for failover. As I mentioned earlier the HP switches have a lifetime warranty. But the problem is what do you do after the switch fails and you are waiting for a replacement. With this setup any of the switches can fail and my total downtime will be dependent on how long it take me to drive to the data center or for the data center staff to change over all of the ports. The is an acceptable risk considering that only one HP switch has ever failed on me in my career.