ProCurve / Cisco Interoperability Guide

Transcription

1 ProCurve Networking ProCurve / Cisco Interoperability Guide Introduction... 3 Discovery protocols: LLDP & CDP... 4 VLAN configuration... 7 Introduction... 7 VLAN configuration on Cisco Catalyst... 8 VLAN configuration on HP ProCurve...10 Checking VLANs status and connectivity...11 Additional info about VLANs...14 Link aggregation...19 Introduction...19 A Static Trunk/Channel...21 LACP Trunk/Channel...24 Spanning-Tree...29 Introduction...29 MSTP Configuration...31 Cisco as Core running PVST+, HP ProCurve as Edge running RSTP...41 HP ProCurve as Core running RSTP, Cisco as Edge running PVST IP routing Interoperability...55 Sample topology...55 RIP configuration...55 Other RIP features...58

2 OSPF Single Area...60 Redistribution into OSPF...64 Configuration of Multiple OSPF areas...70 Other OSPF features...77 IP Multicast interoperability...80 Introduction...80 PIM DENSE Mode...80 PIM SPARSE Mode...86

3 Introduction Today s multi-vendor environments present many challenges to administrators trying to configure dissimilar (proprietary vs. standard) protocols. In an effort to accommodate the needs for many of our partners and customers, ProCurve networking has written this guide to assist in the configuration and deployment of ProCurve and Cisco environments. The intent of this document isn t to describe why you should do these things, nor does it argue what the benefits are. It merely goes through how to accomplish the necessary configurations to get the Cisco and ProCurve switches configured so that they will work together. While the testing conducted was extensive, it is impossible that all possible configurations and scenarios were captured. This document therefore, can not be assumed to be perfect as it applies to every environment. Please consider carefully the implications of some of these changes before instituting them. The recommendation is to test the new configurations in a controlled environment prior to rolling out changes that could impact your production environment. Additionally, saving current configuration files for switches is a good practice for backup. Thank you

4 Discovery protocols: LLDP & CDP ProCurve is committed to standards. And it is logically that the proprietary discovery protocol CDP (Cisco Discovery protocol) has been replaced by the IEEE 802.1AB standard LLDP (Link Layer Discovery protocol) when this one was released. If LLDP is enabled by default, CDP remains in Read-only mode (receive-only). Then ProCurve switches can discover LLDP neighbors as well as Cisco device neighbors. Note: Cisco does not support yet LLDP in its equipments. Cisco IP Phone could in a close future supports LLDP-MED (Media End-Point Discovery) which will then allow automatic discovery and configuration of IP Phones. Some IP Phone vendors such as Avaya and Mitel are already committed to LLDP-MED. The network scheme used here is the same as in the MSTP example. Gi1/1 e 1 Procurve-Edge-1 e 2 Gi1/1 Gi1/3 Gi1/2 Gi1/3 Gi1/2 Cisco-Core-1 Cisco-Core-2 e 1 e 2 Procurve-Edge-2 Discovery configuration We simply use the default configuration regarding Discovery protocols. On ProCurve switches: LLDP is enabled in send and receive mode. CDP is enabled in received mode. On Cisco: CDP is enabled by default.

5 Checking Discovery info on a ProCurve switch The following command lists CDP neighbors. As expected, it displays the two Catalyst ProCurve-Edge-1# show cdp neighbors CDP neighbors information Port Device ID Platform Capability Core-Cisco-1 Cisco IOS Software, C R S 2 Core-Cisco-2 Cisco IOS Software, C R S LLDP neighbors: the ProCurve switch displays the two Catalyst 6500 as well because the LLDP display includes the CDP neighbors. ProCurve-Edge-1# show lldp info remote-device LLDP Remote Devices Information LocalPort ChassisId PortId PortDescr SysName Core-Cisco-1 Gig... 2 Core-Cisco-2 Gig... We display the LLDP neighbors attached to given ports. It shows details about neighbors. ProCurve-Edge-1# show lldp info remote-device 1-2 LLDP Remote Device Information Detail Local Port : 1 ChassisType : local ChassisId : Core-Cisco-1 PortType : local PortId : GigabitEthernet0/1 SysName : System Descr : Cisco IOS Software, C6500 Software (C6500-IPSERVICESK9- M)... PortDescr : System Capabilities Supported : bridge, router System Capabilities Enabled : bridge, router Remote Management Address Type : ipv4 Address : Local Port : 2 ChassisType : local ChassisId : Core-Cisco-2 PortType : local PortId : GigabitEthernet0/1 SysName : System Descr : Cisco IOS Software, C6500 Software (C6500-IPSERVICESK9- M)... PortDescr : System Capabilities Supported : bridge, router System Capabilities Enabled : bridge, router

6 Remote Management Address Type : ipv4 Address : Checking Discovery info on a Cisco switch As ProCurve switches do not send anymore CDP frames, a Cisco switch will not recognize ProCurve neighbors. Let s hope for a Cisco commitment to the IEEE LLDP standard. Core-Cisco-1#show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone Device ID Local Intrfce Holdtme Capability Platform Port ID Core-Cisco-2 Gig 0/3 171 R S I WS-C Gig0/3

7 VLAN configuration 11- Introduction 12- VLAN Configuration on Cisco Catalyst 13- VLAN configuration on HP ProCurve 14- Checking VLANs status and connectivity 15- Additional info about VLANs a. Native VLAN b. Configuring a management VLAN other than VLAN 1 c. Changing maximum number of VLANs d. Configuring ports for IP Phones e. VTP GVRP f. Cisco Extended Range of VLANs Introduction Glossary This chapter deals with port based VLANs that Cisco and HP ProCurve both support. Different names are used to describe similar concepts on both platforms. Cisco HP ProCurve What is it? Trunk Tagged A port that carries multiple VLANs using the 802.1q tag, for example an uplink, an IP phone port. Access Untagged A port that belongs to a unique VLAN and is untagged Native VLAN - Defines the untagged VLAN of a 802.1q - tagged port. Defaults to VLAN 1 on HP and Cisco

8 Sample topology Edge/Access ports untagged in VLANs 10,20, 30 & 40 Vlan 40 Vlan 30 Vlan 20 Vlan /24 Vlan / / / /24 Cisco-1 Uplink 802.1q port tagged in VLANs 10,20, 30 & 40 and untagged in vlan 1 Procurve-1 Vlan 40 Vlan 30 Vlan 20 Vlan / /24 Vlan / / /24 VLAN configuration on Cisco Catalyst Step 1: VLAN Creation Conf t vlan 10, 20, 30, 40 Step 2: Assignment of Access ports to VLANs interface range FastEthernet1/0/10-19 switchport access vlan 10 switchport mode access interface range FastEthernet1/0/20-29 switchport access vlan 20 switchport mode access interface range FastEthernet1/0/30-39 switchport access vlan 30 switchport mode access interface range FastEthernet1/0/40-48 switchport access vlan 40 switchport mode access

9 Step 3: Creation of 802.1q links (Cisco Trunk ) interface FastEthernet1/0/1 The encapsulation method defines how multiple VLANs are carried on Cisco Ethernet links. Cisco supports a proprietary method, ISL, and the IEEE standard 802.1q (noted dot1q ). switchport trunk encapsulation dot1q By default, a Cisco trunk carries all VLANs. The allowed VLAN restricts transport of VLANs to the specified VLANs. switchport trunk allowed vlan 1,10,20,30,40 By default, a port is in access mode, i.e. it belongs to one VLAN only. switchport mode trunk Cisco also supports a proprietary negotiation protocol for the trunk named DTP (Dynamic Trunk Protocol). When defined in trunk mode the port generates DTP frames. The following command disables generation of DTP frames. This is the recommended configuration when connected to ProCurve switches. switchport nonegotiate Step 4: IP configuration If the switch is a layer 2 switch, a unique IP address is usually defined in one VLAN for management purpose only and a default gateway is configured for access from remote subnets. interface vlan1 ip address no shutdown ip default-gateway In this sample, for testing connectivity, one IP address has been defined in each VLAN. interface vlan10 ip address no shutdown interface vlan20 ip address no shutdown interface vlan30 ip address no shutdown interface vlan40 ip address no shutdown

10 VLAN configuration on HP ProCurve Step1: VLAN creation and port assignment VLAN creation Conf Ports 1 to 9 are assigned to VLAN 10 and removed from VLAN 1 (default VLAN). Port 45 (uplink) is tagged in VLAN 10 while remaining untagged member of VLAN 1. vlan 10 name Test10 untagged 1-9 tagged 45 Exit Ports 10 to 19 are assigned to VLAN 20. Port 45 (uplink) is tagged in VLAN 20. vlan 20 untagged tagged 45 vlan 30 untagged tagged 45 vlan 40 untagged tagged 45 Step2: IP address One or more IP address per VLAN can be configured. Usually on a L2 switch, one ip address in a VLAN and a default-gateway is defined. In this example, multiple IP addresses have been defined for testing connectivity. vlan 1 ip address vlan 10 ip address vlan 20 ip address vlan 30 ip address

11 vlan 40 ip address Checking VLANs status and connectivity Checking VLANs on Cisco Checking ports assignment to VLANs The following display shows the access ports and does not include the Cisco trunk (802.1q links) ports. Cisco-1#show vlan vlan Name Status Ports default active Fa1/0/2, Fa1/0/3, Fa1/0/4 Fa1/0/5, Fa1/0/6, Fa1/0/7 Fa1/0/8, Fa1/0/9, Fa1/0/19 Fa1/0/45, Fa1/0/46, Fa1/0/47 Fa1/0/48, Gi1/0/1, Gi1/0/2 Gi1/0/3, Gi1/0/4 10 vlan0010 active Fa1/0/10, Fa1/0/11, Fa1/0/12 Fa1/0/13, Fa1/0/14, Fa1/0/15 Fa1/0/16, Fa1/0/17, Fa1/0/18 20 vlan0020 active Fa1/0/20, Fa1/0/21, Fa1/0/22 Fa1/0/23, Fa1/0/24, Fa1/0/25 Fa1/0/26, Fa1/0/27, Fa1/0/28 Fa1/0/29 30 vlan0030 active Fa1/0/30, Fa1/0/31, Fa1/0/32 Fa1/0/33, Fa1/0/34, Fa1/0/35 Fa1/0/36, Fa1/0/37, Fa1/0/38 Fa1/0/39 40 vlan0040 active Fa1/0/40, Fa1/0/41, Fa1/0/42 Fa1/0/43, Fa1/0/ fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup (skip ) Checking a Cisco Trunk (802.1q) port status Note the operational mode, the encapsulation mode dot1q (802.1q), the Native VLAN (the untagged VLAN on the 802.1q link) and the allowed VLANs on port. Cisco-1#show int fa1/0/1 switchport Name: Fa1/0/1 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: Off Access Mode vlan: 1 (default) Trunking Native Mode vlan: 1 (default) Administrative Native vlan tagging: enabled

12 (skip) Trunking vlans Enabled: 1,10,20,30,40 Pruning vlans Enabled: Capture Mode Disabled Capture vlans Allowed: ALL (skip) Checking access port status Cisco-1#sh int fa1/0/10 switchport Name: Fa1/0/10 Switchport: Enabled Administrative Mode: static access Operational Mode: up Administrative Trunking Encapsulation: negotiate Negotiation of Trunking: Off Access Mode vlan: 10 (vlan0010) Trunking Native Mode vlan: 1 (default) Administrative Native vlan tagging: enabled (skip) Testing connectivity The connectivity is tested in the various VLANs defined on the 802.1q link Cisco-1#ping Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to , timeout is 2 seconds:!!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms Cisco-1#ping Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to , timeout is 2 seconds:!!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/9 ms Cisco-1#ping Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to , timeout is 2 seconds:!!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms Cisco-1#ping Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to , timeout is 2 seconds:!!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms Cisco-1#ping Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to , timeout is 2 seconds:!!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms

13 Checking VLANs on HP ProCurve The following is a list of defined VLANs. Procurve-1(config)# show vlan Status and Counters - vlan Information Maximum vlans to support : 8 Primary vlan : DEFAULT_vlan Management vlan : 802.1Q vlan ID Name Status Voice Jumbo DEFAULT_vlan Port-based No No 10 TEST10 Port-based No No 20 vlan20 Port-based No No 30 vlan30 Port-based No No 40 vlan40 Port-based No No *Note that the maximum number of VLANs can be increased. List of ports defined in a given VLAN Procurve-1(config)# show vlan 10 Status and Counters - vlan Information - Ports - vlan Q vlan ID : 10 Name : Test10 Status : Port-based Voice : No Jumbo : No Port Information Mode Unknown vlan Status Untagged Learn Down 2 Untagged Learn Down 3 Untagged Learn Down 4 Untagged Learn Down 5 Untagged Learn Down 6 Untagged Learn Down 7 Untagged Learn Down 8 Untagged Learn Down 9 Untagged Learn Down 45 Tagged Learn Up 46 Tagged Learn Down 47 Tagged Learn Down 48 Tagged Learn Down List of VLANs defined for a given port. Although it is not explicitly shown in this display, port 45 is tagged in VLAN 10, 20, 30 and 40 and untagged in 1.

14 Procurve-1(config)# show vlan port 45 Status and Counters - vlan Information - for ports Q vlan ID Name Status Voice Jumbo DEFAULT_vlan Port-based No No 10 TEST10 Port-based No No 20 vlan20 Port-based No No 30 vlan30 Port-based No No 40 vlan40 Port-based No No Port 10 as an access port is untagged and belongs to VLAN 20 only Procurve-1(config)# show vlan port 10 Status and Counters - vlan Information - for ports Q vlan ID Name Status Voice Jumbo vlan20 Port-based No No Checking IP interfaces Procurve-1(config)# sh ip Internet (IP) Service IP Routing : Disabled Default-gateway : Default TTL : 64 Arp Age : 20 vlan IP Config IP Address Subnet Mask Proxy ARP DEFAULT_vlan Manual No TEST10 Manual No vlan20 Manual No vlan30 Manual No vlan40 Manual No Additional info about VLANs The Native VLAN The concept of native VLAN on Cisco defines the untagged VLAN on a tagged link. It is VLAN 1 by default. It can be changed with the following commands: interface FastEthernet1/0/1 switchport trunk native vlan 99

15 Which native VLAN is defined on a port can be checked with: Show interface Fa1/0/1 switchport On HP ProCurve, when a port is tagged for any number of VLANs, it remains untagged in VLAN 1 by default. To make VLAN 99 the untagged (native) VLAN of a tagged port, enter the following commands: vlan 99 Untagged 45 Then check that Port 45 is untagged in VLAN 99 with: Show vlan 99 Usually the Native VLAN is used to manage switches. Tip : What is the benefit of configuring the Native Vlan with an IP address? A switch, with its default configuration, have all ports untagged. If connected to a tagged port, this switch will still be able to send and receive frames through the untagged (native) VLAN. It will then be able to receive an IP address automatically via DHCP. This IP address can be discovered by LLDP (show lldp info remote) or found at the DHCP server. The switch can then be managed and configured remotely via Telnet. Configuring a management VLAN other than VLAN 1 It is very common to use VLAN 1 as the management VLAN. But any created VLAN can be used to manage switches. As explained in the previous paragraph, it is common to use the Native/Untagged VLAN to be the management VLAN. Again this is not mandatory and one can choose the VLAN to be carried as tagged on uplinks. Choosing a VLAN other than VLAN 1 for management, we make a clear distinction between Default VLAN and Management VLAN. In the following example, VLAN 99 is used as the management VLAN and defined as untagged on 802.1q uplinks. ProCurve configuration of a management VLAN vlan 99 Untagged 45 Ip address /24 Ip default-gateway vlan 10 Tagged 45 vlan 20 Tagged 45

16 vlan 30 Tagged 45 vlan 40 Tagged 45 Exit Checking VLAN Procurve-1# show vlan 99 Status and Counters - vlan Information - Ports - vlan Q vlan ID : 99 Name : vlan99 Status : Port-based Voice : No Jumbo : No Port Information Mode Unknown vlan Status Untagged Learn Up Procurve-1# show vlan port 45 Status and Counters - vlan Information - for ports Q vlan ID Name Status Voice Jumbo TEST10 Port-based No No 20 vlan20 Port-based No No 30 vlan30 Port-based No No 40 vlan40 Port-based No No 99 vlan99 Port-based No No Configuration of a management VLAN on Cisco interface FastEthernet1/0/1 switchport trunk encapsulation dot1q switchport trunk native vlan 99 switchport trunk allowed vlan 1,10,20,30,40,99 switchport mode trunk int vlan 99 ip address no shutdown Checking VLAN Cisco-1#sh vlan 99 vlan Name Status Ports vlan0099 active Checking Cisco trunk port status

17 Cisco-1#sh int fa 1/0/1 switchport Name: Fa1/0/1 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: On Access Mode vlan: 1 (default) Trunking Native Mode vlan: 99 (vlan0099) Administrative Native vlan tagging: enabled Voice vlan: none (skip) Trunking vlans Enabled: 1,10,20,30,40,99 Pruning vlans Enabled: (skip) Checking connectivity Cisco-1#ping Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to , timeout is 2 seconds:!!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/9 ms Note that HP ProCurve also defines a security concept called Management VLAN. When enabled, it becomes the only VLAN through which the switch can be configured. It is disabled by default. (see Advanced Traffic Management Guide, Jan ) to configure. Changing the maximum number of VLANs on ProCurve On ProCurve, the maximum number of VLANs can be increased by entering: Conf Max-vlans 48 Write memory reload Configuration of ports for IP Phones To support both an IP Phone and a PC, a port is configured with one tagged VLAN (for example 200) to carry voice and one untagged VLAN (for example 10) to transport the data On ProCurve: vlan 10 name DATA10 Untagged B1-B12 vlan 200 name IPVOICE Tagged B1-B12

18 On Cisco: Interface range fa1/0/1-12 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,200 switchport mode trunk switchport trunk native vlan 10 switchport nonegotiate VTP GVRP Cisco supports the proprietary protocol VTP (VLAN Trunking Protocol) that allows propagation of created, deleted or modified VLANs through multiple Cisco switches. ProCurve switches do not support it. On the other hand, HP supports the IEEE GVRP standard (GARP VLAN Registration Protocol) which combines automatic creation of VLANs and automatic tagging of uplinks. GVRP is supported on some Cisco switches running the CatOS software and interacts properly with ProCurve switches. But it s that GVRP support as been removed in the IOS for Catalyst switches Cisco Extended Range of VLANs Previously to 802.1q mode, Cisco trunk ports supported the proprietary ISL mode to carry multiple VLANs on a port. The VLAN-id in ISL is based on 10 Bits and then supports VLANs ranging from 1 to With 802.1q support, VLAN Id is on 12 bits and Cisco has defined an extended range to support VLANs from 1024 to To create a VLAN in the extended range, vtp must be defined in transparent mode with the following global config mode command: Vtp mode transparent

19 Link aggregation 21- Introduction 22- Static Link Aggregation 23- LACP Link Aggregation HP Active and Cisco passive Cisco Active and HP passive HP static LACP and Cisco passive Introduction Glossary Cisco HP ProCurve What is it? Channel-group Trunk Description of an aggregated link Port-channel Trunk port The logical port representing an aggregated link Int channel 1 Int trk1 To enter the configuration mode of an aggregated link interface FEC is the Fast EtherChannel concept. It implements the Port Aggregation Protocol (PAgP) that allows two equipments to negotiate a link aggregation. FEC is supported on most of the Cisco switches and routers. It used to be supported in the oldest version of firmware of ProCurve. Note: In the most recent versions of Firmware, support for FEC has been removed. LACP is the Link Aggregation Control Protocol defined by the 802.3ad standard. Similarly to FEC, it provides a way for both parts to negotiate a port aggregation. With LACP, one or more additional links can operate as «standby» links that will activate only if another active link goes down Static and Dynamic trunks/channels A Static trunks becomes an active trunk unconditionally and independently of the configuration of the other side. A static trunk does not need any protocol to be created. Dynamic trunks will be created if both sides agree to it. To do so, they exchange messages, either PAgP or LACP, to negotiate their status. One side is said active (LACP) or desirable (PAgP), meaning that it initiates the

20 negotiation. The other side is said passive (LACP) or auto (PAgP) and forms a link aggregation automatically. Static and Dynamic On most HP ProCurve devices 1, static trunks can also be defined as LACP. In that case, they become active unconditionally AND generate LACP frames to allow the remote side to form a trunk automatically. When to use a static or a dynamic trunk/channel? Static trunks always work and can be used to create link aggregation with switches of many brands and with servers equipped with the right NIC and driver. Because of its simplicity, it is the preferred method. When one manages a large number of trunks and doesn t know in advance what will be connected to the ports of a switch, dynamic trunks can reduce the configuration burden. If the remote side supports LACP in passive mode (default on Cisco and HP), one side only has to be configured in active mode for the trunk to be formed automatically. What works together? When connecting a Cisco and a HP ProCurve switch, some options work together and some don t. This table summarizes what options can be combined with each other to create a trunk on both sides. HP / Cisco mode On (no protocol) FEC Desirable FEC Auto LACP Active Static (no protocol) Y N N N N Static FEC(*) Y Y Y N N Static LACP Y N N Y Y LACP Active N N N Y Y LACP Passive N N N Y N LACP Passive Legend N=No, one side at least will not create a trunk; Y=yes trunk is created on both sides, Y= yes and preferred setup. (*): requires older version of firmware of ProCurve switches Ports in the link aggregation group Ports in the channel or trunk group must share same characteristics: speed, duplex, vlan assignment. The media type, such as 1000BT or 1000SX, can be mixed on HP ProCurve. The same holds true for Cisco. 1 Refer to ProCurve switch owner s manual to determine if FEC is supported on a particular model.

21 Logical port defined by the Link aggregation On Cisco it is named port-channel and is configured as the Interface Portchannel x. On HP ProCurve it is name trunk port and is configured as the interface Trk# for a static trunk or interface Dyn# for a dynamic trunk. On HP ProCurve, when a trunk is formed, it is assigned to the default-vlan. A Static Trunk/Channel Sample Topology Cisco Channel Fa1/0/1-4 Trunk Procurve In this example, trunk/channel group is configured as a L2 port assigned to Vlan 10. Static Trunk on HP ProCurve Configuration conf trunk Trk1 Trunk Trk1 is a logical port and can be assigned to a Vlan as any other physical port. An IP address is assigned to Vlan 10 to test connectivity vlan 10 untagged Trk1 ip address

22 Checking trunk status To verify what ports are members of a trunk: ProCurve# show trunk Load Balancing Port Name Type Group Type /1000T Trk1 Trunk /1000T Trk1 Trunk /1000T Trk1 Trunk /1000T Trk1 Trunk What vlans does trunk Trk1 belongs to? ProCurve# show vlan port trk1 Status and Counters - VLAN Information - for ports Trk Q VLAN ID Name Status Voice Jumbo VLAN10 Port-based No No To check connectivity with neighbor: ProCurve# ping is alive, time = 1 ms Static port-channel on Cisco Configuration conf t interface range FastEthernet1/0/1 4 Interfaces are configured as L2 interface in Vlan 10 switchport mode access switchport access vlan 10 Interfaces are put in the same channel group. On mode means static. channel-group 1 mode? active Enable LACP unconditionally auto Enable PAgP only if a PAgP device is detected desirable Enable PAgP unconditionally on Enable Etherchannel only passive Enable LACP only if a LACP device is detected channel-group 1 mode on An IP address is assigned to Vlan 10 to test connectivity. interface Vlan 10 ip address no shutdown end

23 Checking Channel status Cisco1#show etherchannel 1 summary Flags: D - down P - in port-channel I - stand-alone s - suspended H - Hot-standby (LACP only) R - Layer3 S - Layer2 U - in use f - failed to allocate aggregator u - unsuitable for bundling w - waiting to be aggregated d - default port Number of channel-groups in use: 1 Number of aggregators: 1 Group Port-channel Protocol Ports Po1(RU) PAgP Fa1/0/1(P) Fa1/0/2(P) Fa1/0/3(P) Fa1/0/4(P) Cisco#show int etherchannel 1 detail ---- FastEthernet1/0/1: Port state = Up Mstr In-Bndl Channel group = 1 Mode = On/FEC Gcchange = - Port-channel = Po1 GC = - Pseudo port-channel = Po1 Port index = 0 Load = 0x00 Protocol = - Age of the port in the current state: 00d:00h:02m:11s (skip) Info is repeated for all ports that are members of the channel

24 LACP Trunk/Channel With LACP, one side must be active (send LACP frames) and the other passive. Dynamic channel/trunk: Cisco active HP passive Cisco LACP Active configuration Cisco switch is defined as the active side conf t int range fa1/0/1-4 channel-group 1 mode active Check channel status Cisco#sh int etherchannel ---- FastEthernet1/0/1: Port state = Up Mstr In-Bndl Channel group = 1 Mode = Active Gcchange = - Port-channel = Po1 GC = - Pseudo port-channel = Po1 Port index = 0 Load = 0x00 Protocol = LACP Flags: S - Device is sending Slow LACPDUs F - Device is sending fast LACPDUs. A - Device is in active mode. P - Device is in passive mode. Local information: LACP port Admin Oper Port Port Port Flags State Priority Key Key Number State Fa1/0/1 SA bndl x1 0x1 0x3 0x3D Partner's information: LACP port Oper Port Port Port Flags Priority Dev ID Age Key Number State Fa1/0/1 SP a50.0d80 8s 0x0 0x2D 0x3C Age of the port in the current state: 00d:00h:00m:06s (skip info..) Port-channel1:Port-channel1 (Primary aggregator) Age of the Port-channel = 00d:00h:06m:15s Logical slot/port = 10/1 Number of ports = 4 HotStandBy port = null Port state = Port-channel Ag-Inuse Protocol = LACP Ports in the Port-channel: Index Load Port EC state No of bits Fa1/0/1 Active Fa1/0/2 Active Fa1/0/3 Active Fa1/0/4 Active 0

25 Time since last port bundled: 00d:00h:00m:09s Fa1/0/4 Time since last port Un-bundled: 00d:00h:02m:54s Fa1/0/4 Test connectivity Cisco#ping Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to , timeout is 2 seconds:..!!! Success rate is 60 percent (3/5), round-trip min/avg/max = 1/1/1 ms Configuration of HP ProCurve LACP Trunk ( passive ) By default on ProCurve, ports are defined as LACP Passive. So no configuration is needed. Check trunk formation: ProCurve# show trunk Load Balancing Port Name Type Group Type /1000T Dyn1 LACP /1000T Dyn1 LACP /1000T Dyn1 LACP /1000T Dyn1 LACP Note: the trunk group defined on ProCurve is a Dynamic trunk Dyn1 and belongs to Vlan1. It cannot be assigned to any other vlans except via GVRP. To allocate trunk port to Vlans, one should prefer the static trunk, with or without LACP or FEC protocols. Dynamic LACP trunk/channel: HP Active - Cisco Passive Cisco switch is defined in LACP Passive mode Conf t interface range FastEthernet1/0/1-4 switchport mode access channel-group 1 mode passive HP ProCurve is the LACP Active side hostname "ProCurve" interface lacp Active The trunk group defined on ProCurve is a Dynamic trunk Dyn1 and belongs to Vlan1.

26 It cannot be assigned to any other vlans except via GVRP. To allocate trunk port to Vlans, one should prefer the static trunk, with or without LACP or FEC protocols. Static LACP trunk On a HP ProCurve switch, a trunk can be defined as static LACP. Trunk will form itself unconditionally and LACP frames will be sent. The remote side will form automatically if in LACP passive mode. Sample topology Cisco-2 Channel Fa1/0/1-6 Int Po 1 = /24 Trunk A1 - A6 Vlan 10 = /24 Procurve-2 In the following example, the trunk is defined with 6 Ports and as a Layer 3 trunk. HP Static LACP trunk configuration The following defines a trunk as static LACP. The trunk group trk1 is then assigned to Vlan 10 in which an IP address is defined. Conf t trunk a1-a6 trk1 lacp vlan 10 untagged trk1 ip address /24 ProCurve1# show trunk Load Balancing Port Name Type Group Type A1 100/1000T Trk1 LACP

27 A2 100/1000T Trk1 LACP A3 100/1000T Trk1 LACP A4 100/1000T Trk1 LACP A5 100/1000T Trk1 LACP A6 100/1000T Trk1 LACP ProCurve1# show lacp LACP PORT LACP TRUNK PORT LACP LACP NUMB ENABLED GROUP STATUS PARTNER STATUS A1 Active Trk1 Up Yes Success A2 Active Trk1 Up Yes Success A3 Active Trk1 Up Yes Success A4 Active Trk1 Up Yes Success A5 Active Trk1 Up Yes Success A6 Active Trk1 Up Yes Success ProCurve1# ping is alive, time = 1 ms Configuration of Cisco LACP passive channel The no switchport command is required to define a channel as L3 channel. Ports are defines in LACP passive mode conf t interface range FastEthernet1/0/1-6 no switchport channel-group 1 mode passive IP address is defined on the Port-Channel interface. interface Port-channel1 no switchport ip address end Check channel status Cisco1#sh etherchannel 1 summary Flags: D - down P - in port-channel I - stand-alone s - suspended H - Hot-standby (LACP only) R - Layer3 S - Layer2 U - in use f - failed to allocate aggregator u - unsuitable for bundling w - waiting to be aggregated d - default port Number of channel-groups in use: 1 Number of aggregators: 1 Group Port-channel Protocol Ports Po1(RU) LACP Fa1/0/1(P) Fa1/0/2(P) Fa1/0/3(P) Fa1/0/4(P) Fa1/0/5(P) Fa1/0/6(P)

28 Detailed display shows that a channel is created, LACP is the protocol in use, info about Local switch and partner. Cisco1#sh etherchannel 1 detail Group state = L3 Ports: 6 Maxports = 16 Port-channels: 1 Max Port-channels = 16 Protocol: LACP Ports in the group: Port: Fa1/0/ Port state = Up Mstr In-Bndl Channel group = 1 Mode = Passive Gcchange = - Port-channel = Po1 GC = - Pseudo port-channel = Po1 Port index = 0 Load = 0x00 Protocol = LACP Flags: S - Device is sending Slow LACPDUs LACPDUs. A - Device is in active mode. mode. F - Device is sending fast P - Device is in passive Local information: LACP port Admin Oper Port Port Port Flags State Priority Key Key Number State Fa1/0/1 SP bndl x1 0x1 0x3FB 0x3C Partner's information: LACP port Oper Port Port Port Flags Priority Dev ID Age Key Number State Fa1/0/1 SA 0 000e.7f s 0xD2 0x1 0x3D (skip info ) Port-channels in the group: Port-channel: Po1 (Primary Aggregator) Age of the Port-channel = 00d:07h:30m:17s Logical slot/port = 10/1 Number of ports = 6 HotStandBy port = null Passive port list = Fa1/0/1 Fa1/0/2 Fa1/0/3 Fa1/0/4 Fa1/0/5 Fa1/0/6 Port state = Port-channel L3-Ag Ag-Inuse Protocol = LACP Ports in the Port-channel: Index Load Port EC state No of bits Fa1/0/1 Passive Fa1/0/2 Passive Fa1/0/3 Passive Fa1/0/4 Passive Fa1/0/5 Passive Fa1/0/6 Passive 0 Time since last port bundled: 00d:00h:01m:12s Fa1/0/6 Time since last port Un-bundled: 00d:00h:01m:55s Fa1/0/6

29 Spanning-Tree 31- Introduction 32- MSTP 33- PVST and RSTP 321- Cisco as Core, ProCurve as Edge 322- ProCurve as Core, Cisco as Edge Introduction Glossary STP is Spanning-Tree Protocol The IEEE standard implementation of STP is 802.1D. RSTP is Rapid Spanning-Tree Protocol defined by the 802.1w IEEE standard. MSTP is Multiple Spanning-Tree Protocol defined by the 802.1s IEEE standard. PVST is Per VLAN Spanning-tree proprietary implementation of STP on Cisco equipment PVST+ is the implementation of PVST on 802.1q links. Spanning-Tree on HP ProCurve Switches 802.1D and 802.1w (RSTP) All HP ProCurve switches implement both of these STP standards. On HP ProCurve, Spanning-Tree has to be activated, the default mode is then Rapid STP. MSTP 802.1s It is supported on most manageable switches except 2500 and 4100 switches Please refer to switch documentation. Spanning-Tree on Cisco Switches PVST+ By default, Cisco switches run PVST+. PVST is the implementation of STP on ISL links (Cisco proprietary multi-vlan encapsulation) while PVST+ runs on 802.1q links. In PVST+, there is one instance of STP per VLAN and BPDUs use a proprietary Multicast Mac Address. They are not understood by HP ProCurve switches (except by ProCurve 9300M and 9400M) and are then flooded as a regular multicast. So, regarding PVST+ BPDUs, HP ProCurve switches appear as a hub. However, Native VLAN (untagged VLAN of a tagged link equal to VLAN 1 be default) is an exception. In Native VLAN, the Cisco switches send standard STP BPDUs, which are understood by HP ProCurve switches. This is how both platform interact.

30 Cisco has also introduced Rapid PVST+, a PVST+ implementation that integrates Rapid STP principles. Prestandard MSTP MSTP should not be confused with the prestandard version of MSTP. MSTP (802.1s) You must run the latest versions of IOS to get support of MSTP (check on Cisco web site). Caution Support for the IEEE 802.1s standard has been introduced around September 2005 by Cisco in the IOS. One should refer to Cisco web site for IOS support of compliant MSTP (*). Caution should be taken on not confusing the prestandard MST and the compliant IEEE 802.1s MST. If configuration of both modes looks exactly the same, the prestandard does NOT interoperate with the MSTP on ProCurve as this one complies with IEEE 802.1s standard. (*) Versions of IOS implementing the Compliant IEEE 802.1s starts with: 12.2(18) for Catalyst 6500, 12.2(25)SG for Catalyst 4500 and 12.2(25)SEC on Catalyst 35xx, 37xx, and What Spanning-Tree mode should you choose between Cisco and ProCurve Switches? MSTP is obviously the ideal choice because it is standard based and supported by both vendors, it converges quickly and allows load-balancing of traffic on uplinks with appropriate configuration. If not all your devices support MSTP yet, a progressive migration to MSTP can be put in place as it interoperates with Standard, Rapid Spanning Tree modes and with PVST via the Native Vlan. Note that all STP modes interoperate via the standard spanning-tree mode also named the Common Spanning-Tree (CST). So whatever is your choice, you should always carefully define the root and secondary root of the CST. On Cisco look after priority of STP in the Native Vlan (vlan 1 by default), on ProCurve look after the global priority of STP.

31 MSTP Configuration Gi1/1 e 1 Procurve-Edge-1 e 2 Gi1/1 Gi1/3 Gi1/2 Gi1/3 Gi1/2 Cisco-Core-1 Cisco-Core-2 e 1 e 2 Procurve-Edge-2 The parameters for the MSTP domain has been defined as followed: Configuration Name = procurve-cisco (case sensitive) Configuration Number = 1 Instance 1 = vlans 1, 10, 20 Instance 2 = vlans 30, 40 Configuration of Cisco-Core-1 hostname Core-Cisco-1 Following defines MST mode (802.1s) spanning-tree mode mst spanning-tree extend system-id All parameters of the MSTP configuration must match on all switches of the MSTP domain. spanning-tree mst configuration name procurve-cisco revision 1 instance 1 vlan 1, 10, 20 instance 2 vlan 30, 40 For load balancing of traffic among links, Cisco-core-1 is defined as Root of instance 0 and 1 (priority 0) and secondary root of instance 2 (priority 4096) spanning-tree mst 0-1 priority 0 spanning-tree mst 2 priority 4096 VLAN Creation

32 VLAN 1 exists by default vlan 10,20,30,40 Uplinks are defined as 802.1q links. They are named trunks in Cisco terminology and tagged links in ProCurve terminology. The nonegogiate feature means that we do no use the Dynamic Trunk Protocol to negotiate the status of the uplink. interface range GigabitEthernet0/1-3 switchport trunk encapsulation dot1q switchport mode trunk switchport nonegotiate Access ports (Cisco Terminology) or Edge ports (ProCurve terminology) are defined as untagged members of a Vlan. The portfast mode defines them as Edge port in Spanning tree terminology. Interface range GigabitEthernet0/4-10 switchport access vlan 10 switchport mode access spanning-tree portfast! interface range GigabitEthernet0/11-24 switchport access vlan 20 switchport mode access spanning-tree portfast IP configuration. ip routing The Virtual IP used as Default Gateway for the various VLANs are set using HSRP (Hot Standby Router Protocol), the Cisco proprietary protocol. As Cisco-Core-1 is the Root of MST instance 1, we also set it as Master of the Virtual IP of Vlans 1, 10 & 20. And as it is secondary root for MST instance 2, we define it as the Backup of Virtual IP in Vlans 30 & 40. interface Vlan1 ip address standby 1 ip standby 1 timers 1 3 standby 1 priority 255 standby 1 preempt! interface Vlan10 ip address standby 10 ip standby 10 timers 1 3 standby 10 priority 255 standby 10 preempt! interface Vlan20 ip address standby 20 ip standby 20 timers 1 3 standby 20 priority 255 standby 20 preempt! interface Vlan30 ip address standby 30 ip standby 30 timers 1 3! interface Vlan40

33 ip address standby 40 ip standby 40 timers 1 3! end Core-cisco-2 configuration hostname Core-Cisco-2! Global Configuration is similar to the configuration of Cisco-Core-1 spanning-tree mode mst spanning-tree extend system-id spanning-tree mst configuration name procurve-cisco revision 1 instance 1 vlan 1, 10, 20 instance 2 vlan 30, 40 For load balancing of traffic among uplinks, Cisco-core-2 is defined as Root of instance 2 (priority 0) and secondary root of instance 0 and 1 (priority 4096) spanning-tree mst 0-1 priority 4096 spanning-tree mst 2 priority 0! vlan 10,20,30,40! For load balancing of traffic among uplinks, Cisco-core-2 is defined as Root of instance 2 and secondary root of instances 0 and 1. interface range GigabitEthernet0/1-3 switchport trunk encapsulation dot1q switchport mode trunk switchport nonegotiate!! ip routing Because Cisco-Core-2 is set as the secondary Root of MST instance 1, we define it as HSRP backup of the Virtual IP of VLANs 1, 10 & 20. And because it is root of MST instance 2, we set it as the Master of Virtual IP in VLANs 30 & 40. interface Vlan1 ip address standby 1 ip standby 1 timers 1 3! interface Vlan10 ip address standby 10 ip standby 10 timers 1 3! interface Vlan20 ip address standby 20 ip standby 20 timers 1 3! interface Vlan30 ip address standby 30 ip standby 30 timers 1 3 standby 30 priority 255

34 standby 30 preempt! interface Vlan40 ip address standby 40 ip standby 40 timers 1 3 standby 40 priority 255 standby 40 preempt end ProCurve-Edge-1 Configuration ProCurve-Edge-1 is a 3500yl. hostname "ProCurve-Edge-1" VLAN configuration Uplinks ports are 1 and 2 vlan 1 name "DEFAULT_VLAN" untagged 1-24 ip address vlan 10 name "VLAN10" untagged tagged 1-2 no ip address vlan 20 name "VLAN20" untagged tagged 1-2 no ip address vlan 30 name "VLAN30" untagged tagged 1-2 no ip address vlan 40 name "VLAN40" untagged tagged 1-2 no ip address Let s enable Spanning-tree. It default on MSTP on the latest ProCurve switches: 3500yl, 5400zl and 4200vl spanning-tree Default port configuration in MSTP is non Edge and Point-to-Point. We define Edge ports as Edge. spanning-tree edge-port MSTP Configuration: Name, Revision and instances match the one of other switches in MSTP domain spanning-tree config-name "procurve-cisco" spanning-tree config-revision 1

35 spanning-tree instance 1 vlan spanning-tree instance 2 vlan ProCurve-Edge-2 Configuration Configuration is similar to the configuration of ProCurve-Edge-1. In our example ProCurve-Edge-2 is a Spanning-tree mode defaults to RSTP. And we have to turn it on MSTP mode that requires a reboot. hostname "ProCurve-Edge-2" max-vlans 16 vlan 1 name "DEFAULT_VLAN" untagged 1-9,18-24 ip address no untagged vlan 10 name "VLAN10" untagged tagged 1-2 vlan 20 name "VLAN20" untagged no ip address tagged 1-2 vlan 30 name "VLAN30" untagged no ip address tagged 1-2 vlan 40 name "VLAN40" untagged no ip address tagged 1-2 spanning-tree spanning-tree protocol-version MSTP spanning-tree edge-port spanning-tree config-name "procurve-cisco" spanning-tree config-revision 1 spanning-tree instance 1 vlan spanning-tree instance 2 vlan Checking configuration of MSTP In the following displays: note that the Mac Address of Cisco Core-1 is db or 00100d-b17100 Mac Address of Cisco Core-2 is db or 00100d-b31200

36 On Cisco-Core-1 The following command displays the parameters of MSTP configuration. Note that Cisco shows all the non assigned VLANs in Instance 0 (=IST Instance) where ProCurve shows the non assigned AND created Vlans only. Core-Cisco-1#show spanning-tree mst configuration Name [procurve-cisco] Revision 1 Instances configured 3 Instance Vlans mapped ,11-19,21-29,31-39, ,10, , Status of MSTP spanning tree in each instance. Cisco-Core-1 (0010.0db ) is root in instances 0 and 1. Cisco-Core-2 (0010.0db1.7100) is root in instance 2. Core-Cisco-1#show spanning-tree mst ##### MST0 vlans mapped: 2-9,11-19,21-29,31-39, Bridge address db priority 0 (0 sysid 0) Root this switch for the CIST Operational hello time 2, forward delay 15, max age 20, txholdcount 6 Configured hello time 2, forward delay 15, max age 20, max hops 20 Interface Role Sts Cost Prio.Nbr Type Gi1/1 Desg FWD P2p Gi1/2 Desg FWD P2p Gi1/3 Desg FWD P2p Gi1/45 Desg FWD Edge P2p ##### MST1 vlans mapped: 1,10,20 Bridge address db priority 1 (0 sysid 1) Root this switch for MST1 Interface Role Sts Cost Prio.Nbr Type Gi1/1 Desg FWD P2p Gi1/2 Desg FWD P2p Gi1/3 Desg FWD P2p Gi1/45 Desg FWD Edge P2p ##### MST2 vlans mapped: 30,40 Bridge address db priority 4098 (4096 sysid 2) Root address db priority 2 (0 sysid 2) port Gi1/3 cost rem hops19 Interface Role Sts Cost Prio.Nbr Type Gi1/1 Desg FWD P2p Gi1/2 Desg FWD P2p Gi1/3 Root FWD P2p On Cisco-Core-2 Parameters of MSTP configuration. Core-Cisco-2#show spanning-tree mst configuration Name [procurve-cisco] Revision 1 Instances configured 3

37 Instance Vlans mapped ,11-19,21-29,31-39, ,10, , Status of MSTP spanning tree in each instance. Cisco-Core-1 (0010.0db ) is root in instances 0 and 1. Cisco-Core-2 (0010.0db3.1200) is root in instance 2. Core-Cisco-2#show spanning-tree mst ##### MST0 vlans mapped: 2-9,11-19,21-29,31-39, Bridge address db priority 4096 (4096 sysid 0) Root address db priority 0 (0 sysid 0) port Gi1/3 path cost 0 Regional Root address db priority 0 (0 sysid 0) internal cost rem hops 19 Operational hello time 2, forward delay 15, max age 20, txholdcount 6 Configured hello time 2, forward delay 15, max age 20, max hops 20 Interface Role Sts Cost Prio.Nbr Type Gi1/1 Desg FWD P2p Gi1/2 Desg FWD P2p Gi1/3 Root FWD P2p ##### MST1 vlans mapped: 1,10,20 Bridge address db priority 4097 (4096 sysid 1) Root address db priority 1 (0 sysid 1) port Gi1/3 cost rem hops 19 Interface Role Sts Cost Prio.Nbr Type Gi1/1 Desg FWD P2p Gi1/2 Desg FWD P2p Gi1/3 Root FWD P2p ##### MST2 vlans mapped: 30,40 Bridge address db priority 2 (0 sysid 2) Root this switch for MST2 Interface Role Sts Cost Prio.Nbr Type Gi1/1 Desg FWD P2p Gi1/2 Desg FWD P2p Gi1/3 Desg FWD P2p On ProCurve-Edge-1 Parameters of MSTP configuration. Note that display shows IST instance without any Vlans. In fact the vlans, including those not yet created, that are not associated with an existing instance are mapped to the IST instance. ProCurve-Edge-1# show spanning-tree mst-config MST Configuration Identifier Information MST Configuration Name : procurve-cisco MST Configuration Revision : 1

38 MST Configuration Digest : 0x2DC307C6A31621DC E69C4E IST Mapped VLANs : Instance ID Mapped VLANs ,10, ,40 The following display shows ports configuration. Note that uplinks are set as Non edge and others are set as Edge. ProCurve-Edge-1# show spanning-tree 1-5 config Multiple Spanning Tree (MST) Configuration Information STP Enabled [No] : Yes Force Version [MSTP-operation] : MSTP-operation Default Path Costs [802.1t] : 802.1t MST Configuration Name : procurve-cisco MST Configuration Revision : 1 Switch Priority : Forward Delay [15] : 15 Hello Time [2] : 2 Max Age [20] : 20 Max Hops [20] : 20 Prio BPDU Port Type Cost rity Edge Pnt-to-Pnt MCheck Hello Time Filter /1000T Auto 128 No Force-True Yes Use Global No 2 100/1000T Auto 128 No Force-True Yes Use Global No 3 100/1000T Auto 128 No Force-True Yes Use Global No 4 100/1000T Auto 128 Yes Force-True Yes Use Global No 5 100/1000T Auto 128 Yes Force-True Yes Use Global No Status in IST Instance: Root port is 1 and alternate (blocked) is 2 ProCurve-Edge-1# show spanning-tree 1-2 instance ist IST Instance Information Instance ID : 0 Mapped VLANs : Switch Priority : Topology Change Count : 4 Time Since Last Change : 11 mins Regional Root MAC Address : 00100d-b17100 Regional Root Priority : 0 Regional Root Path Cost : Regional Root Port : 1 Remaining Hops : 19 Designated Port Type Cost Priority Role State Bridge /1000T Root Forwarding 00100d-b /1000T Alternate Blocking 00100d-b31200 Status in Instance 1: Root port is 1 and alternate (blocked) is 2 ProCurve-Edge-1# show spanning-tree 1-2 instance 1 MST Instance Information Instance ID : 1 Mapped VLANs : 1,10,20

39 Switch Priority : Topology Change Count : 2 Time Since Last Change : 13 mins Regional Root MAC Address : 00100d-b17100 Regional Root Priority : 0 Regional Root Path Cost : Regional Root Port : 1 Remaining Hops : 19 Designated Port Type Cost Priority Role State Bridge /1000T Root Forwarding 00100d-b /1000T Alternate Blocking 00100d-b31200 Status in Instance 2: Root port is 2 and alternate (blocked) is 1 ProCurve-Edge-1# show spanning-tree 1-2 instance 2 MST Instance Information Instance ID : 2 Mapped VLANs : 30,40 Switch Priority : Topology Change Count : 4 Time Since Last Change : 13 mins Regional Root MAC Address : 00100d-b31200 Regional Root Priority : 0 Regional Root Path Cost : Regional Root Port : 2 Remaining Hops : 19 Designated Port Type Cost Priority Role State Bridge /1000T Alternate Blocking 00100d-b /1000T Root Forwarding 00100d-b31200 ProCurve-Edge-1# show spanning-tree 1-2 Multiple Spanning Tree (MST) Information STP Enabled : Yes Force Version : MSTP-operation IST Mapped VLANs : Filtered Ports : Switch MAC Address : b487c0 Switch Priority : Max Age : 20 Max Hops : 20 Forward Delay : 15 Topology Change Count : 10 Time Since Last Change : 53 secs CST Root MAC Address : 00100d-b31200 CST Root Priority : 4096 CST Root Path Cost : 0 CST Root Port : 2 IST Regional Root MAC Address : 00100d-b31200 IST Regional Root Priority : 4096 IST Regional Root Path Cost : IST Remaining Hops : 19

40 Prio Designated Hello Port Type Cost rity State Bridge Time PtP Edge /1000T Blocking b487c0 2 Yes No 2 100/1000T Forwarding 00100d-b Yes No IP and HSRP Status Displays are shown to explain Core-Cisco-1#show ip int brief Interface IP-Address OK? Method Status Protocol Vlan YES manual up up Vlan YES manual up up Vlan YES manual up up Vlan YES manual up up Vlan YES manual up up Core-Cisco-1#sh standby brief P indicates configured to preempt. Interface Grp Prio P State Active Standby Virtual IP Vl P Active local Vl P Active local Vl P Active local Vl Standby local Vl Standby local Core-Cisco-2#show ip int brief Interface IP-Address OK? Method Status Protocol Vlan YES manual up up Vlan YES manual up up Vlan YES manual up up Vlan YES manual up up Vlan YES manual up up Core-Cisco-2#sh standby brief P indicates configured to preempt. Interface Grp Prio P State Active Standby Virtual IP Vl Standby local Vl Standby local Vl Standby local Vl P Active local Vl P Active local

41 Cisco as Core running PVST+, HP ProCurve as Edge running RSTP Procurve-Edge-1 Cisco-1 Cisco-2 Uplinks are tagged with VLANs 10,20, 30 & 40 Untagged in Vlan 1 (Native-Vlan) In this topology, uplinks are tagged with VLANs 10, 20, 30 and 40 and untagged for VLAN 1. On Cisco, it is named the Native VLAN. In PVST+ Cisco-1 is the primary Root for VLANs 1, 10 and 20 and Cisco-2 the secondary Root. Cisco-2 is the primary Root for VLANs 30 and 40 and Cisco-1 the secondary Root. ProCurve-Edge-1 is an access switch. Cisco-1 PVST+ Configuration Following define PVST+ Spanning-Tree mode, allows PVST+ to run for VLANs above 1023 an up to Conf t hostname Cisco-1 Spanning-Tree mode pvst Spanning-Tree extend system-id Cisco-1 is the primary Root for VLAN 1, 10, 20 and the secondary Root for VLAN 30,40 Spanning-Tree vlan 1,10,20 priority 0 Spanning-Tree vlan 30,40 priority 4096 Although it is not mandatory, the STP timers have been lowered to speed convergence time. One should pay attention in using those values as it may create instability if not applied properly. The following values are acceptable in a network with a diameter of 3, which means that BPDUs will not cross more than 3 switches before returning to originator Root switch.

42 Spanning-Tree vlan 1,10,20,30,40 hello-time 1 Spanning-Tree vlan 1,10,20,30,40 forward-time 4 Spanning-Tree vlan 1,10,20,30,40 max-age 6! Access ports are configured in PortFast mode interface range FastEthernet1/0/10-48 Spanning-Tree portfast 802.1q link (Cisco trunk ) Configuration interface range GigabitEthernet1/0/1-4 switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,10,20,30,40 switchport mode trunk Assignment of Access ports to VLAN interface range FastEthernet1/0/10-19 switchport access vlan 10 switchport mode access interface range FastEthernet1/0/20-29 switchport access vlan 20 switchport mode access interface range FastEthernet1/0/30-39 switchport access vlan 30 switchport mode access interface range FastEthernet1/0/40-48 switchport access vlan 40 switchport mode access PVST+ configuration of Cisco-2 Configuration of Cisco-2 is similar to Cisco-1 s. Conf t hostname Cisco-2 PVST+ Spanning-Tree Configuration Spanning-Tree mode pvst Allows PVST+ to run for VLANs above 1023 and up to Spanning-Tree extend system-id Cisco-2 is the secondary Root for VLANs 1, 10, 20 and primary Root for VLANs 30,40 Spanning-Tree vlan 1,10,20 priority 4096 Spanning-Tree vlan 30,40 priority 0

43 When changed, timers must be changed on primary and on secondary Roots. Spanning-Tree vlan 1,10,20,30,40 hello-time 1 Spanning-Tree vlan 1,10,20,30,40 forward-time 4 Spanning-Tree vlan 1,10,20,30,40 max-age 6! Enable PortFast on all ports except the Cisco trunk ports Spanning-Tree portfast default ProCurve Edge-1 configuration ProCurve Edge-1 is an Edge/Access switch. Conf hostname "ProCurve-Edge-1" STP configuration. Default mode is RSTP. In RSTP mode, default configuration of all ports is Point-to-Point and Edge (fast convergence). To follow the specifications of the standard, the Uplinks are defined as Point-to-Point and Non Edge. no Spanning-Tree A15-A16 edge-port The following enables Spanning-Tree. Spanning-Tree Default mode is RSTP (802.1w), other modes are Standard STP (802.1D) and MSTP (802.1s). Changing mode requires a reboot. VLANs configuration vlan 1 ip address vlan 10 untagged B1-B4 tagged A15-A16 vlan 20 untagged B5-B9 tagged A15-A16 vlan 30 untagged B10-B14 tagged A15-A16 vlan 40 untagged B15-B19 tagged A15-A16 Checking STP status In the following displays, Mac address of Cisco-1 is 0013.c382.a900 and Mac address of Cisco-2 is 0013.c392.d200.

44 PVST+ status on Cisco-1. Display confirms Cisco-1 as the primary Root for VLANs 1, 10, 20 and secondary Root for VLANs 30 and 40 and all ports are in forwarding mode. Cisco-1#sh Spanning-Tree VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 1 Address 0013.c382.a900 (Cisco-1) This bridge is the root Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority 1 (priority 0 sys-id-ext 1) Address 0013.c382.a900 Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type Gi1/0/1 Desg FWD P2p Gi1/0/2 Desg FWD P2p Gi1/0/4 Desg FWD P2p VLAN0010 Spanning-Tree enabled protocol ieee Root ID Priority 10 Address 0013.c382.a900 (Cisco-1) This bridge is the root Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority 10 (priority 0 sys-id-ext 10) Address 0013.c382.a900 Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type Gi1/0/1 Desg FWD P2p Gi1/0/2 Desg FWD P2p Gi1/0/4 Desg FWD P2p VLAN0020 (skip ) VLAN0030 Spanning-Tree enabled protocol ieee Root ID Priority 30 Address 0013.c392.d200 (Cisco-2) Cost 4 Port 6 (GigabitEthernet1/0/4) Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority 4126 (priority 4096 sys-id-ext 30) Address 0013.c382.a900 Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type Gi1/0/1 Desg FWD P2p Gi1/0/2 Desg FWD P2p

45 Gi1/0/4 Root FWD P2p VLAN0040 (skip ) PVST+ status on Cisco-2. Display confirms Cisco-2 as the primary Root for VLANs 30 and 40 and secondary Root for VLANs 1, 10 and 20 and all ports are in forwarding mode. Cisco-2#sh span VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 1 Address 0013.c382.a900 (Cisco-1) Cost 4 Port 6 (GigabitEthernet1/0/4) Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority 4097 (priority 4096 sys-id-ext 1) Address 0013.c392.d200 Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type Gi1/0/1 Desg FWD P2p Gi1/0/2 Desg FWD P2p Gi1/0/4 Root FWD P2p VLAN0010 Spanning-Tree enabled protocol ieee Root ID Priority 10 Address 0013.c382.a900 (Cisco-1) Cost 4 Port 6 (GigabitEthernet1/0/4) Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority 4106 (priority 4096 sys-id-ext 10) Address 0013.c392.d200 Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type Gi1/0/1 Desg FWD P2p Gi1/0/2 Desg FWD P2p Gi1/0/4 Root FWD P2p VLAN0020 (skip ) VLAN0030 Spanning-Tree enabled protocol ieee Root ID Priority 30 Address 0013.c392.d200 (Cisco-2) This bridge is the root Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority 30 (priority 0 sys-id-ext 30)

46 Address 0013.c392.d200 Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type Gi1/0/1 Desg FWD P2p Gi1/0/2 Desg FWD P2p Gi1/0/4 Desg FWD P2p VLAN0040 (skip ) ProCurve-Edge-1 STP status Check Spanning-Tree configuration of ProCurve-Edge-1 ProCurve-Edge-1# sh span config Rapid Spanning-Tree Configuration STP Enabled [No] : Yes Force Version [RSTP-operation] : RSTP-operation Switch Priority [8] : 8 Hello Time [2] : 2 Max Age [20] : 20 Forward Delay [15] : 15 Port Type Cost Priority Edge Point-to-Point MCheck (skip ) A15 100/1000T No Force-True Yes A16 100/1000T No Force-True Yes B1 10/100TX Yes Force-True Yes (skip ) B24 10/100TX Yes Force-True Yes Check Spanning-Tree status. STP status is driven by the PVST+ configuration in VLAN 1. Cisco-1 is seen as the Root. ProCurve-Edge-1# show Spanning-Tree A15-A16 Rapid Spanning-Tree (RSTP) Information STP Enabled : Yes Force Version : RSTP-operation Switch Priority : Hello Time : 1 Max Age : 6 Forward Delay : 4 Topology Change Count : 33 Time Since Last Change : 2 mins Root MAC Address : 0013c3-82a900 (Cisco-1) Root Path Cost : Root Port : A15 Root Priority : 1 Port Type Cost Priority State Designated Bridge A15 100/1000T Forwarding 0013c3-82a900 A16 100/1000T Blocking 0013c3-92d200

47 The Spanning-Tree timers defined in VLAN 1 dictate convergence time. With default timers (Hello=2 sec, Forward Delay= 15 sec, Max-age=20 sec), convergence time is between 30 and 50 sec. With the values that we applied (Hello=1 sec, Forward Delay= 4 sec, Max-age=6 sec), convergence time never exceeded 8 sec. Conclusion See figure for resulting STP topology. If Cores of L2 networks are Cisco switches, one should take care of configuration of PVST+ in VLAN 1 (Native VLAN) as that will dictate the resulting topology. STP Timers in Native-VLAN will drive convergence time What about Cisco Rapid PVST? The same test has been run implementing the Rapid PVST mode on the Cisco cores. Regarding finale topology, same results have been obtained. However no significant improvement in speed convergence has resulted. In other words, HP ProCurve RSTP and Cisco Rapid PVST interacts in Vlan 1 as RSTP or standard STP interacts with PVST, but Rapid STP mechanisms are not functioning. In its Rapid PVST mode implementation, Cisco does not use the standard costs of Rapid STP but rather the cost of standard STP. For example Fast Ethernet cost is 19 and not HP ProCurve as Core running RSTP, Cisco as Edge running PVST+ Sample topology

48 In this topology, uplinks are tagged for VLANs 10, 20, 30 and 40 and untagged for VLAN 1. ProCurve-Core-1 and 2 are defined as Root and secondary Root of RSTP. Cisco-1 and Cisco-2 use standard PVST+ configuration. In the following, only the Spanning-Tree Configuration is shown. Configuration of RSTP on ProCurve-Core-1 and 2 Conf hostname "ProCurve-Core-1/2" Uplink ports are defined as Non Edge. Default is Edge and Point-to-Point. no Spanning-Tree A14-A16 edge-port ProCurve-Core-1 is the Root (priority 0) of the STP and ProCurve-Core-2 the secondary Root (priority 1). Spanning-Tree priority 0 STP timers are lowered to speed convergence time. Values are acceptable for a network where access switches are connected directly to the core switches or are in a stack connected directly to the cores. Spanning-Tree forward-delay 4 hello-time 1 maximum-age 6 Following command enables Spanning-Tree. Default mode is RSTP (802.1w).

49 Spanning-Tree Configuration of PVST+ on Cisco-1 and Cisco-2 Cisco-1 and Cisco-2 are defined as access switches hostname Cisco-1/2 Spanning-Tree mode pvst Spanning-Tree extend system-id interface range GigabitEthernet1/0/1-4 switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,10,20,30,40 switchport mode trunk Check status of Spanning-Tree On ProCurve-Core-1 ProCurve-Core-1 is Root for the STP ProCurve-Core-1# show span a14-a16 Rapid Spanning-Tree (RSTP) Information STP Enabled : Yes Force Version : RSTP-operation Switch Priority : 0 Hello Time : 1 Max Age : 6 Forward Delay : 4 Topology Change Count : 63 Time Since Last Change : 57 secs Root MAC Address : 000e7f Root Path Cost : 0 Root Port : This switch is root Root Priority : 0 Port Type Cost Priority State Designated Bridge A14 100/1000T Forwarding 000e7f A15 100/1000T Forwarding 000e7f A16 100/1000T Forwarding 000e7f On ProCurve-Core-2 ProCurve-Core-1 is seen, as expected, as the Root switch. Note that uplinks A15 and A16 are in blocking state, i.e. they re not the designated port of their segment. The first criterion to elect the Designated port of a segment is the path-cost of switch to the Root. In this case the Root path-cost of access switches

50 Cisco-1 and 2 (value 4) is lower than the Root path-cost of ProCurve-Edge-2 (value 20000). Cisco switches use standard STP values (4 for Gigabit, 19 for Fast Ethernet) and HP ProCurve switches use Rapid STP values (20000 For Gigabit, for Fast Ethernet). ProCurve-Core-2# sh span a14-a16 Rapid Spanning-Tree (RSTP) Information STP Enabled : Yes Force Version : RSTP-operation Switch Priority : 4096 Hello Time : 1 Max Age : 6 Forward Delay : 4 Topology Change Count : 108 Time Since Last Change : 23 secs Root MAC Address : 000e7f (ProCurve-Core-1) Root Path Cost : Root Port : A14 Root Priority : 0 Port Type Cost Priority State Designated Bridge A14 100/1000T Forwarding 000e7f A15 100/1000T Blocking 0013c3-82a900 A16 100/1000T Blocking 0013c3-92d200 The following figure shows the resulting STP topology

51 STP status in VLAN 1 on Cisco-1 and 2 ProCurve-Core-1 is seen as the Root. Uplinks (Gigabit Ethernet port) are Root or Designated ports Cisco-1#show Spanning-Tree VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 0 Address 000e.7f Cost 4 Port 3 (GigabitEthernet1/0/1) Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority (priority sys-id-ext 1) Address 0013.c382.a900 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type Gi1/0/1 Root FWD P2p Gi1/0/2 Desg FWD P2p Cisco-2#sh Spanning-Tree vlan 1 VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 0 Address 000e.7f (ProCurve-Core-1) Cost 4 Port 3 (GigabitEthernet1/0/1) Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority (priority sys-id-ext 1) Address 0013.c392.d200 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type Gi1/0/1 Root FWD P2p Gi1/0/2 Desg FWD P2p STP status in VLAN 10, 20, 30 and 40 of Cisco-1 and 2 In VLANs 10, 20, 30 and 40, ProCurve-Core-1 and 2 forward Cisco PVST BPDUs as any other frames. They are transparent to the Cisco switches. Cisco-1 is the Root switch because of its Mac address. Cisco-1#sh Spanning-Tree vlan 10 VLAN0010 Spanning-Tree enabled protocol ieee Root ID Priority Address 0013.c382.a900 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority (priority sys-id-ext 10) Address 0013.c382.a900 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300

52 Interface Role Sts Cost Prio.Nbr Type Gi1/0/1 Desg FWD P2p Peer(STP) Gi1/0/2 Desg FWD P2p Cisco-2#sh Spanning-Tree vlan 10 VLAN0010 Spanning-Tree enabled protocol ieee Root ID Priority Address 0013.c382.a900 (Cisco-1) Cost 4 Port 3 (GigabitEthernet1/0/1) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority (priority sys-id-ext 10) Address 0013.c392.d200 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type Gi1/0/1 Root FWD P2p Gi1/0/2 Desg FWD P2p From Cisco switches, STP Topology in VLANs 10, 20, 30 and 40 appears as follows: Change of STP path-cost on ProCurve-Core-1 and 2 To change the status of blocking ports on ProCurve-Core-2, we change the cost of uplinks. ProCurve-Core-1# conf

53 We define the value of path-cost of uplinks as 3. ProCurve-Core-1(config)# Spanning-Tree a14-a16 path-cost 3 ProCurve-Core-2(config)# Spanning-Tree a14-a16 path-cost 3 Status on ProCurve-Core-2 Now, ProCurve-2 is closer to Root switch than the access-switches. So all ports are in Designated state. ProCurve-Core-2# show span A14-A16 Rapid Spanning-Tree (RSTP) Information STP Enabled : Yes Force Version : RSTP-operation Switch Priority : 4096 Hello Time : 1 Max Age : 6 Forward Delay : 4 Topology Change Count : 121 Time Since Last Change : 12 secs Root MAC Address : 000e7f Root Path Cost : 3 Root Port : A14 Root Priority : 0 Port Type Cost Priority State Designated Bridge A14 100/1000T Forwarding 000e7f A15 100/1000T Forwarding 000e7f A16 100/1000T Forwarding 000e7f PVST+ Status on Cisco-1 and 2 In VLAN 1, port status follows the rules of standard STP. ProCurve-Core-1 is Root, ProCurve-Core-2 is secondary Root. Cisco-1#sh span vlan 1 VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 0 Address 000e.7f (ProCurve-Core-1) Cost 4 Port 3 (GigabitEthernet1/0/1) Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority (priority sys-id-ext 1) Address 0013.c382.a900 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type Gi1/0/1 Root FWD P2p Gi1/0/2 Altn BLK P2p

54 In VLAN 10, 20, 30 and 40, Status is the same as before Cisco-1#sh span vlan 10 VLAN0010 Spanning-Tree enabled protocol ieee Root ID Priority Cost 4 Address 0013.c382.a900 (cisco-1) This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority (priority sys-id-ext 10) Address 0013.c382.a900 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type Gi1/0/1 Desg FWD P2p Peer(STP) Gi1/0/2 Back BLK P2p Peer(STP) On Cisco-2 Cisco-2#sh span VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 0 Address 000e.7f Cost 4 Port 3 (GigabitEthernet1/0/1) Hello Time 1 sec Max Age 6 sec Forward Delay 4 sec Bridge ID Priority (priority sys-id-ext 1) Address 0013.c392.d200 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type Gi1/0/1 Root FWD P2p Gi1/0/2 Altn BLK P2p

55 IP routing Interoperability Sample topology The following topology is used to demonstrate L3 configuration and interoperability between Cisco and HP ProCurve L3 Switches routing protocols RIP and OSPF. All links are untagged. RIP configuration RIP Configuration on HP ProCurve conf hostname ProCurve Enabling IP Routing allows the forwarding of IP packets between VLANs. It is a mandatory step before configuring RIP and OSPF. ip routing VLAN configuration and IP addressing Vlan 110 untagged 1-10 ip address Vlan 120 untagged 11-20

56 ip address Vlan 130 untagged ip address Vlan 140 untagged ip address vlan 100 untagged 48 ip address Enable RIP. By default RIP is in Version 2. router rip RIP requires to be defined in the Vlan in which there are one or more RIP Neighbors. It is not necessary to enable RIP in the other VLANs. When RIP is enabled, connected networks are automatically redistributed into RIP. vlan 100 ip rip RIP Configuration on Cisco Conf t hostname Cisco VLANs creation and port assignment Vlan 10, 20, 30, 40, 100 Interface range fa1/0/1-10 Switchport access vlan 210 Interface range fa1/0/11-20 Switchport access vlan 220 Interface range fa1/0/21-30 Switchport access vlan 230 Interface range fa1/0/31-40 Switchport access vlan 240 Interface gi1/0/1 Switchport access vlan 100 IP addresses

57 interface Vlan100 ip address no shutdown interface Vlan210 ip address no shutdown interface Vlan220 ip address no shutdown interface Vlan230 ip address no shutdown interface Vlan240 ip address RIP protocol enabling. The Network command defines the IP Interfaces of a classfull network (10/8) on which RIP is enabled. Version 2 is enabled on all RIP Interfaces router rip network version 2 RIP announcements are blocked on all IP Interfaces connected to a stub network using the passive-interface command: passive-interface Vlan210 passive-interface Vlan220 passive-interface Vlan230 passive-interface Vlan240 Checking RIP RIP Status on HP ProCurve ProCurve1# show ip rip RIP global parameters RIP protocol : enabled Auto-summary : enabled Default Metric : 1 Distance : 120 Route changes : 4 Queries : 0 RIP interface information IP Address Status Send mode Recv mode Metric Auth enabled V2-only V2-only 1 none RIP peer information IP Address Bad routes Last update timeticks

58 ProCurve1# ProCurve1# show ip route rip IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist / rip / rip / rip / rip ProCurve1# show ip route connected IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist /24 VLAN connected /24 VLAN connected /24 VLAN connected /24 VLAN connected /24 VLAN connected /32 lo0 connected /8 reject static RIP Status on Cisco Cisco1#show ip route connected /24 is subnetted, 9 subnets C is directly connected, Vlan110 C is directly connected, Vlan130 C is directly connected, Vlan120 C is directly connected, Vlan140 C is directly connected, Vlan100 Cisco1#show ip route rip /24 is subnetted, 9 subnets R [120/1] via , 00:00:01, Vlan100 R [120/1] via , 00:00:01, Vlan100 R [120/1] via , 00:00:01, Vlan100 R [120/1] via , 00:00:01, Vlan100 Other RIP features Announcing a default route Configuring a default route on Cisco A default route can be announced by creating a default static route and redistribute it with a redistribute static command, or, using the ip defaultnetwork command :

59 Cisco1(config)#ip route Cisco1(config)#router rip Cisco1(config-router)#redistribute static Cisco1(config-router)#default-metric 4 or, using the ip default-network command : Cisco1(config)#ip default-network and checking announcement on HP ProCurve ProCurve1# show ip route rip IP Route Entries - Destination Gateway VLAN Type Sub-Type Metric Dist / rip / rip / rip / rip / rip Configuring a default route on HP ProCurve ProCurve1(config)# ip route ProCurve1(config)# router rip ProCurve1(rip)# redistribute static ProCurve1(rip)# default-metric 6 and checking announcement on Cisco Cisco1#show ip route rip * /24 is subnetted, 9 subnets R [120/6] via , 00:00:21, Vlan100 R [120/6] via , 00:00:21, Vlan100 R [120/6] via , 00:00:21, Vlan100 R [120/6] via , 00:00:21, Vlan100 R* /0 [120/6] via , 00:00:21, Vlan100 Auto-summary By default, RIP summarizes IP subnets announcement to a classfull network on a network boundary. For example the subnet /24 is announced as /8 on the IP interface To disable this behavior: ProCurve1(config)#router rip ProCurve1(rip)#no auto-summary Cisco1(config)#router rip Cisco1(config-router)#No auto-summary

60 RIP Version On HP ProCurve switches, RIP is in version 2 on all interfaces. On Cisco RIP is sent in Version 1 and can be received in version 1 and 2. On HP ProCurve, changing version is done is the IP interface (vlan) level: ProCurve1(config)#Vlan 110 ProCurve1(vlan-10)#ip rip v1-only ProCurve1(vlan-10)#ip rip v2-only ProCurve1(vlan-10)#ip rip v1-compatible-v2 On Cisco, changing version is done in protocol level or in IP interface level: Cisco1(config)#router rip Cisco1(config-router)#version 2 Cisco1(config-if)#int vlan 100 Cisco1(config-if)#ip rip send version 2 Cisco1(config-if)#ip rip receive version 1 2 Redistribution and RIP Filtering On HP ProCurve, connected and static networks can be redistributed. Note that redistribution of connected network is default. ProCurve1(config)#router rip ProCurve1(rip)#redistribute static ProCurve1(rip)#redistribute connected ProCurve1(rip)#default-metric 4 Some of the Redistributed networks can be filtered: ProCurve1(rip)#restrict On Cisco, filtering of redistributed networks, can be done with a distribute list : Cisco1(config)#router rip Cisco1(config-router)#redistribute static Cisco1(config-router)#default-metric 4 Cisco1(config-router)#distribute-list 1 out Cisco1(config-router)#access-list 1 permit OSPF Single Area

61 HP ProCurve OSPF configuration hostname "ProCurve" Enable routing and configure Vlan and IP addresses ip routing vlan 100 untagged 48 ip address Vlan 110 untagged 1-9 ip address Vlan 120 untagged ip address Vlan 130 untagged ip address Vlan 140 untagged ip address Configuring OSPF: first a unique Router-Identifier is defined, OSPF enabled and OSPF area(s) created: ip router-id router ospf area backbone IP interfaces area assigned to Area 0 (backbone) vlan 100 ip ospf area 0 Vlan 110 ip ospf area 0 Vlan 120 ip ospf area 0 Vlan 130 ip ospf area 0 Vlan 140 ip ospf area 0 Cisco OSPF configuration conf t hostname Cisco Vlan creation and port assignment

62 Vlan 10, 20, 30, 10, 100 Interface range fa1/0/1-10 Switchport access vlan 210 Interface range fa1/0/11-20 Switchport access vlan 220 Interface range fa1/0/21-30 Switchport access vlan 230 Interface range fa1/0/31-40 Switchport access vlan 240 Interface gi1/0/1 Switchport access vlan 100 IP routing is activated and IP addresses are assigned to VLAN Interfaces: ip routing interface Vlan100 ip address no shutdown interface Vlan210 ip address no shutdown interface Vlan220 ip address no shutdown interface Vlan230 ip address no shutdown interface Vlan240 ip address no shutdown OSPF Configuration: a unique router-id is defined and IP interfaces are assigned to Area 0. router ospf 1 router-id network area 0 Checking IP and OSPF status Checking status on HP ProCurve List IP Interfaces: ProCurve# show ip Internet (IP) Service IP Routing : Enabled Default TTL : 64 Arp Age : 20 VLAN IP Config IP Address Subnet Mask Proxy ARP DEFAULT_VLAN Disabled VLAN110 Manual No VLAN120 Manual No VLAN130 Manual No VLAN140 Manual No VLAN100 Manual No List connected IP routes:

63 ProCurve# show ip route connected IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist /24 VLAN connected /24 VLAN connected /24 VLAN connected /24 VLAN connected /24 VLAN connected /32 lo0 connected 0 0 List OSPF Interfaces: ProCurve# show ip ospf interface OSPF Interface Status IP Address Status Area ID State Auth-type Cost Priority enabled backbone DR none enabled backbone DR none enabled backbone DR none enabled backbone DR none enabled backbone BDR none 1 1 Before learning IP routes via OSPF, routers must establish neighboring/adjacency. When routers agree to form an adjacency, they exchange their topological database and become synchronized which is described by FULL state. ProCurve# show ip ospf neighbor OSPF Neighbor Information Router ID Pri IP Address NbIfState State Rxmt QLen Events DR FULL 0 11 List the learned IP Routes via OSPF: ProCurve# show ip route ospf IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist / ospf IntraArea / ospf IntraArea / ospf IntraArea / ospf IntraArea Checking OSPF status on Cisco List IP interfaces status Cisco#show ip int brief include up Vlan1 unassigned YES manual up down Vlan YES manual up up Vlan YES manual up up Vlan YES manual up up Vlan YES manual up up Vlan YES manual up up

64 List IP connected routes Cisco#show ip route connected /24 is subnetted, 9 subnets C is directly connected, Vlan210 C is directly connected, Vlan230 C is directly connected, Vlan220 C is directly connected, Vlan240 C is directly connected, Vlan100 Check IP OSPF Neighboring Cisco#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface FULL/BDR 00:00: Vlan100 Verify all IP interfaces have been assigned to OSPF Area Cisco#show ip ospf interface brief Interface PID Area IP Address/Mask Cost State Nbrs F/C Vl /24 1 DR 0/0 Vl /24 1 DR 0/0 Vl /24 1 DR 0/0 Vl /24 1 DR 0/0 Vl /24 1 DR 1/1 List learned IP routes via OSPF neighbor Cisco#show ip route ospf /24 is subnetted, 9 subnets O [110/2] via , 00:03:31, Vlan100 O [110/2] via , 00:03:31, Vlan100 O [110/2] via , 00:03:31, Vlan100 O [110/2] via , 00:03:31, Vlan100 Redistribution into OSPF Redistribute connected routes An other way for announcing networks via OSPF is to use the redistribute connected option. OSPF is enabled on the interfaces with an OSPF neighbor, other networks are simply redistributed into OSPF. Redistribute connected networks on Cisco Connected networks are redistributed with a metric 100 and a metric-type 1. Metric Type 1 means that metric is incremented with receiving interfaces costs along the announcements. The default type is 2, metric is not incremented. Subnets keyword is required to redistribute subnets of classfull networks. Conf t router ospf 1 router-id redistribute connected metric 100 metric-type 1 subnets Following enables OSPF in VLAN 100 only network area 0 Redistribute connected networks on HP ProCurve

65 Connected networks are redistributed with metric 200 and metric-type 1 (Default type is 2) conf ip router-id router ospf area backbone default-metric 200 metric-type type1 redistribute connected OSPF is enabled in VLAN 100 only vlan 100 ip ospf area backbone Checking learned routes via OSPF on Cisco Note OSPF type 1 and metric 201 (200 +1). Cisco#show ip route ospf /24 is subnetted, 9 subnets O E [110/201] via , 00:04:04, Vlan100 O E [110/201] via , 00:04:04, Vlan100 O E [110/201] via , 00:04:04, Vlan100 O E [110/201] via , 00:04:04, Vlan100 Checking learned routes via OSPF on HP ProCurve Note OSPF type 1 and metric 101 ( ). ProCurve# show ip route ospf IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist / ospf External / ospf External / ospf External / ospf External Announcing a default route Configuring announcement of a default route on HP ProCurve Default route is announced into OSPF just like any other static route. conf t ip route router ospf redistribute static default-metric 300 metric-type type1

66 and checking on Cisco Cisco1#show ip route ospf /8 is variably subnetted, 9 subnets, 2 masks O IA /23 [110/2] via , 00:01:52, Vlan100 O /23 is a summary, 01:04:57, Null0 O IA /24 [110/2] via , 00:01:52, Vlan100 O IA /24 [110/2] via , 00:01:52, Vlan100 O*E /0 [110/301] via , 00:01:52, Vlan100 Configuring announcement of a default route on Cisco router ospf 1 default-information originate metric 400 metric-type 1 default-metric 400 ip route and checking on HP ProCurve ProCurve1# show ip route ospf IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist / ospf External / ospf InterArea / ospf InterArea / ospf InterArea Redistributing proprietary routing protocols into OSPF HP ProCurve supports OSPF and RIP, two standard for Interior Gateway Protocols (IGP). Cisco, support standards as well as proprietary IGP such as IGRP and EIGRP. When mixing both environments one may have to support both proprietary and standard routing protocols. In this case, the solution is to mutually redistribute routing protocols on the Cisco platform such as in the following example

67 Cisco-2 configuration: internal router in EIGRP autonomous system EIGRP Configuration: 65 is the Autonomous System # for EIGRP and has to be the same on all routers part of EIGRP. Interface with no neighbors are defined as passive. Interface vlan 310 Ip address No shutdown Interface vlan 200 Ip address No shutdown router eigrp 65 network passive-interface vlan 310 Check EIGRP Show ip eigrp neighbors Show ip route eigrp Cisco-1 configuration: gateway router between OSPF and EIGRP IP Configuration. Interface vlan 200 Ip address No shutdown Interface vlan 100 Ip address No shutdown EIGRP Configuration. The passive-interface on vlan 100 ensures that no EIGRP messages are sent on the OSPF Vlan 100 interface router eigrp 65 network

68 passive-interface vlan100 OSPF configuration. Conf t router ospf 1 router-id network area 0 Redistributing EIGRP into OSPF. The Subnets keyword is required to redistribute subnets of classfull networks into OSPF. A metric (default 20) and metric type (default type 2 = non incremented) may be specified as follows: router ospf 1 redistribute eigrp 65 metric 100 metric-type 1 subnets Redistributing OSPF into EIGRP. It is required to specify a metric for the redistribution into EIGRP to be effective router eigrp 65 redistribute ospf 1 metric Note: if on a classfull network border (for example between /8 and /24) networks are by default automatically summarized within EIGRP. If this causes connectivity issues, this can be disabled using router eigrp 65 no auto-summary Checking redistribution. To check the redistribution effects, status should be displayed on the routers that are neighbors of the redistributing router. In our example these are Cisco-2 and ProCurve-1. On Cisco-2, in EIGRP OSPF redistributed networks will appear as external EIGRP networks with an Administrative distance of 170. C C Cisco-2#show ip route /24 is subnetted, 6 subnets D*EX [170/19768] via , 00:04:29, vlan200 D*EX [170/19768] via , 00:04:29, vlan200 D*EX [170/19768] via , 00:04:29, vlan200 D*EX [170/19768] via , 00:04:29, vlan is directly connected, Vlan is directly connected, Vlan310 On ProCurve-1, in OSPF,EIGRP Redistributed network will appear as external OSPF networks ProCurve-1# show ip route IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist /24 VLAN connected /24 VLAN connected 0 0

69 /24 VLAN connected /24 VLAN connected / ospf External / ospf External

70 Configuration of Multiple OSPF areas Sample topology In this example, ProCurve-0 and Cisco-0 are Area Border Routers (ABR). They interconnect Area 0 to other areas: the Areas 1 and 4, the stub Areas 2 and 5 and the totally stubby areas 3 and 6. Stub areas filter External networks and replace them by a default route into the area. Totally stubby areas are stub areas that also filter Summary networks and replace them by a default route into the area. Note that the NSSA area type is not supported on HP ProCurve. ProCurve as Area border router and Cisco as Internal routers Configuration of ProCurve-0 as ABR VLANs and IP configuration Conf t hostname ProCurve-0 ip routing vlan 110 ip address ip address vlan 120 ip address

71 vlan 130 ip address vlan 100 ip address OSPF configuration: enabling of OSPF and definition of OSPF areas and their types: ip router-id router ospf Area 0, the Backbone area, is standard area backbone Area 1 is standard area 1 Area 2 is stub (filters External LSA). 22 defines the default metric of default route generated in area 2 area 2 stub 22 Area 3 is totally stubby (filters External LSA and Summary LSA). 33 defines the default metric of default route generated in area 3 area 3 stub 33 no-summary When announced into area 0, IP subnets /24 and /24 will be summarized as /23 area 1 range Assign the IP interfaces to the various OSPF areas vlan 100 ip ospf area 0 vlan 110 ip ospf area 1 vlan 120 ip ospf area 2 vlan 130 ip ospf area 3

72 Checking status of OSPF neighbors ProCurve-0# show ip ospf neighbors OSPF Neighbor Information Router ID Pri IP Address NbIfState State Rxmt QLen Events BDR FULL BDR FULL BDR FULL DR FULL 0 6 Configuration of Cisco-1, internal router of standard Area 1 Conf t hostname Cisco-1 ip routing Interface Vlan 110 ip address router ospf 1 router-id log-adjacency-changes network area 1 Checking OSPF status on Cisco-1 Cisco-1#show ip ospf neigh Neighbor ID Pri State Dead Time Address Interface FULL/DR 00:00: Vlan1 Cisco-1#show ip ospf int brief Interface PID Area IP Address/Mask Cost State Nbrs F/C Vl /24 1 BDR 1/1 Checking OSPF routes: networks from other areas appear as O IA or OSPF Inter-Area networks. Cisco-1#sho ip route ospf /24 is subnetted, 6 subnets O IA [110/2] via , 00:01:54, Vlan110 O IA [110/3] via , 00:01:54, Vlan110 O IA [110/3] via , 00:01:54, Vlan110 O IA [110/2] via , 00:01:54, Vlan110 O IA [110/2] via , 00:01:54, Vlan110 Configuration of Cisco-2, internal router of stub Area 2 hostname Cisco-2 ip routing Interface Vlan120 ip address router ospf 1 router-id log-adjacency-changes area 2 stub network area 2

73 end Checking OSPF status on Cisco-2 Cisco-2#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface FULL/DR 00:00: Vlan120 Cisco-2#show ip ospf int brief Interface PID Area IP Address/Mask Cost State Nbrs F/C Vl /24 1 BDR 1/1 Checking OSPF routes: OSPF networks from other areas appear as O IA or OSPF Inter-Area networks. A default route is also generated in area 2 to hide or summarize External networks (networks resulting of a redistribute). Note network /23 that results from summarization of Area 1. Cisco-2#sho ip route ospf /8 is variably subnetted, 6 subnets, 2 masks O IA /23 [110/2] via , 00:01:19, Vlan120 O IA /24 [110/2] via , 00:01:19, Vlan120 O IA /24 [110/3] via , 00:01:19, Vlan120 O IA /24 [110/3] via , 00:01:19, Vlan120 O IA /24 [110/2] via , 00:01:19, Vlan120 O*IA /0 [110/23] via , 00:01:19, Vlan120 Configuration of Cisco-3, internal router of totally stubby Area 3 hostname Cisco-3 Interface Vlan130 ip address router ospf 1 router-id log-adjacency-changes area 3 stub no-summary network area 3 end Checking OSPF status on Cisco-3 Cisco-3#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface FULL/DR 00:00: Vlan130 Cisco-3#show ip ospf int brief Interface PID Area IP Address/Mask Cost State Nbrs F/C Vl /24 1 BDR 1/1

74 Checking OSPF routes: a default route is generated by ABR in the area 3 to summarize External networks (result of redistribute command) and Summary networks (networks of other areas). Cisco-3#show ip route ospf O*IA /0 [110/34] via , 00:01:42, Vlan130 Cisco as Area border router and ProCurve as Internal routers Configuration of Cisco-0 as ABR Configuration of IP forwarding and IP addresses Conf t hostname Cisco1 ip routing Interface Vlan100 ip address Interface Vlan210 ip address Interface Vlan220 ip address Interface Vlan230 ip address Enabling OSPF router ospf 1 router-id Area configuration: area 4 is standard, area 5 is stub and area 6 is totally stub. area 4 range area 5 stub area 6 stub no-summary Assignment of interfaces to areas network area 0 network area 4 network area 5 network area 6 end Checking IP OSPF neighboring Cisco-0#show ip ospf neighbors Neighbor ID Pri State Dead Time Address Interface FULL/BDR 00:00: Vlan100

75 FULL/DR 00:00: Vlan FULL/BDR 00:00: Vlan FULL/BDR 00:00: Vlan230 Checking IP OSPF interfaces Cisco-0#show ip ospf interface brief Interface PID Area IP Address/Mask Cost State Nbrs F/C Vl /24 1 DR 1/1 Vl /24 1 BDR 1/1 Vl /24 1 DR 1/1 Vl /24 1 DR 1/1 Configuration of ProCurve-4, internal router of standard Area 4 hostname "ProCurve-4" ip routing vlan 210 ip address ip router-id router ospf area 4 vlan 210 ip ospf area 4 Checking IP OSPF status ProCurve-4# show ip ospf neigh OSPF Neighbor Information Router ID Pri IP Address NbIfState State Rxmt QLen Events BDR FULL 0 6 ProCurve-4# show ip ospf interface OSPF Interface Status IP Address Status Area ID State Auth-type Cost Priority enabled DR none 1 1 Checking OSPF routes: all routes are seen as Inter-Area routes ProCurve-4# show ip route ospf IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist / ospf InterArea / ospf InterArea / ospf InterArea / ospf InterArea / ospf InterArea / ospf InterArea 2 110

76 Configuration of ProCurve-5, internal router of stub Area 5 hostname "ProCurve-5" ip routing vlan 220 untagged 1-26 ip address ip router-id router ospf area 5 stub 55 vlan 220 ip ospf area 5 Checking OSPF status ProCurve-5# show ip ospf neighbor OSPF Neighbor Information Router ID Pri IP Address NbIfState State Rxmt QLen Events DR FULL 0 7 ProCurve-5# show ip ospf int OSPF Interface Status IP Address Status Area ID State Auth-type Cost Priority enabled BDR none 1 1 Checking OSPF routes: all routes are seen as Inter-Area routes and a default route is generated by ABR to hide external networks. ProCurve-5# show ip route ospf IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist / ospf InterArea / ospf InterArea / ospf InterArea / ospf InterArea / ospf InterArea / ospf InterArea / ospf InterArea Configuration of ProCurve-6, internal router of totally stubby Area 6

77 hostname "ProCurve-6" ip routing vlan 230 untagged 1-26 ip address ip router-id router ospf area 6 stub 66 vlan 230 ip ospf area 6 Checking OSPF status. ProCurve-6# show ip ospf neigh OSPF Neighbor Information Router ID Pri IP Address NbIfState State Rxmt QLen Events DR FULL 0 7 ProCurve-6# show ip ospf int OSPF Interface Status IP Address Status Area ID State Auth-type Cost Priority enabled BDR none 1 1 Checking OSPF routes: a default route is generated by ABR to hide external and summary (inter-area) networks. ProCurve-6# show ip route ospf IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist / ospf InterArea Other OSPF features OSPF cost On HP ProCurve, a default value of 1 is assigned to OSPF interfaces. It can be changed as follows: ProCurve# conf ProCurve(config)# vlan 100 ProCurve(vlan-10)# ip ospf cost 10

78 Check with: ProCurve# show ip ospf int OSPF Interface Status IP Address Status Area ID State Auth-type Cost Priority enabled BDR none 10 1 On Cisco Switch, default value is 1 on interface Vlan. It is defined by the formula OSPF reference value /Bandwidth on physical interfaces. The reference value is equal to 100 Mbits/sec by default. The bandwidth value is defined in kilobits/sec. Changing cost can be done directly or indirectly changing the bandwidth value. Cisco# conf Cisco(config)# int vlan 100 Cisco(config-if)# ip ospf cost 10 Cisco(config)# int Fa 1/0/1 Cisco(config-if)# bandwidth Cisco(config)# int Fa 1/0/2 Cisco(config-if)# ip ospf cost 100 Cisco(config)# router ospf 1 Cisco(config-router)# auto-cost reference-bandwidth OSPF password authentication On HP ProCurve, password authentication requires to define a key-chain first then to enable password authentication in the Vlan interface. conf hostname "ProCurve" key-chain "ospf-key" key-chain "ospf-key" key 1 key-string "hp-cisco" ip router-id router ospf area backbone vlan 100 ip ospf area backbone ip ospf authentication-key "ospf-key" On Cisco, password authentication is defined in the IP interface: Int vlan 100 ip ospf authentication-key hp-cisco OSPF MD5 authentication

79 On HP ProCurve, MD5 authentication is defined as follows: key-chain "ospf-key" key-chain "ospf-key" key 1 key-string "hp-cisco" vlan 100 ip ospf area backbone ip ospf md5-auth-key-chain "ospf-key" On Cisco, MD5 authentication is defined in the IP interface: Int vlan 100 ip ospf message digest-key 1 md5 hp-cisco

80 IP Multicast interoperability Introduction The following demonstrate IP Multicast routing using PIM (Protocol Independent Multicast) in dense and sparse modes. The configuration uses the following topology shown below as its basis. It is a typical L3 architecture, where each uplink is a unique broadcast domain and IP subnet. A Stream server connected to Cisco-1 in subnet , sends a multicast flow to the multicast IP address For our test, a receiver is connected in /24 In the following we ll configure the network in PIM dense mode then in PIM sparse mode / /24 e 1 e /24 Gi1/1 Procurve-1 Gi1/1 Gi1/3 Gi1/3 Gi1/ /24 Gi1/2 Cisco-1 Gi1/4 Cisco /24 PIM DENSE Mode This first configuration demonstrates interoperability of Cisco and ProCurve switches in PIM dense mode. In PIM Dense mode, routers periodically flood multicast flows. If no receivers exist on the network leaves, routers prune branches of the multicast tree advising their upstream neighbors to stop sending the not requested flows. Periodic flooding happens every 3 minutes. To avoid periodic and unnecessary flooding, the state refresh mechanism has been created. With State-refresh Multicast Routers advertise their PIM Dense neighbors a packet to maintain the flows in pruning state. In other words, it s prevention against reaction. To be effective, the feature needs to be supported by all routers in the Multicast network

81 PIM Dense Configuration of ProCurve-1 hostname "ProCurve-1" First let s enable ip routing and define VLANs, port assignment and IP addresses. ip routing vlan 10 untagged 1 ip address vlan 20 untagged 2 ip address On IP subnet/vlan where there is potential receiver or source, we activate IGMP. As VLANs 10 and 20 are defined on uplinks, there is no need to define IGMP. vlan 200 untagged 19 ip address ip igmp For Multicast routing, the initial step is to enable globally IP multicast routing ip multicast-routing When a router receives a multicast flow, it checks the flow is received via the interface that leads to the source via the shortest path. This is called the reverse path forwarding process for which PIM uses the IP unicast routing table. This is why we enable OSPF as well as PIM. ip router-id router ospf area backbone router pim The IP interface, defined in VLAN context on ProCurve switches, is assigned to the OPSF area 0 and is set as a PIM-Dense mode interface. Here are the commands you ll enter: vlan 10 ip ospf area 0 ip pim-dense Here is what you ll see in a show run: vlan 10 ip ospf area backbone ip pim-dense ip-addr any The ip ospf area backbone indicates that interface is assigned to area 0 and OSPF messages are sent with the source address On a multinet interface (with multiple IP), you can specify what IP address is used to be source of OSPF packets.

82 The ip-addr any within pim-dense mode specifies that this IP Interface accepts flows from any IP source address. You could restrict what multicast flows are allowed to enter this interface. Note: ProCurve switches automatically support PIM state-refresh. vlan 20 ip ospf area backbone ip pim-dense ip-addr any vlan 200 ip ospf area backbone ip pim-dense ip-addr any In PIM dense mode, ProCurve automatically enables the state refresh mode. The state refresh feature allows a PIM device to mention to other PIM device that a flow has not to be sent when no downstream receiver requires a given flow. This eliminates the need for PIM dense mode devices to regularly flood a flow to all devices within a network. Configuration of Cisco-1 hostname Cisco-1 ip routing On Cisco switch, first step is also to enable ip multicast-routing. ip multicast-routing The no switchport command sets a Physical interface as a L3 interface. After IP address is assigned, we set the IP interfaces as PIM interfaces in dense mode. In this example we ve also defined the state-refresh interval to 60sec, which matches the default interval on ProCurve. Note that in Cisco IOS, the ip pim command sets automatically ip igmp. This is why no IP IGMP command is seen. interface GigabitEthernet1/1 no switchport ip address ip PIM state-refresh origination-interval 60 ip PIM dense-mode interface GigabitEthernet1/3 no switchport ip address ip PIM state-refresh origination-interval 60 ip PIM dense-mode interface GigabitEthernet1/4 no switchport ip address ip PIM state-refresh origination-interval 60 ip PIM dense-mode Following commands set OSPF for this device

83 router ospf 1 router-id log-adjacency-changes network area 0 Configuration of Cisco-2 Configuration of Cisco-2 is identical to configuration of Cisco-1. hostname Cisco-2 ip routing ip multicast-routing interface GigabitEthernet1/1 no switchport ip address ip PIM state-refresh origination-interval 60 ip PIM dense-mode interface GigabitEthernet1/3 no switchport ip address ip PIM state-refresh origination-interval 60 ip PIM dense-mode router ospf 1 router-id log-adjacency-changes network area 0 Checking PIM dense mode on ProCurve-1. The show ip pim command displays PIM global parameters. Note the state- Refresh interval equal to 60 seconds. ProCurve-1# show ip pim PIM Global Parameters PIM Status : enabled State Refresh Interval (sec) : 60 Join/Prune Interval (sec) : 60 SPT Threshold : Enabled Traps : Let s list IP PIM interfaces and see their PIM mode. ProCurve-1# show ip pim interface PIM Interfaces VLAN IP Address Mode dense dense dense We expect Cisco-1 and Cisco-2 to be our PIM neighbors. If they re not, we should verify that PIM is enabled and that the IP interfaces has been configured as PIM interfaces. ProCurve-1# show ip pim neighbor PIM Neighbors

84 IP Address VLAN Up Time (sec) Expire Time (sec) If multicast sources are active on the network, the show ip mroute or the show ip pim mroute should show entries: ProCurve-1# show ip pim mroute PIM Route Entries Group Address Source Address Metric Metric Pref In our example, the Receiver of is on ProCurve-1 and the source ( ) on Cisco-1. Following shows IGMP status and what multicast groups has been pulled. ProCurve-1# show ip igmp Status and Counters - IP Multicast (IGMP) Status VLAN ID : 10 VLAN Name : VLAN10 IGMP is not enabled VLAN ID : 20 VLAN Name : VLAN20 IGMP is not enabled VLAN ID : 200 VLAN Name : VLAN200 Querier Address : This switch is Querier Active Group Addresses Reports Queries Querier Access Port The following allows us to locate on what port the flows is received. ProCurve-1# show ip igmp group IGMP ports for group Port Type Access Age Timer Leave Timer host 0 0 Checking PIM Dense mode On Cisco-1 First let s list the IP PIM interfaces. Note that IP PIM is in Version 2 Mode (V2), as on ProCurve switches, and in Dense mode (D). Cisco-1#show ip pim interface Address Interface Ver/ Nbr Query DR DR Mode Count Intvl Prior GigabitEthernet1/1 v2/d GigabitEthernet1/2 v2/d GigabitEthernet1/3 v2/d GigabitEthernet1/4 v2/d

85 We display IP PIM neighbors to verify PIM is active. Cisco-1#show ip pim neighbor PIM Neighbor Table Neighbor Interface Uptime/Expires Ver DR Address Prio/Mode GigabitEthernet1/1 00:54:09/00:01:39 v2 N / DR S GigabitEthernet1/3 00:44:38/00:01:24 v2 1 / DR S A Multicast source is active on , its source address is It can be seen displaying IP multicast routes. Note: multicast entry is due to the Auto-RP protocol, a Cisco proprietary protocol that has equivalent functionality in PIM V2. Cisco-1#show ip mroute IP Multicast Routing Table Flags: D- Dense, S- Sparse, B- Bidir Group, s- SSM Group, C- Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, ), 00:29:41/stopped, RP , flags: D Incoming interface: Null, RPF nbr Outgoing interface list: GigabitEthernet1/3, Forward/Dense, 00:29:41/00:00:00 GigabitEthernet1/1, Forward/Dense, 00:29:41/00:00:00 ( , ), 00:29:41/00:02:58, flags: T Incoming interface: GigabitEthernet1/4, RPF nbr Outgoing interface list: GigabitEthernet1/1, Forward/Dense, 00:29:41/00:00:00, H GigabitEthernet1/3, Prune/Dense, 00:27:16/00:02:19 (*, ), 00:54:33/00:02:14, RP , flags: DCL Incoming interface: Null, RPF nbr Outgoing interface list: GigabitEthernet1/3, Forward/Dense, 00:45:00/00:00:00 GigabitEthernet1/1, Forward/Dense, 00:54:33/00:00:00 In the display above, you can see flow enters Cisco-1 on interface Gigabit Interface 0/4 (Incoming Interface) and leaves on Gigabit 1/1 (Outgoing Interface and in forward state). Note Gigabit 1/3 is pruned Cisco-1#show ip igmp groups IGMP Connected Group Membership Group Address Interface Uptime Expires Last Reporter GigabitEthernet1/1 00:53:30 00:02: Checking PIM Dense On Cisco-2 List IP PIM interfaces. Cisco-2#show ip pim interface Address Interface Ver/ Nbr Query DR DR Mode Count Intvl Prior GigabitEthernet1/1 v2/d

86 GigabitEthernet1/2 v2/d GigabitEthernet1/3 v2/d List IP PIM neighbors. Cisco-2#show ip pim neighbor PIM Neighbor Table Neighbor Interface Uptime/Expires Ver DR Address Prio/Mode GigabitEthernet1/1 01:02:34/00:01:15 v2 N / DR S GigabitEthernet1/3 01:03:04/00:01:16 v2 1 / S Let s display multicast routes. Note: the ( , ) flow enters int on Gi1/3 (interface between Cisco-1 and Cisco-2) and is pruned on Gi 1/1 (interface leading to ProCurve-1). Cisco-2#show ip mroute IP Multicast Routing Table Flags: D- Dense, S- Sparse, B- Bidir Group, s- SSM Group, C- Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, ), 00:48:04/stopped, RP , flags: D Incoming interface: Null, RPF nbr Outgoing interface list: GigabitEthernet1/3, Forward/Dense, 00:48:04/00:00:00 GigabitEthernet1/1, Forward/Dense, 00:48:04/00:00:00 ( , ), 00:48:04/00:02:07, flags: PT Incoming interface: GigabitEthernet1/3, RPF nbr Outgoing interface list: GigabitEthernet1/1, Prune/Dense, 00:45:39/00:02:07 (*, ), 01:03:21/00:02:18, RP , flags: DCL Incoming interface: Null, RPF nbr Outgoing interface list: GigabitEthernet1/1, Forward/Dense, 01:03:21/00:00:00 GigabitEthernet1/3, Forward/Dense, 01:03:21/00:00:00 List IGMP Groups. Except Auto-rp entry, no other IGMP entry can be seen as no receiver is present. Cisco-2#show ip igmp groups IGMP Connected Group Membership Group Address Interface Uptime Expires Last Reporter GigabitEthernet1/1 01:03:32 00:02: PIM SPARSE Mode Here are some explanations about PIM V2 sparse mode In PIM Sparse mode, there is no more periodic flooding of Multicast flows. Instead, routers call for Multicast flows to a Rendez-Vous Point (RP) Router. And a mapping group-to-rp is set manually or statically. A Bootstrap router

87 (BSR) is elected to advertise the different mappings to all PIM Sparse multicast routers. Here are the fundamental mechanisms as defined b y the IETF: 1- BSR Election. Each Candidate-BSR originates Bootstrap messages (BSMs). Every BSM contains a BSR Priority field. The C-BSR with the higher priority becomes the elected BSR, and its BSMs inform all the other routers in the domain that it is the elected BSR. 2- C-RP Advertisement. Each Candidate-RP sends periodic Candidate- RP-Advertisement (C-RP-Adv) messages to the elected BSR. A C-RP-Adv message includes the priority of the advertising C-RP, as well as a list of group ranges for which the candidacy is advertised. In this way, the BSR learns about possible RPs that are currently up and reachable. 3- RP-Set Formation. The BSR selects a subset of the C-RPs that it has received C-RP-Adv messages from to form the RP-Set. In general it should do this in such a way that the RP-Set is neither too large to inform all the routers in the domain about, nor too small so that load is overly concentrated on some RPs. It should also attempt to produce an RP-Set that does not change frequently. 4- RP-Set Flooding. In future Bootstrap messages, the BSR includes the RP-Set information. Bootstrap messages are flooded, which ensures that the RP-Set rapidly reaches all the routers in the domain. BSMs are originated periodically to ensure consistency after failure restoration. PIM Sparse-mode configuration of ProCurve-1 Vlan and IP configuration. Vlan 200 contain receivers and IGMP is enabled. hostname "ProCurve-1" ip routing vlan 10 name "VLAN10" untagged 1 ip address vlan 20 name "VLAN20" untagged 2 ip address vlan 200 name "VLAN200" untagged 19 ip address ip igmp Global OPSF Configuration ip router-id router ospf area backbone

88 Enabling of IP Multicast routing ip multicast-routing PIM Configuration: we define the ProCurve router to be a bsr-candidate as well as a rp-candidate. VLAN 200 as the IP source interface and priority is defined equal to 10 (highest is best). router pim bsr-candidate bsr-candidate source-ip-vlan 200 bsr-candidate priority 10 rp-candidate rp-candidate source-ip-vlan 200 rp-candidate group-prefix rp-candidate hold-time 150 priority 10 IP interfaces are defined in PIM Sparse mode and by default accept all flows (ip-addr any) vlan 10 ip ospf area backbone ip pim-sparse ip-addr any vlan 20 ip ospf area backbone ip pim-sparse ip-addr any vlan 200 ip igmp ip ospf area backbone ip pim-sparse ip-addr any PIM Sparse-mode configuration of Cisco-1 hostname Cisco-1 IP multicast routing is enabled ip multicast-routing Interfaces are defined as sparse-dense mode which means that router can run in both modes depending on the environment. Sparse-mode could also be used in this example. interface GigabitEthernet0/1 no switchport ip address ip pim sparse-dense-mode interface GigabitEthernet0/3 no switchport ip address ip pim sparse-dense-mode interface GigabitEthernet0/4 no switchport ip address

89 ip pim sparse-dense-mode OSPF is enabled. router ospf 1 router-id log-adjacency-changes network area 0 The router is defined as bsr-candidate (default priority is 200) and a rpcandidate with priority 200 ip pim bsr-candidate GigabitEthernet0/1 0 ip pim rp-candidate GigabitEthernet0/3 priority 200 ip pim rp-candidate GigabitEthernet0/1 priority 200 ip pim rp-candidate GigabitEthernet0/2 priority 200 end PIM Sparse-mode configuration of Cisco-2 Configuration is similar to Cisco-1 s configuration except the rp-candidate is set to 100 instead of 200. hostname Cisco-2 ip routing ip multicast-routing interface GigabitEthernet0/1 no switchport ip address ip pim sparse-dense-mode interface GigabitEthernet0/2 no switchport ip address ip pim sparse-dense-mode interface GigabitEthernet0/3 no switchport ip address ip pim sparse-dense-mode ip pim bsr-candidate GigabitEthernet0/3 0 ip pim rp-candidate GigabitEthernet0/3 priority 100 ip pim rp-candidate GigabitEthernet0/1 priority 100 ip pim rp-candidate GigabitEthernet0/2 priority 100 router ospf 1 router-id log-adjacency-changes network area 0 end Check PIM Sparse-mode on ProCurve-1 PIM Global parameters ProCurve-1# show ip pim PIM Global Parameters

90 PIM Status : enabled State Refresh Interval (sec) : 60 Join/Prune Interval (sec) : 60 SPT Threshold : Enabled Traps : PIM Interface parameters ProCurve-1# show ip pim interface PIM Interfaces VLAN IP Address Mode sparse sparse sparse PIM Neighbors ProCurve-1# show ip pim neighbor PIM Neighbors IP Address VLAN Up Time (sec) Expire Time (sec) What router is elected PIM Bootstrap router. Based on priority, it could be Cisco-1 or Cisco-2. E-BSR means Elected BSR. It is Cisco-2 ( ) C-BSR=Candidate BSR, C-RP=candidate RP. ProCurve-1# show ip pim bsr Status and Counters - PIM-SM Bootstrap Router Information E-BSR Address : E-BSR Priority : 200 E-BSR Hash Mask Length : 16 E-BSR Up Time : 6 hours Next Bootstrap Message : 90 secs C-BSR Admin Status : This system is a Candidate-BSR C-BSR Address : C-BSR Priority : 10 C-BSR Hash Mask Length : 30 C-BSR Message Interval : 60 C-BSR Source IP VLAN : 200 C-RP Admin Status : This system is a Candidate-RP C-RP Address : C-RP Hold Time : 150 C-RP Advertise Period : 60 C-RP Priority : 10 C-RP Source IP VLAN : 200 Group Address Group Mask

91 PIM Candidate router. ProCurve-1# show ip pim rp-candidate Status and Counters - PIM-SM Candidate-RP Information C-RP Admin Status : This system is a Candidate-RP C-RP Address : C-RP Hold Time : 150 C-RP Advertise Period : 60 C-RP Priority : 10 C-RP Source IP VLAN : 200 Group Address Group Mask Following displays the RP-set = mapping between RP and IP Multicast flow. Note that no static mapping has been set and that all RP-candidates are set to accept all IP Multicast flows. ProCurve-1# show ip pim rp-set Status and Counters - PIM-SM Static RP-Set Information Group Address Group Mask RP Address Override Status and Counters - PIM-SM Learned RP-Set Information Group Address Group Mask RP Address Hold Time Expire Time Check PIM Sparse-mode on Cisco-1 List PIM interfaces Cisco-1#show ip pim interface Address Interface Ver/ Nbr Query DR DR Mode Count Intvl Prior GigabitEthernet0/1 v2/sd GigabitEthernet0/3 v2/sd GigabitEthernet0/4 v2/sd List PIM neighbors Cisco-1#show ip pim neighbor PIM Neighbor Table Neighbor Interface Uptime/Expires Ver DR Address Prio/Mode GigabitEthernet0/1 02:42:31/00:01:17 v2 1 / DR GigabitEthernet0/3 04:05:42/00:01:15 v2 1 / DR S List IP Multicast routes Cisco-1#show ip mroute IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,

92 L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, ), 03:49:31/stopped, RP , flags: SPF Incoming interface: GigabitEthernet0/1, RPF nbr Outgoing interface list: Null ( , ), 02:43:12/00:03:29, flags: FT Incoming interface: GigabitEthernet0/4, RPF nbr , Registering (data-header) Outgoing interface list: GigabitEthernet0/1, Forward/Sparse-Dense, 02:37:22/00:03:08, H List PIM RP and BSR information. Note BSR is I2 (Cisco-2) Cisco-1#sh ip pim rp Group: , RP: , v2, uptime 02:28:15, expires 00:01:07 PIMv2 Bootstrap information BSR address: (?) Uptime: 00:05:07, BSR Priority: 200, Hash mask length: 16 Expires: 00:02:22 This system is a candidate BSR Candidate BSR address: , priority: 0, hash mask length: 0 Candidate RP: (GigabitEthernet0/3) Advertisement interval 60 seconds Next advertisement in 00:00:10 Candidate RP priority : 200 Candidate RP: (GigabitEthernet0/1) Advertisement interval 60 seconds Next advertisement in 00:00:05 Candidate RP priority : 200 Check PIM Sparse-mode on Cisco-2 List PIM interfaces Cisco-2#sh ip pim interface Address Interface Ver/ Nbr Query DR DR Mode Count Intvl Prior GigabitEthernet0/1 v2/sd GigabitEthernet0/3 v2/sd List PIM neighbors Cisco-2#sh ip pim neighbor PIM Neighbor Table Neighbor Interface Uptime/Expires Ver DR Address Prio/Mode GigabitEthernet0/1 02:20:52/00:01:24 v2 1 / DR GigabitEthernet0/3 03:44:10/00:01:41 v2 1 / S List IP Multicast routes Cisco-2#sh ip mroute IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag,

93 T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, ), 03:29:12/stopped, RP , flags: S Incoming interface: GigabitEthernet0/1, RPF nbr Outgoing interface list: GigabitEthernet0/3, Forward/Sparse-Dense, 02:00:20/00:00:00, H ( , ), 02:22:53/00:02:46, flags: PT Incoming interface: GigabitEthernet0/3, RPF nbr Outgoing interface list: Null Display of PIM RP and BSR routers information Cisco-2#sh ip pim bsr-router PIMv2 Bootstrap information This system is the Bootstrap Router (BSR) BSR address: (?) Uptime: 00:00:02, BSR Priority: 200, Hash mask length: 16 Next bootstrap message in 00:00:57 Candidate RP: (GigabitEthernet0/3) Advertisement interval 60 seconds Next advertisement in 00:00:10 Candidate RP priority : 100 Candidate RP: (GigabitEthernet0/1) Advertisement interval 60 seconds Next advertisement in 00:00:04 Candidate RP priority : 100 Display Mapping between RP and Multicast groups/flows Cisco-2#sh ip pim rp Group: , RP: , v2, uptime 02:22:22, expires 00:02:06