HP Switche: Unterschied zwischen den Versionen
Sysd0b (Diskussion | Beiträge) (→OID`s) |
Sysd0b (Diskussion | Beiträge) |
||
(89 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
Zeile 1: | Zeile 1: | ||
− | = HP | + | [[Kategorie:Switche]] |
− | == Terminal Settings == | + | [[Kategorie:Netzwerk]] |
+ | = HP ProVision Switch Serie = | ||
+ | == Allgemein == | ||
+ | === Terminal Settings === | ||
+ | Für den groß teil der Geräte bis 2015v gilt | ||
* Symbolrate von 1200 bis 115200 (default 9600) | * Symbolrate von 1200 bis 115200 (default 9600) | ||
* 8 data bits | * 8 data bits | ||
Zeile 7: | Zeile 11: | ||
* flow control set to Xon/Xoff | * flow control set to Xon/Xoff | ||
+ | mit Screen dieht das dann so aus: | ||
+ | HP5130 (JG933A) | ||
<pre> | <pre> | ||
− | screen /dev/cu.usbserial | + | screen /dev/cu.usbserial 115200,cs8,-parenb,-cstopb,-clocal |
</pre> | </pre> | ||
− | + | '''Abweichende Switche''' | |
− | |||
+ | HP1920-24g-poe (JG928A) | ||
<pre> | <pre> | ||
− | + | screen /dev/cu.usbserial 38400,cs8,-parenb,-cstopb,-clocal | |
− | |||
</pre> | </pre> | ||
− | == | + | |
+ | === Console === | ||
Ein paar Schnipsel | Ein paar Schnipsel | ||
<pre> | <pre> | ||
+ | erase startup-config // Switch auf factory defaults zurücksetzen & neustarten | ||
+ | |||
show version | show version | ||
show flash | show flash | ||
Zeile 27: | Zeile 35: | ||
show running-config | show running-config | ||
show config status | show config status | ||
+ | |||
+ | show log | ||
+ | clear log | ||
+ | show port-security intrusion-log // Kann nicht gelöscht werden (max. 20 Einträge), ältester Eintrag fliegt raus | ||
+ | clear intrusion-flags // Löscht intrusion flags für alle ports. | ||
+ | |||
+ | show interfaces status | ||
+ | show interfaces brief | ||
+ | show interfaces port-utilization // Bandbreitenübersicht | ||
+ | |||
+ | show vlans | ||
+ | show trunks | ||
+ | show lacp | ||
+ | show lldp info remote-device | ||
+ | show cdp neighbors | ||
+ | show port-security | ||
+ | show power-over-ethernet <PORT> | ||
+ | show mac-address [ port-list | mac-address | vlan<vid>] | ||
</pre> | </pre> | ||
− | == | + | Folgende Befehle im "(config)#" Mode |
− | === | + | <pre> |
+ | hostname deepthought // Neuen Hostnamen vergeben | ||
+ | snmp-server location "<location>" // Standort des Switch | ||
+ | snmp-server contact "<contact>" // Ansprechpartner für den Switch | ||
+ | snmp-server community "public" manager restricted | ||
+ | password all // Passwort für Operator & Manager setzen | ||
+ | |||
+ | time timezone 60 // Zeitzone einstellen | ||
+ | time daylight-time-rule Western-Europe // Sommer- / Winterzeitzone einstellen | ||
+ | timesync sntp // SNTP aktivieren zur Zeitsynchronisation | ||
+ | sntp unicast // SNTP Mode auf unicast setzen | ||
+ | sntp 720 // SNTP Poll Intervall festlegen, hier 720sek. | ||
+ | sntp server priority 1 78.46.53.8 // 0.de.pool.ntp.org | ||
+ | sntp server priority 2 46.4.32.135 // 1.de.pool.ntp.org | ||
+ | sntp server priority 3 148.251.68.100 // 2.de.pool.ntp.org | ||
+ | |||
+ | crypto key generate ssh // Self-Signed cert für Pro Curve Switche | ||
+ | crypto pki enroll-self-signed certificate-name <NAME> subject common-name <IP-ADDRESS> // Self-Signed cert für Pro Vision Switche | ||
+ | |||
+ | interface <PORT> power // POE auf <PORT> aktivieren | ||
+ | no interface <PORT> power // POE auf <PORT> deaktivieren | ||
+ | |||
+ | web-management ssl // Webserver SSL sprechen lassen | ||
+ | no web-management plaintext // Unverschlüsselte Verbindung verbieten | ||
+ | ip ssh // SSH einschalten | ||
+ | ip ssh filetransfer // TFTP Server & Client werden deaktiviert -> SCP & SFTP nutzen! | ||
+ | aaa authentication num-attempts 3 // Nach 3 fehlerhaften Logins Zugang sperren | ||
+ | no autorun // USB Autorum feature deaktivieren | ||
+ | |||
+ | snmpv3 enable // authentication pw (MD5) & privacy password (DES) setzen, opt. SHA, snmp restriction | ||
+ | snmpv3 only // Alte Protokolle deaktivieren (SNMPv1 + SNMPv2c) | ||
+ | |||
+ | logging <IP-ADDRESS> tls // Syslog Kommunikation verschlüsseln (TLS) | ||
+ | |||
+ | ip default-gateway 192.168.23.1 // Default Gateway entsprechend anpassen | ||
+ | |||
+ | mirror-port <ethX> // Ziel inter definieren der den gedoppelten Traffic ausgibt | ||
+ | interface <ethY> // Quell Port Interface auswähöen | ||
+ | monitor // Mirror bzw. Monitoring starten | ||
+ | // verlassen | ||
+ | |||
+ | exit // (conf) verlassen um | ||
+ | write memory // running-config als startup-config abzuspeichern | ||
+ | </pre> | ||
+ | |||
+ | === SFTP Firmware & Config === | ||
+ | Für neue Switche z.B. 2920 | ||
+ | <pre> | ||
+ | copy running-config sftp <SFTP-USER>@<SFTP-SERVER-IP> /upload/switch-xy-config.conf // von Switch auf SFTP Server | ||
+ | </pre> | ||
+ | |||
+ | === TFTP Firmware & Config === | ||
+ | Für alte Switche z.B. 2610 | ||
+ | * https://h10145.www1.hp.com/downloads/ProductsList.aspx?lang=&cc=&prodSeriesId= | ||
+ | |||
+ | <pre> | ||
+ | copy flash tftp <ip-adress-tftps> <filename> // Aktuelle Firmware auf den tftp schieben | ||
+ | copy tftp flash <ip-adress-tftps> <filename> <primary|secondary> // Neue Firmware vom tftp holen | ||
+ | boot system flash <primary | secondary> // Switch reboot mit pri bzw sec image | ||
+ | |||
+ | copy <startup-config | running-config> tftp <ip-address> <remote-file> // von Switch auf remote tftp | ||
+ | copy tftp <startup-config | running-config> <ip-address> <remote-file> // von remote tftp auf Switch | ||
+ | </pre> | ||
+ | |||
+ | |||
+ | == HP Pro Curve 1810G-8 (J9449A) == | ||
+ | === PW Reset === | ||
+ | * Mit einer Büroklammer "Clear" Button 3sek. gedrückt halten, danach ohne PW einloggen. | ||
+ | |||
+ | |||
+ | === Factory Reset === | ||
+ | * Mit einer Büroklammer o.ä. "Reset" & "Clear" Button | ||
+ | * "Reset" Button gedrückt halten, "Clear" loslassen | ||
+ | * Wenn alle 3 Mode LED`s blinken auch den "Reset" Button loslassen | ||
+ | * Default IP: 192.168.2.10 | ||
+ | |||
+ | [http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay?javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%253Demr_na-c02597119-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&sp4ts.oid=3963985&ac.admitted=1414573426851.876444892.492883150 Quelle] | ||
+ | |||
+ | == HP Pro Curve 2610-48 (J9088A) == | ||
+ | Rack Einbauwinkel, Abmessungen der Bohrungen 2,3x2,3cm (4 loch) | ||
+ | |||
+ | === Factory Reset === | ||
+ | CLI | ||
+ | <pre> | ||
+ | # erase startup-config | ||
+ | </pre> | ||
+ | === Optionales Zubehör === | ||
+ | * [http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay?javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%253Demr_na-c02507123-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&ac.admitted=1413234651102.876444892.492883150 2610 Series] | ||
+ | |||
+ | {|class="wikitable sortable" | ||
+ | |- | ||
+ | | Part || Description || Option part number | ||
+ | |- | ||
+ | | Transceivers || HP ProCurve 100-FX SFP-LC transceiver || J9054B | ||
+ | |- | ||
+ | | Transceivers || HP ProCurve 100-BX-D SFP-LC transceiver || J9099B | ||
+ | |- | ||
+ | | Transceivers || HP ProCurve 100-BX-U SFP-LC transceiver || J9100B | ||
+ | |- | ||
+ | | Power supply || HP ProCurve 600 redundant external power supply || J8168A | ||
+ | |- | ||
+ | | Power supply || HP ProCurve 610 external power supply || J8169A | ||
+ | |- | ||
+ | | Mini-GBICs || HP ProCurve Gigabit-SX-LC Mini-GBIC || J4858C | ||
+ | |- | ||
+ | | Mini-GBICs || HP ProCurve Gigabit-LX-LC Mini-GBIC || J4859C | ||
+ | |- | ||
+ | | Mini-GBICs || HP ProCurve Gigabit-LH-LC Mini-GBIC || J4860C | ||
+ | |- | ||
+ | | Mini-GBICs || HP ProCurve Gigabit 1000Base-T Mini-GBIC || J8177C | ||
+ | |- | ||
+ | | Mini-GBICs || HP ProCurve 1000-BX-D SFP-LC Mini-GBIC || J9142B | ||
+ | |- | ||
+ | | Mini-GBICs || HP ProCurve 1000-BX-U SFP-LC Mini-GBIC || J9143B | ||
+ | |- | ||
+ | | Rack Mount || HP Accessory Kit, Rack Mount Brackets || 5069-6535 | ||
+ | |} | ||
+ | |||
+ | === SNMP === | ||
+ | * [https://h10145.www1.hp.com/downloads/DownloadSoftware.aspx?SoftwareReleaseUId=11143&ProductNumber=J9088A&lang=&cc=&prodSeriesId=&SerialNumber=&PurchaseDate= MIB Download] | ||
+ | |||
{|class="wikitable sortable" | {|class="wikitable sortable" | ||
|- | |- | ||
− | | | + | | MIB || OBJECT LABEL || OBJECT ID || Data Type || Value (Example) |
+ | |- | ||
+ | | [http://www.oidview.com/mibs/0/RFC1213-MIB.html RFC1213-MIB] ||mib-2 || .1.3.6.1.2.1 || || - | ||
+ | |- | ||
+ | | - || system || .1.3.6.1.2.1.1 || || - | ||
+ | |- | ||
+ | | - || sysDescr.0 || .1.3.6.1.2.1.1.1.0 || OctetString || "ProCurve J9088A Switch 2610-48...." | ||
+ | |- | ||
+ | | - || sysUpTime.0 || .1.3.6.1.2.1.1.3.0 || TimeTicks || "Timeticks: (9400662) 1 day, 2:06:46.62" | ||
+ | |- | ||
+ | | - || sysContact.0 || .1.3.6.1.2.1.1.4.0 || OctetString || "your@email.tld" | ||
+ | |- | ||
+ | | - || sysName.0 || .1.3.6.1.2.1.1.5.0 || OctetString || "switch_23" | ||
+ | |- | ||
+ | | - || sysLocation.0 || .1.3.6.1.2.1.1.6.0 || OctetString || "Rack 3" | ||
+ | |- | ||
+ | | - || sysServices.0 || .1.3.6.1.2.1.1.7.0 || Integer || 74 | ||
+ | |- | ||
+ | | - || interfaces || .1.3.6.1.2.1.2 || || - | ||
+ | |- | ||
+ | | - || ifSpeed || .1.3.6.1.2.1.2.2.1.5.{1-48} || Integer || 100000000 | ||
+ | |- | ||
+ | | - || ifPhysAddress || .1.3.6.1.2.1.2.2.1.6.{1-48} || OctetString || aa-bb-cc-dd-ee-ff | ||
+ | |- | ||
+ | | - || ifAdminStatus || .1.3.6.1.2.1.2.2.1.7.{1-48} || Integer || 1 = up; 2 = down | ||
+ | |- | ||
+ | | - || ifOperStatus || .1.3.6.1.2.1.2.2.1.8.{1-48} || Integer || 1 = up; 2 = down | ||
+ | |- | ||
+ | | - || ifLastChange || .1.3.6.1.2.1.2.2.1.9.{1-48} || TimeTicks || 4 seconds (440) | ||
+ | |- | ||
+ | | - || icmp || .1.3.6.1.2.1.5 || || - | ||
+ | |- | ||
+ | | - || tcp || .1.3.6.1.2.1.6|| || - | ||
|- | |- | ||
− | | | + | | - || udp || .1.3.6.1.2.1.7 || || - |
|- | |- | ||
− | | | + | | - || snmp || .1.3.6.1.2.1.11 || || - |
|- | |- | ||
− | | | + | | [http://www.oidview.com/mibs/0/RFC1271-MIB.html RFC1271-MIB] || rmon || .1.3.6.1.2.1.16 || || - |
|- | |- | ||
− | | | + | | [http://www.oidview.com/mibs/0/BRIDGE-MIB.html BRIDGE-MIB] || dot1dBridge || .1.3.6.1.2.1.17 || || - |
|- | |- | ||
− | | | + | | [http://www.oidview.com/mibs/0/MAU-MIB.html MAU-MIB] || snmpDot3MauMgt || .1.3.6.1.2.1.26 || || - |
|- | |- | ||
− | | | + | | [http://www.oidview.com/mibs/0/IF-MIB.html IF-MIB] || interfaces || .1.3.6.1.2.1.31 || || - |
|- | |- | ||
− | | | + | | [http://www.oidview.com/mibs/0/ENTITY-MIB.html Enity MIB] || entityMIB || .1.3.6.1.2.1.47 || || - |
|- | |- | ||
− | | | + | | - || entPhysicalSoftwareRev || .1.3.6.1.2.1.47.1.1.1.1.10.1 || OctetString || "R.11.107" (Primary Image) |
|- | |- | ||
− | | | + | | - || entPhysicalFirmwareRev || .1.3.6.1.2.1.47.1.1.1.1.9.1 || OctetString || "R.10.06" (Boot Rom Version) |
|- | |- | ||
− | | | + | | - || entPhysicalSerialNum || .1.3.6.1.2.1.47.1.1.1.1.11.1 || OctetString || "CN821****" |
|- | |- | ||
− | | | + | | [http://www.oidview.com/mibs/0/RADIUS-AUTH-SERVER-MIB.html RADIUS-AUTH-SERVER-MIB] || radiusMIB || .1.3.6.1.2.1.67 || || - |
|- | |- | ||
− | | | + | | [http://www.oidview.com/mibs/9/CISCO-SMI.html CISCO-SMI] || cisco || .1.3.6.1.4.1.9 || || - |
|- | |- | ||
− | | | + | | [http://www.oidview.com/mibs/11/HP-ICF-GENERIC-RPTR.html HP-ICF-GENERIC-RPTR] || hpSecurePortTable || .1.3.6.1.4.1.11.2.14.2.10.3 || || - |
|- | |- | ||
− | | [http://www.oidview.com/mibs/ | + | | [http://www.oidview.com/mibs/11/HP-ICF-CHASSIS.html HP-ICF-CHASSIS] || hpicfChassisMib || .1.3.6.1.4.1.11.2.14.10.2.3 || || - |
|- | |- | ||
− | | | + | | - || hpicfChassisId || .1.3.6.1.4.1.11.2.14.11.1.2.1.0 || OctetString || "aa-bb-cc-dd-ee-ff" (MAC Address) |
|- | |- | ||
− | | | + | | - || hpicfSensorStatus || .1.3.6.1.4.1.11.2.14.11.1.2.6.1.4.1 || Integer || "4" (Fan) |
|- | |- | ||
− | | | + | | - || hpicfSensorStatus || .1.3.6.1.4.1.11.2.14.11.1.2.6.1.4.2 || Integer || "4" (Power Supply 1) |
|- | |- | ||
− | | | + | | - || hpicfSensorStatus || .1.3.6.1.4.1.11.2.14.11.1.2.6.1.4.3 || Integer || "5" (Power Supply 2) |
|- | |- | ||
− | | | + | | - || hpicfSensorStatus || .1.3.6.1.4.1.11.2.14.11.1.2.6.1.4.4 || Integer || "4" (Over Temperature) |
|- | |- | ||
− | | | + | | [http://www.oidview.com/mibs/11/NETSWITCH-MIB.html NETSWITCH-MIB] || hpOpSystem || .1.3.6.1.4.1.11.2.14.11.5.1.1 || || - |
|- | |- | ||
− | | | + | | - || hpLocalMemTotalBytes || .1.3.6.1.4.1.11.2.14.11.5.1.1.2.1.1.1.5.1 || Integer || "84017872" (Memory Total) |
|- | |- | ||
− | | | + | | - || hpLocalMemFreeBytes || .1.3.6.1.4.1.11.2.14.11.5.1.1.2.1.1.1.6.1 || Integer || "73556512" (Memory Free) |
|- | |- | ||
− | | | + | | - || hpLocalMemAllocBytes || .1.3.6.1.4.1.11.2.14.11.5.1.1.2.1.1.1.7.1 || Integer || "10436064" (Memory Used) |
|- | |- | ||
− | | | + | | [http://www.oidview.com/mibs/11/STATISTICS-MIB.html STATISTICS-MIB] || hpSwitchStatistics || .1.3.6.1.4.1.11.2.14.11.5.1.9 || || - |
|- | |- | ||
− | | | + | | - || hpSwitchCpuStat || .1.3.6.1.4.1.11.2.14.11.5.1.9.6.1.0 || Integer || "4" (CPU) |
|- | |- | ||
− | | | + | | - || hpSwitchFdbAddressCount || .1.3.6.1.4.1.11.2.14.11.5.1.9.12.1.0 || Integer || "12" (MAC Adress Count) |
|- | |- | ||
− | | | + | | - || hpHttpMgEntityNetInfoIPAddress || .1.3.6.1.4.1.11.2.36.1.1.3.1.1.7.1 || OctetString || "192.168.23.23" |
+ | |- | ||
+ | | - || hpHttpMgDeviceGlobalUniqueID || .1.3.6.1.4.1.11.2.36.1.1.5.1.1.2.1 || OctetString || "HPJ9088ACN821*****" | ||
+ | |- | ||
+ | | [http://www.oidview.com/mibs/0/SNMP-COMMUNITY-MIB.html SNMP-COMMUNITY-MIB] (RFC1271) || snmpCommunityMIB || .1.3.6.1.6.3.18 || || - | ||
|} | |} | ||
− | |||
− | |||
HP Status Werte | HP Status Werte | ||
Zeile 98: | Zeile 278: | ||
*4 good | *4 good | ||
*5 not present | *5 not present | ||
+ | |||
+ | == HP Pro Curve 2920-48G-POE+ (J9729A) == | ||
+ | === Downloads === | ||
+ | SOftware Auswahl: | ||
+ | * https://h10145.www1.hpe.com/support/SupportLookUp.aspx | ||
+ | |||
+ | |||
+ | |||
+ | J9727A - Aruba 2920 24G POE+ Switch (J9727A)* | ||
+ | * https://h10145.www1.hpe.com/downloads/SoftwareReleases.aspx?ProductNumber=J9727A | ||
+ | |||
+ | |||
+ | J9729A - Aruba 2920 48G POE+ Switch | ||
+ | * https://h10145.www1.hpe.com/downloads/SoftwareReleases.aspx?ProductNumber=J9729A | ||
+ | |||
+ | === SNMP === | ||
+ | {|class="wikitable sortable" | ||
+ | |- | ||
+ | | MIB || OBJECT LABEL || OBJECT ID || Data Type || Value (Example) | ||
+ | |- | ||
+ | | [http://www.oidview.com/mibs/0/RFC1213-MIB.html RFC1213-MIB] ||mib-2 || .1.3.6.1.2.1 || || - | ||
+ | |- | ||
+ | | - || system || .1.3.6.1.2.1.1 || || - | ||
+ | |- | ||
+ | | - || sysDescr || .1.3.6.1.2.1.1.1.0 || STRING || HP J9729A 2920-48G-POE+ Switch, revision WB.15.15.0012, ROM WB.15.05 (/ws/swbuildm/ | ||
+ | |- | ||
+ | | - || || .1.3.6.1.2.1.47.1.2.1.1.2.1.<VLAN_ID> || STRING || (VLAN Names) | ||
+ | |- | ||
+ | | - || || .1.3.6.1.2.1.47.1.2.1.1.5.<VLAN_ID> || Hex-STRING || (VLAN Port des jeweiligen VLAN) | ||
+ | |- | ||
+ | | - || || .1.3.6.1.2.1.47.1.1.1.1.11.1001 || STRING || SG5AFLZDYW (HP Switch "Chassis" Serial Nr.) | ||
+ | |- | ||
+ | | - || || .1.3.6.1.2.1.47.1.1.1.1.11.26001 || STRING || J9731A (HP Switch Modul "A" Serial Nr.) | ||
+ | |- | ||
+ | | - || || .1.3.6.1.2.1.47.1.1.1.1.11.27049 || STRING || J9150A (HP Switch Modul Transreceiver "Port A1" Serial Nr.) | ||
+ | |- | ||
+ | | - || || .1.3.6.1.2.1.47.1.1.1.1.13.1001 || STRING || J9729A (HP Switch "Chassis" Nr.) | ||
+ | |- | ||
+ | | - || || .1.3.6.1.2.1.47.1.1.1.1.13.26001 || STRING || J9731A (HP Switch Modul "A" Nr.) | ||
+ | |- | ||
+ | | - || || .1.3.6.1.2.1.47.1.1.1.1.13.27049 || STRING || J9150A (HP Modul Transreceiver "Port A1" Nr.) | ||
+ | |- | ||
+ | | [http://www.oidview.com/mibs/0/ENTITY-SENSOR-MIB.html MIB ENTITY-SENSOR-MIB] || entitySensorMIB || .1.3.6.1.2.1.99 || || - | ||
+ | |- | ||
+ | | - || || .1.3.6.1.2.1.99.1.1.1.7.12001 || Timeticks || (446938650) 51 days, 17:29:46.50 (Uptime) | ||
+ | |- | ||
+ | | || radiusDynAuthServerMIB || .1.3.6.1.2.1.146 || || - | ||
+ | |- | ||
+ | | - || || .1.3.6.1.2.1.146.1.1.3.0 || STRING || "SW-CNTNR-SRVR-48" (Hostname) | ||
+ | |} | ||
+ | |||
+ | = HPE Comware-Switch Serie = | ||
+ | == Allgemein == | ||
+ | Bei Neugeräten dieser Switch Familie (HPE Comware-Switch, A-Serie) muss man bevor es auf der Console los geht den "automatic configuration process" mit der Tastenkombination "CTRL+D" unterbrechen [https://support.hpe.com/hpsc/doc/public/display?docId=mmr_kc-0124222] und dann vom "user-view" in den "system-view" wechseln um SSH einzuschalten undf eine Startup Configuration anzulegen. | ||
+ | |||
+ | Links | ||
+ | * [https://www.markus-huether.de/mh/index.php/hewlett-packard/networking/13-grundkonfiguration-und-befehle-hp-switch-5900af-mit-comware-7 Befehlsreferenz von Markus Hüther] (Danke für den Einstieg) | ||
+ | * [https://support.hpe.com/hpsc/doc/public/display?docId=mmr_kc-0102233 HPE Networking Switches - Understanding VLAN port Types]| | ||
+ | |||
+ | === Terminal Settings === | ||
+ | HP5130 (JG933A) | ||
+ | <pre> | ||
+ | screen /dev/cu.usbserial 9600,cs8,-parenb,-cstopb,-clocal | ||
+ | </pre> | ||
+ | |||
+ | === Console === | ||
+ | Hier kurz die ersten Schritte - mehr gibt es im Manual des jeweiligen Models ;-) | ||
+ | |||
+ | Basics | ||
+ | <pre> | ||
+ | system-view // Von user-view in system view wechseln | ||
+ | System View: return to User View with Ctrl+Z. | ||
+ | |||
+ | sysname DEEPTHOUGHT // Gerätenamen ändern | ||
+ | ip route-static 0.0.0.0 0.0.0.0 192.168.0.1 // Default Route hinzufügen | ||
+ | dns server 208.67.222.222 | ||
+ | |||
+ | local-user fnord // Benutzer "fnord" anlegen | ||
+ | password simple 232323 // Passwort "232323" setzen | ||
+ | |||
+ | restore factory-default // Werkseinstellungen wiederherstellen | ||
+ | </pre> | ||
+ | |||
+ | Informationen | ||
+ | <pre> | ||
+ | display boot-loader | ||
+ | display current-configuration // Konfiguration anzeigen lassen (running-conf) | ||
+ | display saved-configuration // Konfiguration anzeigen lassen (saved-conf) | ||
+ | display ip routing-table | ||
+ | display version | ||
+ | display lldp neighbor-information // LLDP Informationen zu benachbarten Geräten anzeigen | ||
+ | display lldp neighbor-information list // LLDP Informationen in Listenform | ||
+ | display transceiver manuinfo interface // Transceicer info`s anzeigen | ||
+ | |||
+ | </pre> | ||
+ | |||
+ | Interface`s | ||
+ | <pre> | ||
+ | display interface brief // Portinformationen anzeigen | ||
+ | |||
+ | interface GigabitEthernet1/0/1 // In die Einstellungen für Port 1 wechseln | ||
+ | description BLABLABLA // Beschreibung | ||
+ | undo description // Beschreibung entfernen | ||
+ | ip address 192.168.23.5 255.255.255.0 // IP-Adresse den Port zuweisen | ||
+ | combo enable copper // Combo Port auf den Kupfer Port einstellen | ||
+ | port link-type trunk // Port Trunking aktivieren (tagged) | ||
+ | port link-type access // Port Access aktivieren (untagged) | ||
+ | port trunk permit vlan 5 23 // Port VLAN 5 und 23 hinzufügen | ||
+ | port trunk pvid vlan 23 // Default Port VLAN ID 1 auf Port VLAN ID 23 ändern | ||
+ | undo port trunk permit vlan 1 // Default VLAN entfernen | ||
+ | shutdown // Port deaktivern | ||
+ | undo shutdown // Port aktivieren | ||
+ | quit // Port 1 verlassen | ||
+ | save // Speichern! | ||
+ | |||
+ | interface range GigabitEthernet1/0/1 to GigabitEthernet1/0/12 // Ports 1-10 konfigurieren | ||
+ | </pre> | ||
+ | |||
+ | VLAN`s | ||
+ | <pre> | ||
+ | display vlan all | ||
+ | |||
+ | vlan 100 // VLAN 100 anlegen | ||
+ | description BLABLABLA // Beschreibung | ||
+ | name BLA // Name | ||
+ | quit // VLAN 100 verlassen | ||
+ | save // Speichern! | ||
+ | |||
+ | interface vlan-interface 100 // VLAN Port anlegen | ||
+ | ip address 192.168.23.5 24 // VLAN Port IP Adresse zuweisen (CIDR /24) | ||
+ | quit // VLAN Port verlassen | ||
+ | save // Speichern! | ||
+ | </pre> | ||
+ | |||
+ | SNMP | ||
+ | <pre> | ||
+ | snmp-agent sys-info version v1 v2c | ||
+ | snmp-agent community read public | ||
+ | snmp-agent community write private | ||
+ | |||
+ | snmp-agent trap enable | ||
+ | snmp-agent target-host trap address udp-domain 23.0.0.5 params securityname public v1 | ||
+ | |||
+ | snmp-agent sys-info contact Mr.Robot-Tel:2305 | ||
+ | snmp-agent sys-info location somewhere | ||
+ | </pre> | ||
+ | |||
+ | Sonstiges | ||
+ | <pre> | ||
+ | fan prefer-direction slot 1 power-to-port // Lüfter Richtungswechsel | ||
+ | </pre> | ||
+ | |||
+ | Zeit | ||
+ | <pre> | ||
+ | display clock | ||
+ | display ntp-service sessions | ||
+ | |||
+ | sntp enable | ||
+ | ntp-service unicast-server 0.de.pool.ntp.org | ||
+ | clock timezone 0 add 2 | ||
+ | |||
+ | |||
+ | </pre> | ||
+ | |||
+ | == HPE5130 == | ||
+ | * EI-Serie = seriellen Konsolenport als RJ45 Port | ||
+ | * HI-Serie = oobm-Port (Out-of-Band Management) |
Aktuelle Version vom 4. August 2021, 11:49 Uhr
Inhaltsverzeichnis
HP ProVision Switch Serie
Allgemein
Terminal Settings
Für den groß teil der Geräte bis 2015v gilt
- Symbolrate von 1200 bis 115200 (default 9600)
- 8 data bits
- 1 stop bit
- no parity
- flow control set to Xon/Xoff
mit Screen dieht das dann so aus: HP5130 (JG933A)
screen /dev/cu.usbserial 115200,cs8,-parenb,-cstopb,-clocal
Abweichende Switche
HP1920-24g-poe (JG928A)
screen /dev/cu.usbserial 38400,cs8,-parenb,-cstopb,-clocal
Console
Ein paar Schnipsel
erase startup-config // Switch auf factory defaults zurücksetzen & neustarten show version show flash show config show running-config show config status show log clear log show port-security intrusion-log // Kann nicht gelöscht werden (max. 20 Einträge), ältester Eintrag fliegt raus clear intrusion-flags // Löscht intrusion flags für alle ports. show interfaces status show interfaces brief show interfaces port-utilization // Bandbreitenübersicht show vlans show trunks show lacp show lldp info remote-device show cdp neighbors show port-security show power-over-ethernet <PORT> show mac-address [ port-list | mac-address | vlan<vid>]
Folgende Befehle im "(config)#" Mode
hostname deepthought // Neuen Hostnamen vergeben snmp-server location "<location>" // Standort des Switch snmp-server contact "<contact>" // Ansprechpartner für den Switch snmp-server community "public" manager restricted password all // Passwort für Operator & Manager setzen time timezone 60 // Zeitzone einstellen time daylight-time-rule Western-Europe // Sommer- / Winterzeitzone einstellen timesync sntp // SNTP aktivieren zur Zeitsynchronisation sntp unicast // SNTP Mode auf unicast setzen sntp 720 // SNTP Poll Intervall festlegen, hier 720sek. sntp server priority 1 78.46.53.8 // 0.de.pool.ntp.org sntp server priority 2 46.4.32.135 // 1.de.pool.ntp.org sntp server priority 3 148.251.68.100 // 2.de.pool.ntp.org crypto key generate ssh // Self-Signed cert für Pro Curve Switche crypto pki enroll-self-signed certificate-name <NAME> subject common-name <IP-ADDRESS> // Self-Signed cert für Pro Vision Switche interface <PORT> power // POE auf <PORT> aktivieren no interface <PORT> power // POE auf <PORT> deaktivieren web-management ssl // Webserver SSL sprechen lassen no web-management plaintext // Unverschlüsselte Verbindung verbieten ip ssh // SSH einschalten ip ssh filetransfer // TFTP Server & Client werden deaktiviert -> SCP & SFTP nutzen! aaa authentication num-attempts 3 // Nach 3 fehlerhaften Logins Zugang sperren no autorun // USB Autorum feature deaktivieren snmpv3 enable // authentication pw (MD5) & privacy password (DES) setzen, opt. SHA, snmp restriction snmpv3 only // Alte Protokolle deaktivieren (SNMPv1 + SNMPv2c) logging <IP-ADDRESS> tls // Syslog Kommunikation verschlüsseln (TLS) ip default-gateway 192.168.23.1 // Default Gateway entsprechend anpassen mirror-port <ethX> // Ziel inter definieren der den gedoppelten Traffic ausgibt interface <ethY> // Quell Port Interface auswähöen monitor // Mirror bzw. Monitoring starten // verlassen exit // (conf) verlassen um write memory // running-config als startup-config abzuspeichern
SFTP Firmware & Config
Für neue Switche z.B. 2920
copy running-config sftp <SFTP-USER>@<SFTP-SERVER-IP> /upload/switch-xy-config.conf // von Switch auf SFTP Server
TFTP Firmware & Config
Für alte Switche z.B. 2610
copy flash tftp <ip-adress-tftps> <filename> // Aktuelle Firmware auf den tftp schieben copy tftp flash <ip-adress-tftps> <filename> <primary|secondary> // Neue Firmware vom tftp holen boot system flash <primary | secondary> // Switch reboot mit pri bzw sec image copy <startup-config | running-config> tftp <ip-address> <remote-file> // von Switch auf remote tftp copy tftp <startup-config | running-config> <ip-address> <remote-file> // von remote tftp auf Switch
HP Pro Curve 1810G-8 (J9449A)
PW Reset
- Mit einer Büroklammer "Clear" Button 3sek. gedrückt halten, danach ohne PW einloggen.
Factory Reset
- Mit einer Büroklammer o.ä. "Reset" & "Clear" Button
- "Reset" Button gedrückt halten, "Clear" loslassen
- Wenn alle 3 Mode LED`s blinken auch den "Reset" Button loslassen
- Default IP: 192.168.2.10
HP Pro Curve 2610-48 (J9088A)
Rack Einbauwinkel, Abmessungen der Bohrungen 2,3x2,3cm (4 loch)
Factory Reset
CLI
# erase startup-config
Optionales Zubehör
Part | Description | Option part number |
Transceivers | HP ProCurve 100-FX SFP-LC transceiver | J9054B |
Transceivers | HP ProCurve 100-BX-D SFP-LC transceiver | J9099B |
Transceivers | HP ProCurve 100-BX-U SFP-LC transceiver | J9100B |
Power supply | HP ProCurve 600 redundant external power supply | J8168A |
Power supply | HP ProCurve 610 external power supply | J8169A |
Mini-GBICs | HP ProCurve Gigabit-SX-LC Mini-GBIC | J4858C |
Mini-GBICs | HP ProCurve Gigabit-LX-LC Mini-GBIC | J4859C |
Mini-GBICs | HP ProCurve Gigabit-LH-LC Mini-GBIC | J4860C |
Mini-GBICs | HP ProCurve Gigabit 1000Base-T Mini-GBIC | J8177C |
Mini-GBICs | HP ProCurve 1000-BX-D SFP-LC Mini-GBIC | J9142B |
Mini-GBICs | HP ProCurve 1000-BX-U SFP-LC Mini-GBIC | J9143B |
Rack Mount | HP Accessory Kit, Rack Mount Brackets | 5069-6535 |
SNMP
MIB | OBJECT LABEL | OBJECT ID | Data Type | Value (Example) |
RFC1213-MIB | mib-2 | .1.3.6.1.2.1 | - | |
- | system | .1.3.6.1.2.1.1 | - | |
- | sysDescr.0 | .1.3.6.1.2.1.1.1.0 | OctetString | "ProCurve J9088A Switch 2610-48...." |
- | sysUpTime.0 | .1.3.6.1.2.1.1.3.0 | TimeTicks | "Timeticks: (9400662) 1 day, 2:06:46.62" |
- | sysContact.0 | .1.3.6.1.2.1.1.4.0 | OctetString | "your@email.tld" |
- | sysName.0 | .1.3.6.1.2.1.1.5.0 | OctetString | "switch_23" |
- | sysLocation.0 | .1.3.6.1.2.1.1.6.0 | OctetString | "Rack 3" |
- | sysServices.0 | .1.3.6.1.2.1.1.7.0 | Integer | 74 |
- | interfaces | .1.3.6.1.2.1.2 | - | |
- | ifSpeed | .1.3.6.1.2.1.2.2.1.5.{1-48} | Integer | 100000000 |
- | ifPhysAddress | .1.3.6.1.2.1.2.2.1.6.{1-48} | OctetString | aa-bb-cc-dd-ee-ff |
- | ifAdminStatus | .1.3.6.1.2.1.2.2.1.7.{1-48} | Integer | 1 = up; 2 = down |
- | ifOperStatus | .1.3.6.1.2.1.2.2.1.8.{1-48} | Integer | 1 = up; 2 = down |
- | ifLastChange | .1.3.6.1.2.1.2.2.1.9.{1-48} | TimeTicks | 4 seconds (440) |
- | icmp | .1.3.6.1.2.1.5 | - | |
- | tcp | .1.3.6.1.2.1.6 | - | |
- | udp | .1.3.6.1.2.1.7 | - | |
- | snmp | .1.3.6.1.2.1.11 | - | |
RFC1271-MIB | rmon | .1.3.6.1.2.1.16 | - | |
BRIDGE-MIB | dot1dBridge | .1.3.6.1.2.1.17 | - | |
MAU-MIB | snmpDot3MauMgt | .1.3.6.1.2.1.26 | - | |
IF-MIB | interfaces | .1.3.6.1.2.1.31 | - | |
Enity MIB | entityMIB | .1.3.6.1.2.1.47 | - | |
- | entPhysicalSoftwareRev | .1.3.6.1.2.1.47.1.1.1.1.10.1 | OctetString | "R.11.107" (Primary Image) |
- | entPhysicalFirmwareRev | .1.3.6.1.2.1.47.1.1.1.1.9.1 | OctetString | "R.10.06" (Boot Rom Version) |
- | entPhysicalSerialNum | .1.3.6.1.2.1.47.1.1.1.1.11.1 | OctetString | "CN821****" |
RADIUS-AUTH-SERVER-MIB | radiusMIB | .1.3.6.1.2.1.67 | - | |
CISCO-SMI | cisco | .1.3.6.1.4.1.9 | - | |
HP-ICF-GENERIC-RPTR | hpSecurePortTable | .1.3.6.1.4.1.11.2.14.2.10.3 | - | |
HP-ICF-CHASSIS | hpicfChassisMib | .1.3.6.1.4.1.11.2.14.10.2.3 | - | |
- | hpicfChassisId | .1.3.6.1.4.1.11.2.14.11.1.2.1.0 | OctetString | "aa-bb-cc-dd-ee-ff" (MAC Address) |
- | hpicfSensorStatus | .1.3.6.1.4.1.11.2.14.11.1.2.6.1.4.1 | Integer | "4" (Fan) |
- | hpicfSensorStatus | .1.3.6.1.4.1.11.2.14.11.1.2.6.1.4.2 | Integer | "4" (Power Supply 1) |
- | hpicfSensorStatus | .1.3.6.1.4.1.11.2.14.11.1.2.6.1.4.3 | Integer | "5" (Power Supply 2) |
- | hpicfSensorStatus | .1.3.6.1.4.1.11.2.14.11.1.2.6.1.4.4 | Integer | "4" (Over Temperature) |
NETSWITCH-MIB | hpOpSystem | .1.3.6.1.4.1.11.2.14.11.5.1.1 | - | |
- | hpLocalMemTotalBytes | .1.3.6.1.4.1.11.2.14.11.5.1.1.2.1.1.1.5.1 | Integer | "84017872" (Memory Total) |
- | hpLocalMemFreeBytes | .1.3.6.1.4.1.11.2.14.11.5.1.1.2.1.1.1.6.1 | Integer | "73556512" (Memory Free) |
- | hpLocalMemAllocBytes | .1.3.6.1.4.1.11.2.14.11.5.1.1.2.1.1.1.7.1 | Integer | "10436064" (Memory Used) |
STATISTICS-MIB | hpSwitchStatistics | .1.3.6.1.4.1.11.2.14.11.5.1.9 | - | |
- | hpSwitchCpuStat | .1.3.6.1.4.1.11.2.14.11.5.1.9.6.1.0 | Integer | "4" (CPU) |
- | hpSwitchFdbAddressCount | .1.3.6.1.4.1.11.2.14.11.5.1.9.12.1.0 | Integer | "12" (MAC Adress Count) |
- | hpHttpMgEntityNetInfoIPAddress | .1.3.6.1.4.1.11.2.36.1.1.3.1.1.7.1 | OctetString | "192.168.23.23" |
- | hpHttpMgDeviceGlobalUniqueID | .1.3.6.1.4.1.11.2.36.1.1.5.1.1.2.1 | OctetString | "HPJ9088ACN821*****" |
SNMP-COMMUNITY-MIB (RFC1271) | snmpCommunityMIB | .1.3.6.1.6.3.18 | - |
HP Status Werte
- 1 unknown
- 2 bad
- 3 warning
- 4 good
- 5 not present
HP Pro Curve 2920-48G-POE+ (J9729A)
Downloads
SOftware Auswahl:
J9727A - Aruba 2920 24G POE+ Switch (J9727A)*
J9729A - Aruba 2920 48G POE+ Switch
SNMP
MIB | OBJECT LABEL | OBJECT ID | Data Type | Value (Example) |
RFC1213-MIB | mib-2 | .1.3.6.1.2.1 | - | |
- | system | .1.3.6.1.2.1.1 | - | |
- | sysDescr | .1.3.6.1.2.1.1.1.0 | STRING | HP J9729A 2920-48G-POE+ Switch, revision WB.15.15.0012, ROM WB.15.05 (/ws/swbuildm/ |
- | .1.3.6.1.2.1.47.1.2.1.1.2.1.<VLAN_ID> | STRING | (VLAN Names) | |
- | .1.3.6.1.2.1.47.1.2.1.1.5.<VLAN_ID> | Hex-STRING | (VLAN Port des jeweiligen VLAN) | |
- | .1.3.6.1.2.1.47.1.1.1.1.11.1001 | STRING | SG5AFLZDYW (HP Switch "Chassis" Serial Nr.) | |
- | .1.3.6.1.2.1.47.1.1.1.1.11.26001 | STRING | J9731A (HP Switch Modul "A" Serial Nr.) | |
- | .1.3.6.1.2.1.47.1.1.1.1.11.27049 | STRING | J9150A (HP Switch Modul Transreceiver "Port A1" Serial Nr.) | |
- | .1.3.6.1.2.1.47.1.1.1.1.13.1001 | STRING | J9729A (HP Switch "Chassis" Nr.) | |
- | .1.3.6.1.2.1.47.1.1.1.1.13.26001 | STRING | J9731A (HP Switch Modul "A" Nr.) | |
- | .1.3.6.1.2.1.47.1.1.1.1.13.27049 | STRING | J9150A (HP Modul Transreceiver "Port A1" Nr.) | |
MIB ENTITY-SENSOR-MIB | entitySensorMIB | .1.3.6.1.2.1.99 | - | |
- | .1.3.6.1.2.1.99.1.1.1.7.12001 | Timeticks | (446938650) 51 days, 17:29:46.50 (Uptime) | |
radiusDynAuthServerMIB | .1.3.6.1.2.1.146 | - | ||
- | .1.3.6.1.2.1.146.1.1.3.0 | STRING | "SW-CNTNR-SRVR-48" (Hostname) |
HPE Comware-Switch Serie
Allgemein
Bei Neugeräten dieser Switch Familie (HPE Comware-Switch, A-Serie) muss man bevor es auf der Console los geht den "automatic configuration process" mit der Tastenkombination "CTRL+D" unterbrechen [1] und dann vom "user-view" in den "system-view" wechseln um SSH einzuschalten undf eine Startup Configuration anzulegen.
Links
- Befehlsreferenz von Markus Hüther (Danke für den Einstieg)
- HPE Networking Switches - Understanding VLAN port Types|
Terminal Settings
HP5130 (JG933A)
screen /dev/cu.usbserial 9600,cs8,-parenb,-cstopb,-clocal
Console
Hier kurz die ersten Schritte - mehr gibt es im Manual des jeweiligen Models ;-)
Basics
system-view // Von user-view in system view wechseln System View: return to User View with Ctrl+Z. sysname DEEPTHOUGHT // Gerätenamen ändern ip route-static 0.0.0.0 0.0.0.0 192.168.0.1 // Default Route hinzufügen dns server 208.67.222.222 local-user fnord // Benutzer "fnord" anlegen password simple 232323 // Passwort "232323" setzen restore factory-default // Werkseinstellungen wiederherstellen
Informationen
display boot-loader display current-configuration // Konfiguration anzeigen lassen (running-conf) display saved-configuration // Konfiguration anzeigen lassen (saved-conf) display ip routing-table display version display lldp neighbor-information // LLDP Informationen zu benachbarten Geräten anzeigen display lldp neighbor-information list // LLDP Informationen in Listenform display transceiver manuinfo interface // Transceicer info`s anzeigen
Interface`s
display interface brief // Portinformationen anzeigen interface GigabitEthernet1/0/1 // In die Einstellungen für Port 1 wechseln description BLABLABLA // Beschreibung undo description // Beschreibung entfernen ip address 192.168.23.5 255.255.255.0 // IP-Adresse den Port zuweisen combo enable copper // Combo Port auf den Kupfer Port einstellen port link-type trunk // Port Trunking aktivieren (tagged) port link-type access // Port Access aktivieren (untagged) port trunk permit vlan 5 23 // Port VLAN 5 und 23 hinzufügen port trunk pvid vlan 23 // Default Port VLAN ID 1 auf Port VLAN ID 23 ändern undo port trunk permit vlan 1 // Default VLAN entfernen shutdown // Port deaktivern undo shutdown // Port aktivieren quit // Port 1 verlassen save // Speichern! interface range GigabitEthernet1/0/1 to GigabitEthernet1/0/12 // Ports 1-10 konfigurieren
VLAN`s
display vlan all vlan 100 // VLAN 100 anlegen description BLABLABLA // Beschreibung name BLA // Name quit // VLAN 100 verlassen save // Speichern! interface vlan-interface 100 // VLAN Port anlegen ip address 192.168.23.5 24 // VLAN Port IP Adresse zuweisen (CIDR /24) quit // VLAN Port verlassen save // Speichern!
SNMP
snmp-agent sys-info version v1 v2c snmp-agent community read public snmp-agent community write private snmp-agent trap enable snmp-agent target-host trap address udp-domain 23.0.0.5 params securityname public v1 snmp-agent sys-info contact Mr.Robot-Tel:2305 snmp-agent sys-info location somewhere
Sonstiges
fan prefer-direction slot 1 power-to-port // Lüfter Richtungswechsel
Zeit
display clock display ntp-service sessions sntp enable ntp-service unicast-server 0.de.pool.ntp.org clock timezone 0 add 2
HPE5130
- EI-Serie = seriellen Konsolenport als RJ45 Port
- HI-Serie = oobm-Port (Out-of-Band Management)