Cisco - ProCurve Interoperability
advertisement
ProCurve Networking ProCurve / Cisco Interoperability Guide Introduction........................................................................................ 3 Discovery protocols: LLDP & CDP ........................................................... 4 VLAN configuration .............................................................................. 7 Introduction ..................................................................................... 7 VLAN configuration on Cisco Catalyst ................................................... 8 VLAN configuration on HP ProCurve ....................................................10 Checking VLANs status and connectivity ..............................................11 Additional info about VLANs...............................................................14 Link aggregation ................................................................................19 Introduction ....................................................................................19 A Static Trunk/Channel .....................................................................21 LACP Trunk/Channel.........................................................................24 Spanning-Tree ...................................................................................29 Introduction ....................................................................................29 MSTP Configuration ..........................................................................31 Cisco as Core running PVST+, HP ProCurve as Edge running RSTP ..........41 HP ProCurve as Core running RSTP, Cisco as Edge running PVST+ ..........47 IP routing Interoperability....................................................................55 Sample topology ..............................................................................55 RIP configuration .............................................................................55 Other RIP features ...........................................................................58 OSPF Single Area .............................................................................60 Redistribution into OSPF ...................................................................64 Configuration of Multiple OSPF areas ..................................................70 Other OSPF features.........................................................................77 IP Multicast interoperability..................................................................80 Introduction ....................................................................................80 PIM DENSE Mode .............................................................................80 PIM SPARSE Mode............................................................................86 Introduction Today’s multi-vendor environments present many challenges to administrators trying to configure dissimilar (proprietary vs. standard) protocols. In an effort to accommodate the needs for many of our partners and customers, ProCurve networking has written this guide to assist in the configuration and deployment of ProCurve and Cisco environments. The intent of this document isn’t to describe why you should do these things, nor does it argue what the benefits are. It merely goes through how to accomplish the necessary configurations to get the Cisco and ProCurve switches configured so that they will work together. While the testing conducted was extensive, it is impossible that all possible configurations and scenarios were captured. This document therefore, can not be assumed to be perfect as it applies to every environment. Please consider carefully the implications of some of these changes before instituting them. The recommendation is to test the new configurations in a controlled environment prior to rolling out changes that could impact your production environment. Additionally, saving current configuration files for switches is a good practice for backup. Thank you Discovery protocols: LLDP & CDP ProCurve is committed to standards. And it is logically that the proprietary discovery protocol CDP (Cisco Discovery protocol) has been replaced by the IEEE 802.1AB standard LLDP (Link Layer Discovery protocol) when this one was released. If LLDP is enabled by default, CDP remains in Read-only mode (receive-only). Then ProCurve switches can discover LLDP neighbors as well as Cisco device neighbors. Note: Cisco does not support yet LLDP in its equipments. Cisco IP Phone could in a close future supports LLDP-MED (Media End-Point Discovery) which will then allow automatic discovery and configuration of IP Phones. Some IP Phone vendors such as Avaya and Mitel are already committed to LLDP-MED. The network scheme used here is the same as in the MSTP example. e1 Gi1/1 e2 Procurve-Edge-1 Gi1/1 Gi1/3 Gi1/3 Gi1/2 Gi1/2 Cisco-Core-2 Cisco-Core-1 e1 e2 Procurve-Edge-2 Discovery configuration We simply use the default configuration regarding Discovery protocols. On ProCurve switches: LLDP is enabled in send and receive mode. CDP is enabled in received mode. On Cisco: CDP is enabled by default. Checking Discovery info on a ProCurve switch The following command lists CDP neighbors. As expected, it displays the two Catalyst 6500. ProCurve-Edge-1# show cdp neighbors CDP neighbors information Port ---1 2 Device ID ---------------------Core-Cisco-1 Core-Cisco-2 | + | | Platform Capability ---------------------------- ----Cisco IOS Software, C6500... R S Cisco IOS Software, C6500... R S LLDP neighbors: the ProCurve switch displays the two Catalyst 6500 as well because the LLDP display includes the CDP neighbors. ProCurve-Edge-1# show lldp info remote-device LLDP Remote Devices Information LocalPort --------1 2 | + | | ChassisId ------------------------Core-Cisco-1 Core-Cisco-2 PortId PortDescr SysName ------ --------- --------------Gig... Gig... We display the LLDP neighbors attached to given ports. It shows details about neighbors. ProCurve-Edge-1# show lldp info remote-device 1-2 LLDP Remote Device Information Detail Local Port ChassisType ChassisId PortType PortId SysName System Descr M)... PortDescr : : : : : : : 1 local Core-Cisco-1 local GigabitEthernet0/1 Cisco IOS Software, C6500 Software (C6500-IPSERVICESK9- : System Capabilities Supported System Capabilities Enabled : bridge, router : bridge, router Remote Management Address Type : ipv4 Address : 10.1.1.1 ------------------------------------------------------------------------Local Port : ChassisType ChassisId PortType PortId SysName System Descr M)... PortDescr 2 : : : : : : local Core-Cisco-2 local GigabitEthernet0/1 Cisco IOS Software, C6500 Software (C6500-IPSERVICESK9- : System Capabilities Supported System Capabilities Enabled : bridge, router : bridge, router Remote Management Address Type : ipv4 Address : 10.1.1.2 Checking Discovery info on a Cisco switch As ProCurve switches do not send anymore CDP frames, a Cisco switch will not recognize ProCurve neighbors. Let’s hope for a Cisco commitment to the IEEE LLDP standard. Core-Cisco-1#show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone Device ID Core-Cisco-2 Local Intrfce Gig 0/3 Holdtme 171 Capability R S I Platform Port ID WS-C6500-4 Gig0/3 VLAN configuration 11- Introduction 12- VLAN Configuration on Cisco Catalyst 13- VLAN configuration on HP ProCurve 14- Checking VLANs status and connectivity 15- Additional info about VLANs a. Native VLAN b. Configuring a “management” VLAN other than VLAN 1 c. Changing maximum number of VLANs d. Configuring ports for IP Phones e. VTP – GVRP f. Cisco Extended Range of VLANs Introduction Glossary This chapter deals with port based VLANs that Cisco and HP ProCurve both support. Different names are used to describe similar concepts on both platforms. Cisco HP ProCurve What is it? Trunk Tagged Access Untagged Native VLAN - A port that “carries” multiple VLANs using the 802.1q tag, for example an uplink, an IP phone port. A port that belongs to a unique VLAN and is untagged Defines the untagged VLAN of a 802.1q tagged port. Defaults to VLAN 1 on HP and Cisco Sample topology Edge/Access ports untagged in VLANs 10,20, 30 & 40 Vlan 20 Vlan 30 Vlan 40 10.1.40.1/24 10.1.30.1/24 10.1.20.1/24 10.1.10.1/24 10.1.1.1/24 Vlan 1 Vlan 10 Uplink 802.1q port tagged in VLANs 10,20, 30 & 40 and untagged in vlan 1 Cisco-1 Procurve-1 Vlan 20 Vlan 30 Vlan 40 10.1.40.2/24 10.1.30.2/24 10.1.20.2/24 Vlan 1 10.1.10.2/24 10.1.1.2/24 Vlan 10 VLAN configuration on Cisco Catalyst Step 1: VLAN Creation Conf t vlan 10, 20, 30, 40 Step 2: Assignment of Access ports to VLANs interface range FastEthernet1/0/10 - 19 switchport access vlan 10 switchport mode access interface range FastEthernet1/0/20 - 29 switchport access vlan 20 switchport mode access interface range FastEthernet1/0/30 - 39 switchport access vlan 30 switchport mode access interface range FastEthernet1/0/40 - 48 switchport access vlan 40 switchport mode access Step 3: Creation of 802.1q links (Cisco “Trunk”) interface FastEthernet1/0/1 The “encapsulation” method defines how multiple VLANs are carried on Cisco Ethernet links. Cisco supports a proprietary method, ISL, and the IEEE standard 802.1q (noted “dot1q”). switchport trunk encapsulation dot1q By default, a Cisco “trunk” carries all VLANs. The “allowed VLAN” restricts transport of VLANs to the specified VLANs. switchport trunk allowed vlan 1,10,20,30,40 By default, a port is in ”access” mode, i.e. it belongs to one VLAN only. switchport mode trunk Cisco also supports a proprietary negotiation protocol for the trunk named DTP (Dynamic Trunk Protocol). When defined in “trunk” mode the port generates DTP frames. The following command disables generation of DTP frames. This is the recommended configuration when connected to ProCurve switches. switchport nonegotiate Step 4: IP configuration If the switch is a layer 2 switch, a unique IP address is usually defined in one VLAN for management purpose only and a default gateway is configured for access from remote subnets. interface vlan1 ip address 10.1.1.2 255.255.255.0 no shutdown ip default-gateway 10.1.1.1 In this sample, for testing connectivity, one IP address has been defined in each VLAN. interface vlan10 ip address 10.1.10.2 no shutdown interface vlan20 ip address 10.1.20.2 no shutdown interface vlan30 ip address 10.1.30.2 no shutdown interface vlan40 ip address 10.1.40.2 no shutdown 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 VLAN configuration on HP ProCurve Step1: VLAN creation and port assignment VLAN creation Conf Ports 1 to 9 are assigned to VLAN 10 and removed from VLAN 1 (default VLAN). Port 45 (uplink) is tagged in VLAN 10 while remaining untagged member of VLAN 1. vlan 10 name Test10 untagged 1-9 tagged 45 Exit Ports 10 to 19 are assigned to VLAN 20. Port 45 (uplink) is tagged in VLAN 20. vlan 20 untagged 10-19 tagged 45 exit vlan 30 untagged 20-29 tagged 45 exit vlan 40 untagged 30-44 tagged 45 exit Step2: IP address One or more IP address per VLAN can be configured. Usually on a L2 switch, one ip address in a VLAN and a default-gateway is defined. In this example, multiple IP addresses have been defined for testing connectivity. vlan 1 ip address exit vlan 10 ip address exit vlan 20 ip address exit vlan 30 ip address exit 10.1.1.1 255.255.255.0 10.1.10.1 255.255.255.0 10.1.20.1 255.255.255.0 10.1.30.1 255.255.255.0 vlan 40 ip address 10.1.40.1 255.255.255.0 exit Checking VLANs status and connectivity Checking VLANs on Cisco Checking ports assignment to VLANs The following display shows the “access” ports and does not include the Cisco “trunk” (802.1q links) ports. Cisco-1#show vlan vlan Name Status Ports ---- -------------------------------- --------- ----------------------------1 default active Fa1/0/2, Fa1/0/3, Fa1/0/4 Fa1/0/5, Fa1/0/6, Fa1/0/7 Fa1/0/8, Fa1/0/9, Fa1/0/19 Fa1/0/45, Fa1/0/46, Fa1/0/47 Fa1/0/48, Gi1/0/1, Gi1/0/2 Gi1/0/3, Gi1/0/4 10 vlan0010 active Fa1/0/10, Fa1/0/11, Fa1/0/12 Fa1/0/13, Fa1/0/14, Fa1/0/15 Fa1/0/16, Fa1/0/17, Fa1/0/18 20 vlan0020 active Fa1/0/20, Fa1/0/21, Fa1/0/22 Fa1/0/23, Fa1/0/24, Fa1/0/25 Fa1/0/26, Fa1/0/27, Fa1/0/28 Fa1/0/29 30 vlan0030 active Fa1/0/30, Fa1/0/31, Fa1/0/32 Fa1/0/33, Fa1/0/34, Fa1/0/35 Fa1/0/36, Fa1/0/37, Fa1/0/38 Fa1/0/39 40 vlan0040 active Fa1/0/40, Fa1/0/41, Fa1/0/42 Fa1/0/43, Fa1/0/44 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup (skip…) Checking a Cisco “Trunk” (802.1q) port status Note the operational mode, the encapsulation mode dot1q (802.1q), the Native VLAN (the untagged VLAN on the 802.1q link) and the allowed VLANs on port. Cisco-1#show int fa1/0/1 switchport Name: Fa1/0/1 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: Off Access Mode vlan: 1 (default) Trunking Native Mode vlan: 1 (default) Administrative Native vlan tagging: enabled … (skip) Trunking vlans Enabled: 1,10,20,30,40 Pruning vlans Enabled: 2-1001 Capture Mode Disabled Capture vlans Allowed: ALL … (skip) Checking access port status Cisco-1#sh int fa1/0/10 switchport Name: Fa1/0/10 Switchport: Enabled Administrative Mode: static access Operational Mode: up Administrative Trunking Encapsulation: negotiate Negotiation of Trunking: Off Access Mode vlan: 10 (vlan0010) Trunking Native Mode vlan: 1 (default) Administrative Native vlan tagging: enabled … (skip) Testing connectivity The connectivity is tested in the various VLANs defined on the 802.1q link Cisco-1#ping 10.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms Cisco-1#ping 10.1.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.10.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/9 ms Cisco-1#ping 10.1.20.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.20.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms Cisco-1#ping 10.1.30.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.30.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms Cisco-1#ping 10.1.40.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.40.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms Checking VLANs on HP ProCurve The following is a list of defined VLANs. Procurve-1(config)# show vlan Status and Counters - vlan Information Maximum vlans to support : 8 Primary vlan : DEFAULT_vlan Management vlan : 802.1Q vlan ID -------------1 10 20 30 40 Name -----------DEFAULT_vlan TEST10 vlan20 vlan30 vlan40 | + | | | | | Status ---------Port-based Port-based Port-based Port-based Port-based Voice ----No No No No No Jumbo ----No No No No No *Note that the maximum number of VLANs can be increased. List of ports defined in a given VLAN Procurve-1(config)# show vlan 10 Status and Counters - vlan Information - Ports - vlan 10 802.1Q vlan ID : 10 Name : Test10 Status : Port-based Voice : No Jumbo : No Port Information ---------------1 2 3 4 5 6 7 8 9 45 46 47 48 Mode -------Untagged Untagged Untagged Untagged Untagged Untagged Untagged Untagged Untagged Tagged Tagged Tagged Tagged Unknown vlan -----------Learn Learn Learn Learn Learn Learn Learn Learn Learn Learn Learn Learn Learn Status ---------Down Down Down Down Down Down Down Down Down Up Down Down Down List of VLANs defined for a given port. Although it is not explicitly shown in this display, port 45 is tagged in VLAN 10, 20, 30 and 40 and untagged in 1. Procurve-1(config)# show vlan port 45 Status and Counters - vlan Information - for ports 46 802.1Q vlan ID -------------1 10 20 30 40 Name -----------DEFAULT_vlan TEST10 vlan20 vlan30 vlan40 | + | | | | | Status ---------Port-based Port-based Port-based Port-based Port-based Voice ----No No No No No Jumbo ----No No No No No Port 10 as an access port is untagged and belongs to VLAN 20 only Procurve-1(config)# show vlan port 10 Status and Counters - vlan Information - for ports 10 802.1Q vlan ID Name | Status Voice Jumbo -------------- ------------ + ---------- ----- ----20 vlan20 | Port-based No No Checking IP interfaces Procurve-1(config)# sh ip Internet (IP) Service IP Routing : Disabled Default-gateway : 10.1.1.1 Default TTL : 64 Arp Age : 20 vlan | ----------- + DEFAULT_vlan| TEST10 | vlan20 | vlan30 | vlan40 | IP Config ---------Manual Manual Manual Manual Manual IP Address ------------10.1.1.1 10.1.10.1 10.1.20.1 10.1.30.1 10.1.40.1 Subnet Mask --------------255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 Proxy ARP --------No No No No No Additional info about VLANs The “Native” VLAN The concept of native VLAN on Cisco defines the “untagged” VLAN on a “tagged” link. It is VLAN 1 by default. It can be changed with the following commands: interface FastEthernet1/0/1 switchport trunk native vlan 99 Which native VLAN is defined on a port can be checked with: Show interface Fa1/0/1 switchport On HP ProCurve, when a port is tagged for any number of VLANs, it remains untagged in VLAN 1 by default. To make VLAN 99 the untagged (native) VLAN of a tagged port, enter the following commands: vlan 99 Untagged 45 Then check that Port 45 is untagged in VLAN 99 with: Show vlan 99 Usually the Native VLAN is used to manage switches. Tip : What is the benefit of configuring the Native Vlan with an IP address? A switch, with its default configuration, have all ports untagged. If connected to a tagged port, this switch will still be able to send and receive frames through the “untagged’ (native) VLAN. It will then be able to receive an IP address automatically via DHCP. This IP address can be discovered by LLDP (show lldp info remote) or found at the DHCP server. The switch can then be managed and configured remotely via Telnet. Configuring a “management” VLAN other than VLAN 1 It is very common to use VLAN 1 as the management VLAN. But any created VLAN can be used to manage switches. As explained in the previous paragraph, it is common to use the Native/Untagged VLAN to be the management VLAN. Again this is not mandatory and one can choose the VLAN to be carried as tagged on uplinks. Choosing a VLAN other than VLAN 1 for management, we make a clear distinction between Default VLAN and Management VLAN. In the following example, VLAN 99 is used as the management VLAN and defined as untagged on 802.1q uplinks. ProCurve configuration of a management VLAN vlan 99 Untagged 45 Ip address 10.1.99.1/24 exit Ip default-gateway 10.1.99.1 vlan 10 Tagged 45 exit vlan 20 Tagged 45 exit vlan 30 Tagged 45 exit vlan 40 Tagged 45 Exit Checking VLAN Procurve-1# show vlan 99 Status and Counters - vlan Information - Ports - vlan 99 802.1Q vlan ID : 99 Name : vlan99 Status : Port-based Voice : No Jumbo : No Port Information Mode Unknown vlan Status ---------------- -------- ------------ ---------45 Untagged Learn Up Procurve-1# show vlan port 45 Status and Counters - vlan Information - for ports 45 802.1Q vlan ID -------------10 20 30 40 99 Name -----------TEST10 vlan20 vlan30 vlan40 vlan99 | + | | | | | Status ---------Port-based Port-based Port-based Port-based Port-based Voice ----No No No No No Jumbo ----No No No No No Configuration of a management VLAN on Cisco interface FastEthernet1/0/1 switchport trunk encapsulation dot1q switchport trunk native vlan 99 switchport trunk allowed vlan 1,10,20,30,40,99 switchport mode trunk int vlan 99 ip address 10.199.2 255.255.255.0 no shutdown Checking VLAN Cisco-1#sh vlan 99 vlan Name Status Ports ---- -------------------------------- --------- ------------------------99 vlan0099 active Checking Cisco trunk port status Cisco-1#sh int fa 1/0/1 switchport Name: Fa1/0/1 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: On Access Mode vlan: 1 (default) Trunking Native Mode vlan: 99 (vlan0099) Administrative Native vlan tagging: enabled Voice vlan: none … (skip) Trunking vlans Enabled: 1,10,20,30,40,99 Pruning vlans Enabled: 2-1001 … (skip) Checking connectivity Cisco-1#ping 10.1.99.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.99.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/9 ms Note that HP ProCurve also defines a security concept called “Management VLAN”. When enabled, it becomes the only VLAN through which the switch can be configured. It is disabled by default. (see Advanced Traffic Management Guide, Jan ’05. @ http://www.hp.com/rnd/support/manuals/5300xl.htm ) to configure. Changing the maximum number of VLANs on ProCurve On ProCurve, the maximum number of VLANs can be increased by entering: Conf Max-vlans 48 Write memory reload Configuration of ports for IP Phones To support both an IP Phone and a PC, a port is configured with one tagged VLAN (for example 200) to carry voice and one untagged VLAN (for example 10) to transport the data On ProCurve: vlan 10 name DATA10 Untagged B1-B12 vlan 200 name IPVOICE Tagged B1-B12 On Cisco: Interface range fa1/0/1 - 12 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,200 switchport mode trunk switchport trunk native vlan 10 switchport nonegotiate VTP – GVRP Cisco supports the proprietary protocol VTP (VLAN Trunking Protocol) that allows propagation of created, deleted or modified VLANs through multiple Cisco switches. ProCurve switches do not support it. On the other hand, HP supports the IEEE GVRP standard (GARP VLAN Registration Protocol) which combines automatic creation of VLANs and automatic tagging of uplinks. GVRP is supported on some Cisco switches running the CatOS software and interacts properly with ProCurve switches. But it’s that GVRP support as been removed in the IOS for Catalyst switches Cisco Extended Range of VLANs Previously to 802.1q mode, Cisco “trunk” ports supported the proprietary ISL mode to carry multiple VLANs on a port. The VLAN-id in ISL is based on 10 Bits and then supports VLANs ranging from 1 to 1023. With 802.1q support, VLAN Id is on 12 bits and Cisco has defined an “extended range” to support VLANs from 1024 to 4095. To create a VLAN in the “extended range”, vtp must be defined in “transparent mode” with the following global config mode command: Vtp mode transparent Link aggregation 21- Introduction 22- Static Link Aggregation 23- LACP Link Aggregation HP Active and Cisco passive Cisco Active and HP passive HP static LACP and Cisco passive Introduction Glossary Cisco HP ProCurve What is it? Channel-group Trunk Port-channel Trunk port Int channel 1 Int trk1 Description of an aggregated link The logical port representing an aggregated link To enter the configuration mode of an aggregated link interface FEC is the “Fast EtherChannel” concept. It implements the “Port Aggregation Protocol” (PAgP) that allows two equipments to negotiate a link aggregation. FEC is supported on most of the Cisco switches and routers. It used to be supported in the oldest version of firmware of ProCurve. Note: In the most recent versions of Firmware, support for FEC has been removed. LACP is the “Link Aggregation Control Protocol” defined by the 802.3ad standard. Similarly to FEC, it provides a way for both parts to negotiate a port aggregation. With LACP, one or more additional links can operate as « standby » links that will activate only if another active link goes down Static and Dynamic trunks/channels A “Static” trunks becomes an active trunk unconditionally and independently of the configuration of the other side. A static trunk does not need any protocol to be created. “Dynamic” trunks will be created if both sides agree to it. To do so, they exchange messages, either PAgP or LACP, to negotiate their status. One side is said “active” (LACP) or “desirable” (PAgP), meaning that it initiates the negotiation. The other side is said ”passive” (LACP) or “auto” (PAgP) and forms a link aggregation automatically. Static and Dynamic On most HP ProCurve devices1, static trunks can also be defined as LACP. In that case, they become active unconditionally AND generate LACP frames to allow the remote side to form a trunk automatically. When to use a static or a dynamic trunk/channel? Static trunks “always” work and can be used to create link aggregation with switches of many brands and with servers equipped with the right NIC and driver. Because of its simplicity, it is the preferred method. When one manages a large number of trunks and doesn’t know in advance what will be connected to the ports of a switch, dynamic trunks can reduce the configuration burden. If the remote side supports LACP in passive mode (default on Cisco and HP), one side only has to be configured in “active” mode for the trunk to be formed automatically. What works together? When connecting a Cisco and a HP ProCurve switch, some options work together and some don’t. This table summarizes what options can be combined with each other to create a trunk on both sides. HP / Cisco mode On (no FEC protocol) Desirable FEC Auto LACP Active LACP Passive Static (no protocol) Y N N N N Static FEC(*) Y Y Y N N Static LACP Y N N Y Y LACP Active N N N Y Y LACP Passive N N N Y N Legend N=No, one side at least will not create a trunk; Y=yes trunk is created on both sides, Y= yes and preferred setup. (*): requires older version of firmware of ProCurve switches Ports in the link aggregation group Ports in the channel or trunk group must share same characteristics: speed, duplex, vlan assignment. The media type, such as 1000BT or 1000SX, can be mixed on HP ProCurve. The same holds true for Cisco. 1 Refer to ProCurve switch owner’s manual to determine if FEC is supported on a particular model. “Logical” port defined by the Link aggregation On Cisco it is named “port-channel” and is configured as the “Interface Portchannel x”. On HP ProCurve it is name “trunk port” and is configured as the “interface Trk#” for a static trunk or “interface Dyn#” for a dynamic trunk. On HP ProCurve, when a trunk is formed, it is assigned to the default-vlan. A Static Trunk/Channel Sample Topology Cisco Channel Fa1/0/1 - 4 Trunk 45 - 48 Procurve In this example, trunk/channel group is configured as a L2 port assigned to Vlan 10. Static Trunk on HP ProCurve Configuration conf trunk 45-48 Trk1 Trunk Trk1 is a “logical” port and can be assigned to a Vlan as any other physical port. An IP address is assigned to Vlan 10 to test connectivity vlan 10 untagged Trk1 ip address 10.1.10.1 255.255.255.0 exit Checking trunk status To verify what ports are members of a trunk: ProCurve# show trunk Load Balancing Port ---45 46 47 48 | Name + -------------------------------| | | | Type --------100/1000T 100/1000T 100/1000T 100/1000T | + | | | | Group ----Trk1 Trk1 Trk1 Trk1 Type ----Trunk Trunk Trunk Trunk What vlans does trunk Trk1 belongs to? ProCurve# show vlan port trk1 Status and Counters - VLAN Information - for ports Trk1 802.1Q VLAN ID Name | Status Voice Jumbo -------------- ------------ + ---------- ----- ----10 VLAN10 | Port-based No No To check connectivity with neighbor: ProCurve# ping 10.1.1.2 10.1.1.2 is alive, time = 1 ms Static port-channel on Cisco Configuration conf t interface range FastEthernet1/0/1 – 4 Interfaces are configured as L2 interface in Vlan 10 switchport mode access switchport access vlan 10 Interfaces are put in the same channel group. “On” mode means static. channel-group 1 mode ? active Enable LACP unconditionally auto Enable PAgP only if a PAgP device is detected desirable Enable PAgP unconditionally on Enable Etherchannel only passive Enable LACP only if a LACP device is detected channel-group 1 mode on An IP address is assigned to Vlan 10 to test connectivity. interface Vlan 10 ip address 10.1.10.2 255.255.255.0 no shutdown end Checking Channel status Cisco1#show Flags: D I H R U u w d - etherchannel 1 summary down P - in port-channel stand-alone s - suspended Hot-standby (LACP only) Layer3 S - Layer2 in use f - failed to allocate aggregator unsuitable for bundling waiting to be aggregated default port Number of channel-groups in use: 1 Number of aggregators: 1 Group Port-channel Protocol Ports ------+-------------+-----------+-------------------------------------1 Po1(RU) PAgP Fa1/0/1(P) Fa1/0/2(P) Fa1/0/3(P) Fa1/0/4(P) Cisco#show int etherchannel 1 detail ---FastEthernet1/0/1: Port state = Up Mstr In-Bndl Channel group = 1 Mode = On/FEC Port-channel = Po1 GC = Po1 Port index = 0 Load = 0x00 Gcchange = Pseudo port-channel = Protocol = Age of the port in the current state: 00d:00h:02m:11s … (skip) Info is repeated for all ports that are members of the channel - LACP Trunk/Channel With LACP, one side must be “active” (send LACP frames) and the other “passive”. Dynamic channel/trunk: Cisco active – HP passive Cisco LACP Active configuration Cisco switch is defined as the “active” side conf t int range fa1/0/1 - 4 channel-group 1 mode active exit Check channel status Cisco#sh int etherchannel ---FastEthernet1/0/1: Port state = Up Mstr In-Bndl Channel group = 1 Mode = Active Port-channel = Po1 GC = Port index = 0 Load = 0x00 Flags: S - Device is sending Slow LACPDUs A - Device is in active mode. Gcchange = Pseudo port-channel = Po1 Protocol = LACP F - Device is sending fast LACPDUs. P - Device is in passive mode. Local information: Port Fa1/0/1 Flags SA State bndl LACP port Priority 32768 Admin Key 0x1 Partner's information: LACP port Port Flags Priority Dev ID Age Fa1/0/1 SP 0 0011.0a50.0d80 8s Oper Key 0x1 Oper Key 0x0 Age of the port in the current state: 00d:00h:00m:06s (skip info..) Port-channel1:Port-channel1 (Primary aggregator) Age of the Port-channel = 00d:00h:06m:15s Logical slot/port = 10/1 Number of ports = 4 HotStandBy port = null Port state = Port-channel Ag-Inuse Protocol = LACP Ports in the Port-channel: Index Load Port EC state No of bits ------+------+------+------------------+----------0 00 Fa1/0/1 Active 0 0 00 Fa1/0/2 Active 0 0 00 Fa1/0/3 Active 0 0 00 Fa1/0/4 Active 0 Port Number 0x3 Port Number 0x2D Port State 0x3D Port State 0x3C Time since last port bundled: 00d:00h:00m:09s Time since last port Un-bundled: 00d:00h:02m:54s Fa1/0/4 Fa1/0/4 Test connectivity Cisco#ping 10.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds: ..!!! Success rate is 60 percent (3/5), round-trip min/avg/max = 1/1/1 ms Configuration of HP ProCurve LACP Trunk (“passive”) By default on ProCurve, ports are defined as LACP Passive. So no configuration is needed. Check trunk formation: ProCurve# show trunk Load Balancing Port ---45 46 47 48 | Name + -------------------------------| | | | Type --------100/1000T 100/1000T 100/1000T 100/1000T | + | | | | Group ----Dyn1 Dyn1 Dyn1 Dyn1 Type ----LACP LACP LACP LACP Note: the trunk group defined on ProCurve is a Dynamic trunk “Dyn1” and belongs to Vlan1. It cannot be assigned to any other vlans except via GVRP. To allocate trunk port to Vlans, one should prefer the “static” trunk, with or without LACP or FEC protocols. Dynamic LACP trunk/channel: HP Active - Cisco Passive Cisco switch is defined in LACP Passive mode Conf t interface range FastEthernet1/0/1 - 4 switchport mode access channel-group 1 mode passive exit HP ProCurve is the LACP Active side hostname "ProCurve" interface 45-48 lacp Active exit The trunk group defined on ProCurve is a Dynamic trunk “Dyn1” and belongs to Vlan1. It cannot be assigned to any other vlans except via GVRP. To allocate trunk port to Vlans, one should prefer the “static” trunk, with or without LACP or FEC protocols. Static LACP trunk On a HP ProCurve switch, a trunk can be defined as static LACP. Trunk will form itself unconditionally and LACP frames will be sent. The remote side will form automatically if in LACP passive mode. Sample topology Cisco-2 Channel Fa1/0/1 -6 Int Po 1 = 10.1.10.2/24 Trunk A1 - A6 Vlan 10 = 10.1.10.1/24 Procurve-2 In the following example, the trunk is defined with 6 Ports and as a Layer 3 trunk. HP Static LACP trunk configuration The following defines a trunk as static LACP. The trunk group “trk1” is then assigned to Vlan 10 in which an IP address is defined. Conf t trunk a1-a6 trk1 lacp vlan 10 untagged trk1 ip address 10.1.10.1/24 exit ProCurve1# show trunk Load Balancing Port | Name Type | Group Type ---- + -------------------------------- --------- + ----- ----A1 | 100/1000T | Trk1 LACP A2 A3 A4 A5 A6 | | | | | 100/1000T 100/1000T 100/1000T 100/1000T 100/1000T | | | | | Trk1 Trk1 Trk1 Trk1 Trk1 LACP LACP LACP LACP LACP ProCurve1# show lacp LACP PORT NUMB ---A1 A2 A3 A4 A5 A6 LACP ENABLED ------Active Active Active Active Active Active TRUNK GROUP -----Trk1 Trk1 Trk1 Trk1 Trk1 Trk1 PORT STATUS -----Up Up Up Up Up Up LACP PARTNER ------Yes Yes Yes Yes Yes Yes LACP STATUS ------Success Success Success Success Success Success ProCurve1# ping 10.1.10.2 10.1.10.2 is alive, time = 1 ms Configuration of Cisco LACP passive channel The “no switchport” command is required to define a channel as L3 channel. Ports are defines in LACP passive mode conf t interface range FastEthernet1/0/1 - 6 no switchport channel-group 1 mode passive exit IP address is defined on the Port-Channel interface. interface Port-channel1 no switchport ip address 10.1.10.2 255.255.255.0 end Check channel status Cisco1#sh Flags: D I H R U u w d etherchannel 1 summary - down P - in port-channel - stand-alone s - suspended - Hot-standby (LACP only) - Layer3 S - Layer2 - in use f - failed to allocate aggregator - unsuitable for bundling - waiting to be aggregated - default port Number of channel-groups in use: 1 Number of aggregators: 1 Group Port-channel Protocol Ports ------+-------------+-----------+--------------------------------1 Po1(RU) LACP Fa1/0/1(P) Fa1/0/2(P) Fa1/0/3(P) Fa1/0/4(P) Fa1/0/5(P) Fa1/0/6(P) Detailed display shows that a channel is created, LACP is the protocol in use, info about “Local switch” and “partner”. Cisco1#sh etherchannel 1 detail Group state = L3 Ports: 6 Maxports = 16 Port-channels: 1 Max Port-channels = 16 Protocol: LACP Ports in the group: ------------------Port: Fa1/0/1 -----------Port state Channel group Port-channel Po1 Port index = Up Mstr In-Bndl = 1 Mode = Passive = Po1 GC = - Gcchange = Pseudo port-channel = = 0 Protocol = Load = 0x00 Flags: S - Device is sending Slow LACPDUs LACPDUs. A - Device is in active mode. mode. LACP F - Device is sending fast P - Device is in passive Local information: Port State Fa1/0/1 State LACP port Priority Admin Key Oper Key Port Number Port Flags SP bndl 32768 0x1 0x1 0x3FB 0x3C Oper Key 0xD2 Port Number 0x1 Port State 0x3D Partner's information: LACP port Port Flags Priority Dev ID Age Fa1/0/1 SA 0 000e.7f06.0100 12s (skip info…) Port-channels in the group: --------------------------- Port-channel: Po1 (Primary Aggregator) -----------Age of the Port-channel = 00d:07h:30m:17s Logical slot/port = 10/1 Number of ports = 6 HotStandBy port = null Passive port list = Fa1/0/1 Fa1/0/2 Fa1/0/3 Fa1/0/4 Fa1/0/5 Fa1/0/6 Port state = Port-channel L3-Ag Ag-Inuse Protocol = LACP Ports in the Port-channel: Index Load Port EC state No of bits ------+------+------+------------------+----------0 00 Fa1/0/1 Passive 0 0 00 Fa1/0/2 Passive 0 0 00 Fa1/0/3 Passive 0 0 00 Fa1/0/4 Passive 0 0 00 Fa1/0/5 Passive 0 0 00 Fa1/0/6 Passive 0 Time since last port bundled: 00d:00h:01m:12s Time since last port Un-bundled: 00d:00h:01m:55s Fa1/0/6 Fa1/0/6 Spanning-Tree 31- Introduction 32- MSTP 33- PVST and RSTP 321- Cisco as Core, ProCurve as Edge 322- ProCurve as Core, Cisco as Edge Introduction Glossary STP is Spanning-Tree Protocol The IEEE standard implementation of STP is 802.1D. RSTP is Rapid Spanning-Tree Protocol defined by the 802.1w IEEE standard. MSTP is Multiple Spanning-Tree Protocol defined by the 802.1s IEEE standard. PVST is Per VLAN Spanning-tree proprietary implementation of STP on Cisco equipment PVST+ is the implementation of PVST on 802.1q links. Spanning-Tree on HP ProCurve Switches 802.1D and 802.1w (RSTP) All HP ProCurve switches implement both of these STP standards. On HP ProCurve, Spanning-Tree has to be activated, the default mode is then Rapid STP. MSTP 802.1s It is supported on most manageable switches except 2500 and 4100 switches Please refer to switch documentation. Spanning-Tree on Cisco Switches PVST+ By default, Cisco switches run PVST+. PVST is the implementation of STP on ISL links (Cisco proprietary multi-VLAN encapsulation) while PVST+ runs on 802.1q links . In PVST+, there is one instance of STP per VLAN and BPDUs use a proprietary Multicast Mac Address. They are not “understood” by HP ProCurve switches (except by ProCurve 9300M and 9400M) and are then flooded as a regular multicast. So, regarding PVST+ BPDUs, HP ProCurve switches appear as a hub. However, Native VLAN (untagged VLAN of a tagged link equal to VLAN 1 be default) is an exception. In Native VLAN, the Cisco switches send standard STP BPDUs, which are “understood” by HP ProCurve switches. This is how both platform interact. Cisco has also introduced Rapid PVST+, a PVST+ implementation that integrates Rapid STP principles. Prestandard MSTP MSTP should not be confused with the prestandard version of MSTP. MSTP (802.1s) You must run the latest versions of IOS to get support of MSTP (check on Cisco web site). Caution Support for the IEEE 802.1s standard has been introduced around September 2005 by Cisco in the IOS. One should refer to Cisco web site for IOS support of compliant MSTP (*). Caution should be taken on not confusing the prestandard MST and the compliant IEEE 802.1s MST. If configuration of both modes looks exactly the same, the prestandard does NOT interoperate with the MSTP on ProCurve as this one complies with IEEE 802.1s standard. (*) Versions of IOS implementing the Compliant IEEE 802.1s starts with: 12.2(18) for Catalyst 6500, 12.2(25)SG for Catalyst 4500 and 12.2(25)SEC on Catalyst 35xx, 37xx, and 2970. What Spanning-Tree mode should you choose between Cisco and ProCurve Switches? MSTP is obviously the ideal choice because it is standard based and supported by both vendors, it converges quickly and allows load-balancing of traffic on uplinks with appropriate configuration. If not all your devices support MSTP yet, a progressive migration to MSTP can be put in place as it interoperates with Standard, Rapid Spanning Tree modes and with PVST via the Native Vlan. Note that all STP modes interoperate via the standard spanning-tree mode also named the Common Spanning-Tree (CST). So whatever is your choice, you should always carefully define the root and secondary root of the CST. On Cisco look after priority of STP in the Native Vlan (vlan 1 by default), on ProCurve look after the “global” priority of STP. MSTP Configuration e1 Gi1/1 e2 Procurve-Edge-1 Gi1/1 Gi1/3 Gi1/3 Gi1/2 Gi1/2 Cisco-Core-2 Cisco-Core-1 e1 e2 Procurve-Edge-2 The parameters for the MSTP domain has been defined as followed: Configuration Name = procurve-cisco (case sensitive) Configuration Number = 1 Instance 1 = vlans 1, 10, 20 Instance 2 = vlans 30, 40 Configuration of Cisco-Core-1 hostname Core-Cisco-1 Following defines MST mode (802.1s) spanning-tree mode mst spanning-tree extend system-id All parameters of the MSTP configuration must match on all switches of the MSTP domain. spanning-tree mst configuration name procurve-cisco revision 1 instance 1 vlan 1, 10, 20 instance 2 vlan 30, 40 For load balancing of traffic among links, Cisco-core-1 is defined as Root of instance 0 and 1 (priority 0) and secondary root of instance 2 (priority 4096) spanning-tree mst 0-1 priority 0 spanning-tree mst 2 priority 4096 VLAN Creation VLAN 1 exists by default vlan 10,20,30,40 Uplinks are defined as 802.1q links. They are named “trunks” in Cisco terminology and “tagged links” in ProCurve terminology. The “nonegogiate” feature means that we do no use the Dynamic Trunk Protocol to negotiate the status of the uplink. interface range GigabitEthernet0/1 - 3 switchport trunk encapsulation dot1q switchport mode trunk switchport nonegotiate Access ports (Cisco Terminology) or Edge ports (ProCurve terminology) are defined as untagged members of a Vlan. The portfast mode defines them as Edge port in Spanning tree terminology. Interface range GigabitEthernet0/4 -10 switchport access vlan 10 switchport mode access spanning-tree portfast ! interface range GigabitEthernet0/11 - 24 switchport access vlan 20 switchport mode access spanning-tree portfast IP configuration. ip routing The Virtual IP used as Default Gateway for the various VLANs are set using HSRP (Hot Standby Router Protocol), the Cisco proprietary protocol. As Cisco-Core-1 is the Root of MST instance 1, we also set it as Master of the Virtual IP of Vlans 1, 10 & 20. And as it is secondary root for MST instance 2, we define it as the Backup of Virtual IP in Vlans 30 & 40. interface Vlan1 ip address 10.1.1.1 255.255.255.0 standby 1 ip 10.1.1.254 standby 1 timers 1 3 standby 1 priority 255 standby 1 preempt ! interface Vlan10 ip address 10.1.10.1 255.255.255.0 standby 10 ip 10.1.10.254 standby 10 timers 1 3 standby 10 priority 255 standby 10 preempt ! interface Vlan20 ip address 10.1.20.1 255.255.255.0 standby 20 ip 10.1.20.254 standby 20 timers 1 3 standby 20 priority 255 standby 20 preempt ! interface Vlan30 ip address 10.1.30.1 255.255.255.0 standby 30 ip 10.1.30.254 standby 30 timers 1 3 ! interface Vlan40 ip address 10.1.40.1 255.255.255.0 standby 40 ip 10.1.40.254 standby 40 timers 1 3 ! end Core-cisco-2 configuration hostname Core-Cisco-2 ! Global Configuration is similar to the configuration of Cisco-Core-1 spanning-tree mode mst spanning-tree extend system-id spanning-tree mst configuration name procurve-cisco revision 1 instance 1 vlan 1, 10, 20 instance 2 vlan 30, 40 For load balancing of traffic among uplinks, Cisco-core-2 is defined as Root of instance 2 (priority 0) and secondary root of instance 0 and 1 (priority 4096) spanning-tree mst 0-1 priority 4096 spanning-tree mst 2 priority 0 ! vlan 10,20,30,40 ! For load balancing of traffic among uplinks, Cisco-core-2 is defined as Root of instance 2 and secondary root of instances 0 and 1. interface range GigabitEthernet0/1 - 3 switchport trunk encapsulation dot1q switchport mode trunk switchport nonegotiate ! ! ip routing Because Cisco-Core-2 is set as the secondary Root of MST instance 1, we define it as HSRP backup of the Virtual IP of VLANs 1, 10 & 20. And because it is root of MST instance 2, we set it as the Master of Virtual IP in VLANs 30 & 40. interface Vlan1 ip address 10.1.1.2 255.255.255.0 standby 1 ip 10.1.1.254 standby 1 timers 1 3 ! interface Vlan10 ip address 10.1.10.2 255.255.255.0 standby 10 ip 10.1.10.254 standby 10 timers 1 3 ! interface Vlan20 ip address 10.1.20.2 255.255.255.0 standby 20 ip 10.1.20.254 standby 20 timers 1 3 ! interface Vlan30 ip address 10.1.30.2 255.255.255.0 standby 30 ip 10.1.30.254 standby 30 timers 1 3 standby 30 priority 255 standby 30 preempt ! interface Vlan40 ip address 10.1.40.2 255.255.255.0 standby 40 ip 10.1.40.254 standby 40 timers 1 3 standby 40 priority 255 standby 40 preempt end ProCurve-Edge-1 Configuration ProCurve-Edge-1 is a 3500yl. hostname "ProCurve-Edge-1" VLAN configuration Uplinks ports are 1 and 2 vlan 1 name "DEFAULT_VLAN" untagged 1-24 ip address 10.1.1.3 255.255.255.0 exit vlan 10 name "VLAN10" untagged 11-15 tagged 1-2 no ip address exit vlan 20 name "VLAN20" untagged 16-20 tagged 1-2 no ip address exit vlan 30 name "VLAN30" untagged 21-25 tagged 1-2 no ip address exit vlan 40 name "VLAN40" untagged 25-30 tagged 1-2 no ip address exit Let’s enable Spanning-tree. It default on MSTP on the latest ProCurve switches: 3500yl, 5400zl and 4200vl spanning-tree Default port configuration in MSTP is non Edge and Point-to-Point. We define Edge ports as “Edge”. spanning-tree 11-30 edge-port MSTP Configuration: Name, Revision and instances match the one of other switches in MSTP domain spanning-tree config-name "procurve-cisco" spanning-tree config-revision 1 spanning-tree instance 1 vlan 1 10 20 spanning-tree instance 2 vlan 30 40 ProCurve-Edge-2 Configuration Configuration is similar to the configuration of ProCurve-Edge-1. In our example ProCurve-Edge-2 is a 3400. Spanning-tree mode defaults to RSTP. And we have to turn it on MSTP mode that requires a reboot. hostname "ProCurve-Edge-2" max-vlans 16 vlan 1 name "DEFAULT_VLAN" untagged 1-9,18-24 ip address 10.1.1.4 255.255.255.0 no untagged 10-17 exit vlan 10 name "VLAN10" untagged 10-11 tagged 1-2 exit vlan 20 name "VLAN20" untagged 12-13 no ip address tagged 1-2 exit vlan 30 name "VLAN30" untagged 14-15 no ip address tagged 1-2 exit vlan 40 name "VLAN40" untagged 16-17 no ip address tagged 1-2 exit spanning-tree spanning-tree protocol-version MSTP spanning-tree 10-17 edge-port spanning-tree spanning-tree spanning-tree spanning-tree config-name "procurve-cisco" config-revision 1 instance 1 vlan 1 10 20 instance 2 vlan 30 40 Checking configuration of MSTP In the following displays: note that the Mac Address of Cisco Core-1 is 0010.0db1.7100 or 00100d-b17100 Mac Address of Cisco Core-2 is 0010.0db3.1200 or 00100d-b31200 On Cisco-Core-1 The following command displays the parameters of MSTP configuration. Note that Cisco shows all the non assigned VLANs in Instance 0 (=IST Instance) where ProCurve shows the non assigned AND created Vlans only. Core-Cisco-1#show spanning-tree mst configuration Name [procurve-cisco] Revision 1 Instances configured 3 Instance Vlans mapped -------- -------------------------------------------------------0 2-9,11-19,21-29,31-39,41-4094 1 1,10,20 2 30,40 ----------------------------------------------------------------- Status of MSTP spanning tree in each instance. Cisco-Core-1 (0010.0db1.7100 ) is root in instances 0 and 1. Cisco-Core-2 (0010.0db1.7100) is root in instance 2. Core-Cisco-1#show spanning-tree mst ##### MST0 Bridge Root Operational Configured vlans mapped: 2-9,11-19,21-29,31-39,41-4094 address 0010.0db1.7100 priority 0 (0 sysid 0) this switch for the CIST hello time 2 , forward delay 15, max age 20, txholdcount 6 hello time 2 , forward delay 15, max age 20, max hops 20 Interface ---------------Gi1/1 Gi1/2 Gi1/3 Gi1/45 ##### MST1 Bridge Root Sts --FWD FWD FWD FWD Cost Prio.Nbr Type --------- -------- -------------------20000 128.1 P2p 20000 128.2 P2p 20000 128.3 P2p 20000 128.45 Edge P2p vlans mapped: 1,10,20 address 0010.0db1.7100 priority this switch for MST1 Interface ---------------Gi1/1 Gi1/2 Gi1/3 Gi1/45 ##### MST2 Bridge Root Role ---Desg Desg Desg Desg Role ---Desg Desg Desg Desg Sts --FWD FWD FWD FWD Cost --------20000 20000 20000 20000 Prio.Nbr -------128.1 128.2 128.3 128.45 vlans mapped: 30,40 address 0010.0db1.7100 address 0010.0db3.1200 port Gi1/3 Interface ---------------Gi1/1 Gi1/2 Gi1/3 Role ---Desg Desg Root Sts --FWD FWD FWD Cost --------20000 20000 20000 (0 sysid 1) Type -------------------P2p P2p P2p Edge P2p priority priority cost Prio.Nbr -------128.1 128.2 128.3 1 4098 (4096 sysid 2) 2 (0 sysid 2) 20000 rem hops19 Type -------------------P2p P2p P2p On Cisco-Core-2 Parameters of MSTP configuration. Core-Cisco-2#show spanning-tree mst configuration Name [procurve-cisco] Revision 1 Instances configured 3 Instance Vlans mapped -------- ------------------------------------------------------0 2-9,11-19,21-29,31-39,41-4094 1 1,10,20 2 30,40 ----------------------------------------------------------------- Status of MSTP spanning tree in each instance. Cisco-Core-1 (0010.0db1.7100 ) is root in instances 0 and 1. Cisco-Core-2 (0010.0db3.1200) is root in instance 2. Core-Cisco-2#show spanning-tree mst ##### MST0 Bridge Root vlans mapped: 2-9,11-19,21-29,31-39,41-4094 address 0010.0db3.1200 priority 4096 (4096 sysid 0) address 0010.0db1.7100 priority 0 (0 sysid 0) port Gi1/3 path cost 0 Regional Root address 0010.0db1.7100 priority 0 (0 sysid 0) internal cost 20000 rem hops 19 Operational hello time 2 , forward delay 15, max age 20, txholdcount 6 Configured hello time 2 , forward delay 15, max age 20, max hops 20 Interface ---------------Gi1/1 Gi1/2 Gi1/3 ##### MST1 Bridge Root Sts --FWD FWD FWD Cost --------20000 20000 20000 Prio.Nbr -------128.1 128.2 128.3 Type -------------------------P2p P2p P2p vlans mapped: 1,10,20 address 0010.0db3.1200 priority address 0010.0db1.7100 priority port Gi1/3 cost Interface ---------------Gi1/1 Gi1/2 Gi1/3 ##### MST2 Bridge Root Role ---Desg Desg Root Role ---Desg Desg Root Sts --FWD FWD FWD Cost --------20000 20000 20000 Prio.Nbr -------128.1 128.2 128.3 vlans mapped: 30,40 address 0010.0db3.1200 this switch for MST2 Interface ---------------Gi1/1 Gi1/2 Gi1/3 Role ---Desg Desg Desg Sts --FWD FWD FWD Cost --------20000 20000 20000 Type -------------------------P2p P2p P2p priority Prio.Nbr -------128.1 128.2 128.3 4097 (4096 sysid 1) 1 (0 sysid 1) 20000 rem hops 19 2 (0 sysid 2) Type -------------------------P2p P2p P2p On ProCurve-Edge-1 Parameters of MSTP configuration. Note that display shows IST instance without any Vlans. In fact the vlans, including those not yet created, that are not associated with an existing instance are mapped to the IST instance. ProCurve-Edge-1# show spanning-tree mst-config MST Configuration Identifier Information MST Configuration Name : procurve-cisco MST Configuration Revision : 1 MST Configuration Digest : 0x2DC307C6A31621DC6311050884E69C4E IST Mapped VLANs : Instance ID ----------1 2 Mapped VLANs --------------------------------------------------1,10,20 30,40 The following display shows ports configuration. Note that uplinks are set as Non edge and others are set as Edge. ProCurve-Edge-1# show spanning-tree 1-5 config Multiple Spanning Tree (MST) Configuration Information STP Enabled [No] : Yes Force Version [MSTP-operation] : MSTP-operation Default Path Costs [802.1t] : 802.1t MST Configuration Name : procurve-cisco MST Configuration Revision : 1 Switch Priority : 32768 Forward Delay [15] : 15 Hello Time [2] : 2 Max Age [20] : 20 Max Hops [20] : 20 | Port Type | ---- --------1 100/1000T | 2 100/1000T | 3 100/1000T | 4 100/1000T | 5 100/1000T | Prio Cost rity Edge Pnt-to-Pnt MCheck Hello Time + --------- ----- ---- ----------- ------ -----Auto 128 No Force-True Yes Use Global Auto 128 No Force-True Yes Use Global Auto 128 No Force-True Yes Use Global Auto 128 Yes Force-True Yes Use Global Auto 128 Yes Force-True Yes Use Global BPDU Filter No No No No No Status in IST Instance: Root port is 1 and alternate (blocked) is 2 ProCurve-Edge-1# show spanning-tree 1-2 instance ist IST Instance Information Instance ID : 0 Mapped VLANs : Switch Priority : 32768 Topology Change Count Time Since Last Change : 4 : 11 mins Regional Root MAC Address Regional Root Priority Regional Root Path Cost Regional Root Port Remaining Hops Port ---1 2 Type --------100/1000T 100/1000T Cost --------20000 20000 : : : : : 00100d-b17100 0 20000 1 19 Priority -------128 128 Role ---------Root Alternate State ---------Forwarding Blocking Designated Bridge ------------00100d-b17100 00100d-b31200 Status in Instance 1: Root port is 1 and alternate (blocked) is 2 ProCurve-Edge-1# show spanning-tree 1-2 instance 1 MST Instance Information Instance ID : 1 Mapped VLANs : 1,10,20 Switch Priority : 32768 Topology Change Count Time Since Last Change : 2 : 13 mins Regional Root MAC Address Regional Root Priority Regional Root Path Cost Regional Root Port Remaining Hops Port ---1 2 Type --------100/1000T 100/1000T Cost --------20000 20000 : : : : : 00100d-b17100 0 20000 1 19 Priority -------128 128 Role ---------Root Alternate State ---------Forwarding Blocking Designated Bridge ------------00100d-b17100 00100d-b31200 Status in Instance 2: Root port is 2 and alternate (blocked) is 1 ProCurve-Edge-1# show spanning-tree 1-2 instance 2 MST Instance Information Instance ID : 2 Mapped VLANs : 30,40 Switch Priority : 32768 Topology Change Count Time Since Last Change : 4 : 13 mins Regional Root MAC Address Regional Root Priority Regional Root Path Cost Regional Root Port Remaining Hops Port ---1 2 Type --------100/1000T 100/1000T Cost --------20000 20000 : : : : : 00100d-b31200 0 20000 2 19 Priority -------128 128 Role ---------Alternate Root State ---------Blocking Forwarding ProCurve-Edge-1# show spanning-tree 1-2 Multiple Spanning Tree (MST) Information STP Enabled : Yes Force Version : MSTP-operation IST Mapped VLANs : Filtered Ports : Switch MAC Address : 001635-b487c0 Switch Priority : 32768 Max Age : 20 Max Hops : 20 Forward Delay : 15 Topology Change Count : 10 Time Since Last Change : 53 secs CST CST CST CST Root Root Root Root MAC Address Priority Path Cost Port : : : : 00100d-b31200 4096 0 2 IST IST IST IST Regional Root MAC Address Regional Root Priority Regional Root Path Cost Remaining Hops : : : : 00100d-b31200 4096 20000 19 Designated Bridge ------------00100d-b17100 00100d-b31200 | Prio | Designated Hello Port Type | Cost rity State | Bridge Time PtP ---- --------- + --------- ----- ---------- + ------------- ----1 100/1000T | 20000 128 Blocking | 001635-b487c0 2 Yes 2 100/1000T | 20000 128 Forwarding | 00100d-b31200 2 Yes Edge --No No IP and HSRP Status Displays are shown to explain Core-Cisco-1#show ip int brief Interface IP-Address Vlan1 10.1.1.1 Vlan10 10.1.10.1 Vlan20 10.1.20.1 Vlan30 10.1.30.1 Vlan40 10.1.40.1 OK? YES YES YES YES YES Method manual manual manual manual manual Status up up up up up Core-Cisco-1#sh standby brief P indicates configured to preempt. | Interface Grp Prio P State Active Standby Vl1 1 255 P Active local 10.1.1.2 Vl10 10 255 P Active local 10.1.10.2 Vl20 20 255 P Active local 10.1.20.2 Vl30 30 100 Standby 10.1.30.2 local Vl40 40 100 Standby 10.1.40.2 local Core-Cisco-2#show ip int brief Interface IP-Address Vlan1 10.1.1.2 Vlan10 10.1.10.2 Vlan20 10.1.20.2 Vlan30 10.1.30.2 Vlan40 10.1.40.2 OK? YES YES YES YES YES Method manual manual manual manual manual Protocol up up up up up Virtual IP 10.1.1.254 10.1.10.254 10.1.20.254 10.1.30.254 10.1.40.254 Status up up up up up Protocol up up up up up Core-Cisco-2#sh standby brief P indicates configured to preempt. | Interface Grp Prio P State Active Standby Vl1 1 100 Standby 10.1.1.1 local Vl10 10 100 Standby 10.1.10.1 local Vl20 20 100 Standby 10.1.20.1 local Vl30 30 255 P Active local 10.1.30.1 Vl40 40 255 P Active local 10.1.40.1 Virtual IP 10.1.1.254 10.1.10.254 10.1.20.254 10.1.30.254 10.1.40.254 Cisco as Core running PVST+, HP ProCurve as Edge running RSTP Procurve-Edge-1 Cisco-1 Cisco-2 Uplinks are tagged with VLANs 10,20, 30 & 40 Untagged in Vlan 1 (Native-Vlan) In this topology, uplinks are tagged with VLANs 10, 20, 30 and 40 and untagged for VLAN 1. On Cisco, it is named the Native VLAN. In PVST+ Cisco-1 is the primary Root for VLANs 1, 10 and 20 and Cisco-2 the secondary Root. Cisco-2 is the primary Root for VLANs 30 and 40 and Cisco-1 the secondary Root. ProCurve-Edge-1 is an access switch. Cisco-1 PVST+ Configuration Following define PVST+ Spanning-Tree mode, allows PVST+ to run for VLANs above 1023 an up to 4095. Conf t hostname Cisco-1 Spanning-Tree mode pvst Spanning-Tree extend system-id Cisco-1 is the primary Root for VLAN 1, 10, 20 and the secondary Root for VLAN 30,40 Spanning-Tree vlan 1,10,20 priority 0 Spanning-Tree vlan 30,40 priority 4096 Although it is not mandatory, the STP timers have been lowered to speed convergence time. One should pay attention in using those values as it may create instability if not applied properly. The following values are acceptable in a network with a “diameter” of 3, which means that BPDUs will not cross more than 3 switches before returning to originator Root switch. Spanning-Tree vlan 1,10,20,30,40 hello-time 1 Spanning-Tree vlan 1,10,20,30,40 forward-time 4 Spanning-Tree vlan 1,10,20,30,40 max-age 6 ! Access ports are configured in PortFast mode interface range FastEthernet1/0/10 - 48 Spanning-Tree portfast exit 802.1q link (Cisco “trunk”) Configuration interface range GigabitEthernet1/0/1 - 4 switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,10,20,30,40 switchport mode trunk Assignment of Access ports to VLAN interface range FastEthernet1/0/10 switchport access vlan 10 switchport mode access interface range FastEthernet1/0/20 switchport access vlan 20 switchport mode access interface range FastEthernet1/0/30 switchport access vlan 30 switchport mode access interface range FastEthernet1/0/40 switchport access vlan 40 switchport mode access - 19 - 29 - 39 - 48 PVST+ configuration of Cisco-2 Configuration of Cisco-2 is similar to Cisco-1’s. Conf t hostname Cisco-2 PVST+ Spanning-Tree Configuration Spanning-Tree mode pvst Allows PVST+ to run for VLANs above 1023 and up to 4095. Spanning-Tree extend system-id Cisco-2 is the secondary Root for VLANs 1, 10, 20 and primary Root for VLANs 30,40 Spanning-Tree vlan 1,10,20 priority 4096 Spanning-Tree vlan 30,40 priority 0 When changed, timers must be changed on primary and on secondary Roots. Spanning-Tree vlan 1,10,20,30,40 Spanning-Tree vlan 1,10,20,30,40 Spanning-Tree vlan 1,10,20,30,40 ! Enable PortFast on all ports except the Cisco hello-time 1 forward-time 4 max-age 6 “trunk” ports Spanning-Tree portfast default ProCurve Edge-1 configuration ProCurve Edge-1 is an Edge/Access switch. Conf hostname "ProCurve-Edge-1" STP configuration. Default mode is RSTP. In RSTP mode, default configuration of all ports is Point-to-Point and Edge (fast convergence). To follow the specifications of the standard, the Uplinks are defined as Point-to-Point and Non Edge. no Spanning-Tree A15-A16 edge-port The following enables Spanning-Tree. Spanning-Tree Default mode is RSTP (802.1w), other modes are Standard STP (802.1D) and MSTP (802.1s). Changing mode requires a reboot. VLANs configuration vlan 1 ip address 10.1.1.10 255.255.255.0 vlan 10 untagged B1-B4 tagged A15-A16 vlan 20 untagged B5-B9 tagged A15-A16 vlan 30 untagged B10-B14 tagged A15-A16 vlan 40 untagged B15-B19 tagged A15-A16 Checking STP status In the following displays, Mac address of Cisco-1 is 0013.c382.a900 and Mac address of Cisco-2 is 0013.c392.d200. PVST+ status on Cisco-1. Display confirms Cisco-1 as the primary Root for VLANs 1, 10, 20 and secondary Root for VLANs 30 and 40 and all ports are in forwarding mode. Cisco-1#sh Spanning-Tree VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 1 Address 0013.c382.a900 (Cisco-1) This bridge is the root Hello Time 1 sec Max Age 6 sec Forward Delay Bridge ID Priority 1 (priority 0 sys-id-ext 1) Address 0013.c382.a900 Hello Time 1 sec Max Age 6 sec Forward Delay Aging Time 300 Interface ---------------Gi1/0/1 Gi1/0/2 Gi1/0/4 Role ---Desg Desg Desg Sts Cost --- --------FWD 4 FWD 4 FWD 4 Prio.Nbr -------128.3 128.4 128.6 Priority 10 (priority 0 sys-id-ext 10) Address 0013.c382.a900 Hello Time 1 sec Max Age 6 sec Forward Delay Aging Time 300 Interface ---------------Gi1/0/1 Gi1/0/2 Gi1/0/4 Role ---Desg Desg Desg Sts Cost --- --------FWD 4 FWD 4 FWD 4 Prio.Nbr -------128.3 128.4 128.6 4 sec Type -----------------------P2p P2p P2p VLAN0010 Spanning-Tree enabled protocol ieee Root ID Priority 10 Address 0013.c382.a900 (Cisco-1) This bridge is the root Hello Time 1 sec Max Age 6 sec Forward Delay Bridge ID 4 sec 4 sec 4 sec Type -----------------------P2p P2p P2p VLAN0020 (skip…) VLAN0030 Spanning-Tree enabled protocol ieee Root ID Priority 30 Address 0013.c392.d200 (Cisco-2) Cost 4 Port 6 (GigabitEthernet1/0/4) Hello Time 1 sec Max Age 6 sec Forward Delay Bridge ID Priority 4126 (priority 4096 sys-id-ext 30) Address 0013.c382.a900 Hello Time 1 sec Max Age 6 sec Forward Delay Aging Time 300 Interface ---------------Gi1/0/1 Gi1/0/2 Role ---Desg Desg Sts Cost --- --------FWD 4 FWD 4 Prio.Nbr -------128.3 128.4 4 sec 4 sec Type -----------------------P2p P2p Gi1/0/4 Root FWD 4 128.6 P2p VLAN0040 (skip…) PVST+ status on Cisco-2. Display confirms Cisco-2 as the primary Root for VLANs 30 and 40 and secondary Root for VLANs 1, 10 and 20 and all ports are in forwarding mode. Cisco-2#sh span VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 1 Address 0013.c382.a900 (Cisco-1) Cost 4 Port 6 (GigabitEthernet1/0/4) Hello Time 1 sec Max Age 6 sec Forward Delay Bridge ID Priority 4097 (priority 4096 sys-id-ext 1) Address 0013.c392.d200 Hello Time 1 sec Max Age 6 sec Forward Delay Aging Time 300 Interface ---------------Gi1/0/1 Gi1/0/2 Gi1/0/4 Role ---Desg Desg Root Sts Cost --- --------FWD 4 FWD 4 FWD 4 Prio.Nbr -------128.3 128.4 128.6 Priority 4106 (priority 4096 sys-id-ext 10) Address 0013.c392.d200 Hello Time 1 sec Max Age 6 sec Forward Delay Aging Time 300 Interface ---------------Gi1/0/1 Gi1/0/2 Gi1/0/4 Role ---Desg Desg Root Sts Cost --- --------FWD 4 FWD 4 FWD 4 Prio.Nbr -------128.3 128.4 128.6 4 sec Type -----------------------P2p P2p P2p VLAN0010 Spanning-Tree enabled protocol ieee Root ID Priority 10 Address 0013.c382.a900 (Cisco-1) Cost 4 Port 6 (GigabitEthernet1/0/4) Hello Time 1 sec Max Age 6 sec Forward Delay Bridge ID 4 sec 4 sec 4 sec Type -----------------------P2p P2p P2p VLAN0020 (skip…) VLAN0030 Spanning-Tree enabled protocol ieee Root ID Priority 30 Address 0013.c392.d200 (Cisco-2) This bridge is the root Hello Time 1 sec Max Age 6 sec Forward Delay Bridge ID Priority 30 (priority 0 sys-id-ext 30) 4 sec Address 0013.c392.d200 Hello Time 1 sec Max Age Aging Time 300 Interface ---------------Gi1/0/1 Gi1/0/2 Gi1/0/4 Role ---Desg Desg Desg Sts Cost --- --------FWD 4 FWD 4 FWD 4 6 sec Prio.Nbr -------128.3 128.4 128.6 Forward Delay 4 sec Type -----------------------P2p P2p P2p VLAN0040 (skip…) ProCurve-Edge-1 STP status Check Spanning-Tree configuration of ProCurve-Edge-1 ProCurve-Edge-1# sh span config Rapid Spanning-Tree Configuration STP Enabled [No] : Yes Force Version [RSTP-operation] : RSTP-operation Switch Priority [8] : 8 Hello Time [2] : 2 Max Age [20] : 20 Forward Delay [15] : 15 Port Type ---- --------(skip…) A15 100/1000T A16 100/1000T B1 10/100TX (skip…) B24 10/100TX | Cost Priority Edge Point-to-Point MCheck + --------- -------- ---- -------------- -----| 20000 | 20000 | 20000 8 8 8 No No Yes Force-True Force-True Force-True Yes Yes Yes | 20000 8 Yes Force-True Yes Check Spanning-Tree status. STP status is driven by the PVST+ configuration in VLAN 1. Cisco-1 is seen as the Root. ProCurve-Edge-1# show Spanning-Tree A15-A16 Rapid Spanning-Tree (RSTP) Information STP Enabled : Yes Force Version : RSTP-operation Switch Priority : 32768 Max Age : 6 Hello Time : 1 Forward Delay : 4 Topology Change Count : 33 Time Since Last Change : 2 mins Root Root Root Root MAC Address : 0013c3-82a900 (Cisco-1) Path Cost : 20000 Port : A15 Priority : 1 Port ---A15 A16 Type --------100/1000T 100/1000T Cost --------20000 20000 Priority -------128 128 State ---------Forwarding Blocking | + | | Designated Bridge ----------------0013c3-82a900 0013c3-92d200 The Spanning-Tree timers defined in VLAN 1 dictate convergence time. With default timers (Hello=2 sec, Forward Delay= 15 sec, Max-age=20 sec), convergence time is between 30 and 50 sec. With the values that we applied (Hello=1 sec, Forward Delay= 4 sec, Max-age=6 sec), convergence time never exceeded 8 sec. Conclusion See figure for resulting STP topology. If Cores of L2 networks are Cisco switches, one should take care of configuration of PVST+ in VLAN 1 (Native VLAN) as that will dictate the resulting topology. STP Timers in Native-VLAN will drive convergence time What about Cisco Rapid PVST? The same test has been run implementing the Rapid PVST mode on the Cisco cores. Regarding finale topology, same results have been obtained. However no significant improvement in speed convergence has resulted. In other words, HP ProCurve RSTP and Cisco Rapid PVST interacts in Vlan 1 as RSTP or standard STP interacts with PVST, but Rapid STP mechanisms are not functioning. In its Rapid PVST mode implementation, Cisco does not use the standard costs of Rapid STP but rather the cost of standard STP. For example Fast Ethernet cost is 19 and not 200000. HP ProCurve as Core running RSTP, Cisco as Edge running PVST+ Sample topology In this topology, uplinks are tagged for VLANs 10, 20, 30 and 40 and untagged for VLAN 1. ProCurve-Core-1 and 2 are defined as Root and secondary Root of RSTP. Cisco-1 and Cisco-2 use standard PVST+ configuration. In the following, only the Spanning-Tree Configuration is shown. Configuration of RSTP on ProCurve-Core-1 and 2 Conf hostname "ProCurve-Core-1/2" Uplink ports are defined as Non Edge. Default is Edge and Point-to-Point. no Spanning-Tree A14-A16 edge-port ProCurve-Core-1 is the Root (priority 0) of the STP and ProCurve-Core-2 the secondary Root (priority 1). Spanning-Tree priority 0 STP timers are lowered to speed convergence time. Values are acceptable for a network where access switches are connected directly to the core switches or are in a stack connected directly to the cores. Spanning-Tree forward-delay 4 hello-time 1 maximum-age 6 Following command enables Spanning-Tree. Default mode is RSTP (802.1w). Spanning-Tree Configuration of PVST+ on Cisco-1 and Cisco-2 Cisco-1 and Cisco-2 are defined as access switches hostname Cisco-1/2 Spanning-Tree mode pvst Spanning-Tree extend system-id interface range GigabitEthernet1/0/1 - 4 switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,10,20,30,40 switchport mode trunk Check status of Spanning-Tree On ProCurve-Core-1 ProCurve-Core-1 is Root for the STP ProCurve-Core-1# show span a14-a16 Rapid Spanning-Tree (RSTP) Information STP Enabled : Yes Force Version : RSTP-operation Switch Priority : 0 Max Age : 6 Hello Time : 1 Forward Delay : 4 Topology Change Count : 63 Time Since Last Change : 57 secs Root Root Root Root MAC Address : 000e7f-060100 Path Cost : 0 Port : This switch is root Priority : 0 Port ---A14 A15 A16 Type --------100/1000T 100/1000T 100/1000T Cost --------20000 20000 20000 Priority -------128 128 128 State ---------Forwarding Forwarding Forwarding | + | | | Designated Bridge ----------------000e7f-060100 000e7f-060100 000e7f-060100 On ProCurve-Core-2 ProCurve-Core-1 is seen, as expected, as the Root switch. Note that uplinks A15 and A16 are in blocking state, i.e. they’re not the designated port of their segment. The first criterion to elect the Designated port of a segment is the path-cost of switch to the Root. In this case the Root path-cost of access switches Cisco-1 and 2 (value 4) is lower than the Root path-cost of ProCurve-Edge-2 (value 20000). Cisco switches use standard STP values (4 for Gigabit, 19 for Fast Ethernet) and HP ProCurve switches use Rapid STP values (20000 For Gigabit, 200000 for Fast Ethernet). ProCurve-Core-2# sh span a14-a16 Rapid Spanning-Tree (RSTP) Information STP Enabled : Yes Force Version : RSTP-operation Switch Priority : 4096 Max Age : 6 Hello Time : 1 Forward Delay : 4 Topology Change Count : 108 Time Since Last Change : 23 secs Root Root Root Root MAC Address : 000e7f-060100 (ProCurve-Core-1) Path Cost : 20000 Port : A14 Priority : 0 Port ---A14 A15 A16 Type --------100/1000T 100/1000T 100/1000T Cost --------20000 20000 20000 Priority -------128 128 128 State ---------Forwarding Blocking Blocking The following figure shows the resulting STP topology | + | | | Designated Bridge ----------------000e7f-060100 0013c3-82a900 0013c3-92d200 STP status in VLAN 1 on Cisco-1 and 2 ProCurve-Core-1 is seen as the Root. Uplinks (Gigabit Ethernet port) are Root or Designated ports Cisco-1#show Spanning-Tree VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 0 Address 000e.7f06.0100 Cost 4 Port 3 (GigabitEthernet1/0/1) Hello Time 1 sec Max Age 6 sec Forward Delay Bridge ID 4 sec Priority 32769 (priority 32768 sys-id-ext 1) Address 0013.c382.a900 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface ---------------Gi1/0/1 Gi1/0/2 Role ---Root Desg Sts --FWD FWD Cost --------4 4 Prio.Nbr -------128.3 128.4 Type -------------------------P2p P2p Cisco-2#sh Spanning-Tree vlan 1 VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 0 Address 000e.7f06.0100 (ProCurve-Core-1) Cost 4 Port 3 (GigabitEthernet1/0/1) Hello Time 1 sec Max Age 6 sec Forward Delay Bridge ID 4 sec Priority 32769 (priority 32768 sys-id-ext 1) Address 0013.c392.d200 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface ---------------Gi1/0/1 Gi1/0/2 Role ---Root Desg Sts Cost --- --------FWD 4 FWD 4 Prio.Nbr -------128.3 128.4 Type -------------------------P2p P2p STP status in VLAN 10, 20, 30 and 40 of Cisco-1 and 2 In VLANs 10, 20, 30 and 40, ProCurve-Core-1 and 2 forward Cisco PVST BPDUs as any other frames. They are “transparent” to the Cisco switches. Cisco-1 is the Root switch because of its Mac address. Cisco-1#sh Spanning-Tree vlan 10 VLAN0010 Spanning-Tree enabled protocol ieee Root ID Priority 32778 Address 0013.c382.a900 This bridge is the root Hello Time 2 sec Max Age 20 sec Bridge ID Forward Delay 15 sec Priority 32778 (priority 32768 sys-id-ext 10) Address 0013.c382.a900 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface ---------------Gi1/0/1 Gi1/0/2 Role ---Desg Desg Sts --FWD FWD Cost --------4 4 Prio.Nbr -------128.3 128.4 Type -------------------------P2p Peer(STP) P2p Cisco-2#sh Spanning-Tree vlan 10 VLAN0010 Spanning-Tree enabled protocol ieee Root ID Priority 32778 Address 0013.c382.a900 (Cisco-1) Cost 4 Port 3 (GigabitEthernet1/0/1) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32778 (priority 32768 sys-id-ext 10) Address 0013.c392.d200 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface ---------------Gi1/0/1 Gi1/0/2 Role ---Root Desg Sts --FWD FWD Cost --------4 4 Prio.Nbr -------128.3 128.4 Type -------------------------P2p P2p From Cisco switches, STP Topology in VLANs 10, 20, 30 and 40 appears as follows: Change of STP path-cost on ProCurve-Core-1 and 2 To change the status of blocking ports on ProCurve-Core-2, we change the cost of uplinks. ProCurve-Core-1# conf We define the value of path-cost of uplinks as 3. ProCurve-Core-1(config)# Spanning-Tree a14-a16 path-cost 3 ProCurve-Core-2(config)# Spanning-Tree a14-a16 path-cost 3 Status on ProCurve-Core-2 Now, ProCurve-2 is “closer” to Root switch than the access-switches. So all ports are in Designated state. ProCurve-Core-2# show span A14-A16 Rapid Spanning-Tree (RSTP) Information STP Enabled : Yes Force Version : RSTP-operation Switch Priority : 4096 Max Age : 6 Hello Time : 1 Forward Delay : 4 Topology Change Count : 121 Time Since Last Change : 12 secs Root Root Root Root MAC Address : 000e7f-060100 Path Cost : 3 Port : A14 Priority : 0 Port ---A14 A15 A16 Type --------100/1000T 100/1000T 100/1000T Cost --------3 3 3 Priority -------128 128 128 State ---------Forwarding Forwarding Forwarding | + | | | Designated Bridge ----------------000e7f-060100 000e7f-058400 000e7f-058400 PVST+ Status on Cisco-1 and 2 In VLAN 1, port status follows the rules of standard STP. ProCurve-Core-1 is Root, ProCurve-Core-2 is secondary Root. Cisco-1#sh span vlan 1 VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 0 Address 000e.7f06.0100 (ProCurve-Core-1) Cost 4 Port 3 (GigabitEthernet1/0/1) Hello Time 1 sec Max Age 6 sec Forward Delay Bridge ID 4 sec Priority 32769 (priority 32768 sys-id-ext 1) Address 0013.c382.a900 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface ---------------Gi1/0/1 Gi1/0/2 Role ---Root Altn Sts --FWD BLK Cost --------4 4 Prio.Nbr -------128.3 128.4 Type -------------------------P2p P2p In VLAN 10, 20, 30 and 40, Status is the same as before Cisco-1#sh span vlan 10 VLAN0010 Spanning-Tree enabled protocol ieee Root ID Priority 32778 Cost 4 Address 0013.c382.a900 (cisco-1) This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32778 (priority 32768 sys-id-ext 10) Address 0013.c382.a900 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface ---------------Gi1/0/1 Gi1/0/2 Role ---Desg Back Sts --FWD BLK Cost --------4 4 Prio.Nbr -------128.3 128.4 Type -----------------------P2p Peer(STP) P2p Peer(STP) On Cisco-2 Cisco-2#sh span VLAN0001 Spanning-Tree enabled protocol ieee Root ID Priority 0 Address 000e.7f06.0100 Cost 4 Port 3 (GigabitEthernet1/0/1) Hello Time 1 sec Max Age 6 sec Forward Delay Bridge ID 4 sec Priority 32769 (priority 32768 sys-id-ext 1) Address 0013.c392.d200 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface ---------------Gi1/0/1 Gi1/0/2 Role ---Root Altn Sts --FWD BLK Cost --------4 4 Prio.Nbr -------128.3 128.4 Type -------------------------P2p P2p IP routing Interoperability Sample topology The following topology is used to demonstrate L3 configuration and interoperability between Cisco and HP ProCurve L3 Switches routing protocols RIP and OSPF. All links are untagged. RIP configuration RIP Configuration on HP ProCurve conf hostname ProCurve Enabling IP Routing allows the forwarding of IP packets between VLANs. It is a mandatory step before configuring RIP and OSPF. ip routing VLAN configuration and IP addressing Vlan 110 untagged 1-10 ip address 10.1.10.1 255.255.255.0 exit Vlan 120 untagged 11-20 ip address 10.1.20.1 255.255.255.0 exit Vlan 130 untagged 21-30 ip address 10.1.30.1 255.255.255.0 exit Vlan 140 untagged 31-40 ip address 10.1.40.1 255.255.255.0 exit vlan 100 untagged 48 ip address 10.1.100.1 255.255.255.0 exit Enable RIP. By default RIP is in Version 2. router rip exit RIP requires to be defined in the Vlan in which there are one or more RIP Neighbors. It is not necessary to enable RIP in the other VLANs. When RIP is enabled, “connected networks” are automatically redistributed into RIP. vlan 100 ip rip exit RIP Configuration on Cisco Conf t hostname Cisco VLANs creation and port assignment Vlan 10, 20, 30, 40, 100 Interface range fa1/0/1 - 10 Switchport access vlan 210 Interface range fa1/0/11 - 20 Switchport access vlan 220 Interface range fa1/0/21 - 30 Switchport access vlan 230 Interface range fa1/0/31 - 40 Switchport access vlan 240 Interface gi1/0/1 Switchport access vlan 100 IP addresses interface Vlan100 ip address 10.1.100.2 255.255.255.0 no shutdown interface Vlan210 ip address 10.2.10.1 255.255.255.0 no shutdown interface Vlan220 ip address 10.2.20.1 255.255.255.0 no shutdown interface Vlan230 ip address 10.2.30.1 255.255.255.0 no shutdown interface Vlan240 ip address 10.2.40.1 255.255.255.0 RIP protocol enabling. The “Network” command defines the IP Interfaces of a classfull network (10/8) on which RIP is enabled. Version 2 is enabled on all RIP Interfaces router rip network 10.0.0.0 version 2 RIP announcements are blocked on all IP Interfaces connected to a “stub” network using the “passive-interface” command: passive-interface passive-interface passive-interface passive-interface Vlan210 Vlan220 Vlan230 Vlan240 Checking RIP RIP Status on HP ProCurve ProCurve1# show ip rip RIP global parameters RIP protocol Auto-summary Default Metric Distance Route changes Queries : : : : : : enabled enabled 1 120 4 0 RIP interface information IP Address Status Send mode Recv mode Metric Auth --------------- ----------- ---------------- --------- ---------- ---10.1.100.1 enabled V2-only V2-only 1 none RIP peer information IP Address Bad routes Last update timeticks --------------- ----------- --------------------10.1.100.2 0 2 ProCurve1# ProCurve1# show ip route rip IP Route Entries Destination Gateway VLAN Type Sub-Type Metric ------------------ --------------- ---- --------- ------- -----10.2.10.0/24 10.1.100.2 100 rip 2 10.2.20.0/24 10.1.100.2 100 rip 2 10.2.30.0/24 10.1.100.2 100 rip 2 10.2.40.0/24 10.1.100.2 100 rip 2 Dist. ---120 120 120 120 ProCurve1# show ip route connected IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ------------------ --------------- ---- --------- --------- ------ ---10.1.10.0/24 VLAN110 110 connected 0 0 10.1.20.0/24 VLAN120 120 connected 0 0 10.1.30.0/24 VLAN130 130 connected 0 0 10.1.40.0/24 VLAN140 140 connected 0 0 10.1.100.0/24 VLAN100 100 connected 0 0 127.0.0.1/32 lo0 connected 0 0 127.0.0.0/8 reject static 0 250 RIP Status on Cisco Cisco1#show ip route connected 10.0.0.0/24 is subnetted, 9 subnets C 10.2.10.0 is directly connected, Vlan110 C 10.2.30.0 is directly connected, Vlan130 C 10.2.20.0 is directly connected, Vlan120 C 10.2.40.0 is directly connected, Vlan140 C 10.1.100.0 is directly connected, Vlan100 Cisco1#show ip route rip 10.0.0.0/24 is subnetted, 9 subnets R 10.1.10.0 [120/1] via 10.1.100.1, R 10.1.20.0 [120/1] via 10.1.100.1, R 10.1.30.0 [120/1] via 10.1.100.1, R 10.1.40.0 [120/1] via 10.1.100.1, 00:00:01, 00:00:01, 00:00:01, 00:00:01, Vlan100 Vlan100 Vlan100 Vlan100 Other RIP features Announcing a default route Configuring a default route on Cisco… A default route can be announced by creating a default static route and redistribute it with a “redistribute static” command, or, using the “ip defaultnetwork command”: Cisco1(config)#ip route 0.0.0.0 0.0.0.0 10.2.30.2 Cisco1(config)#router rip Cisco1(config-router)#redistribute static Cisco1(config-router)#default-metric 4 or, using the “ip default-network command”: Cisco1(config)#ip default-network 10.0.0.0 … and checking announcement on HP ProCurve ProCurve1# show ip route rip IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ------------------ --------------- ---- --------- ---------- ---------- ---0.0.0.0/0 10.2.10.0/24 10.2.20.0/24 10.2.30.0/24 10.2.40.0/24 10.1.100.2 10.1.100.2 10.1.100.2 10.1.100.2 10.1.100.2 100 100 100 100 100 rip rip rip rip rip 2 2 2 2 2 120 120 120 120 120 Configuring a default route on HP ProCurve… ProCurve1(config)# ip route 0.0.0.0 0.0.0.0 10.1.20.2 ProCurve1(config)# router rip ProCurve1(rip)# redistribute static ProCurve1(rip)# default-metric 6 … and checking announcement on Cisco Cisco1#show ip route rip * 10.0.0.0/24 is subnetted, 9 subnets R 10.1.10.0 [120/6] via 10.1.100.1, 00:00:21, Vlan100 R 10.1.20.0 [120/6] via 10.1.100.1, 00:00:21, Vlan100 R 10.1.30.0 [120/6] via 10.1.100.1, 00:00:21, Vlan100 R 10.1.40.0 [120/6] via 10.1.100.1, 00:00:21, Vlan100 R* 0.0.0.0/0 [120/6] via 10.1.100.1, 00:00:21, Vlan100 Auto-summary By default, RIP summarizes IP subnets announcement to a classfull network on a network boundary. For example the subnet 10.1.1.0/24 is announced as 10.0.0.0/8 on the IP interface 192.168.1.1. To disable this behavior: ProCurve1(config)#router rip ProCurve1(rip)#no auto-summary Cisco1(config)#router rip Cisco1(config-router)#No auto-summary RIP Version On HP ProCurve switches, RIP is in version 2 on all interfaces. On Cisco RIP is sent in Version 1 and can be received in version 1 and 2. On HP ProCurve, changing version is done is the IP interface (vlan) level: ProCurve1(config)#Vlan 110 ProCurve1(vlan-10)#ip rip v1-only ProCurve1(vlan-10)#ip rip v2-only ProCurve1(vlan-10)#ip rip v1-compatible-v2 On Cisco, changing version is done in protocol level or in IP interface level: Cisco1(config)#router rip Cisco1(config-router)#version 2 Cisco1(config-if)#int vlan 100 Cisco1(config-if)#ip rip send version 2 Cisco1(config-if)#ip rip receive version 1 2 Redistribution and RIP Filtering On HP ProCurve, connected and static networks can be redistributed. Note that redistribution of connected network is default. ProCurve1(config)#router rip ProCurve1(rip)#redistribute static ProCurve1(rip)#redistribute connected ProCurve1(rip)#default-metric 4 Some of the Redistributed networks can be filtered: ProCurve1(rip)#restrict 10.1.10.0 255.255.255.0 On Cisco, filtering of redistributed networks, can be done with a “distribute list”: Cisco1(config)#router rip Cisco1(config-router)#redistribute static Cisco1(config-router)#default-metric 4 Cisco1(config-router)#distribute-list 1 out Cisco1(config-router)#access-list 1 permit 10.1.10.0 0.0.0.255 OSPF Single Area HP ProCurve OSPF configuration hostname "ProCurve" Enable routing and configure Vlan and IP addresses ip routing vlan 100 untagged 48 ip address 10.1.100.1 255.255.255.0 exit Vlan 110 untagged 1-9 ip address 10.1.10.1 255.255.255.0 exit Vlan 120 untagged 10-19 ip address 10.1.20.1 255.255.255.0 exit Vlan 130 untagged 20-29 ip address 10.1.30.1 255.255.255.0 exit Vlan 140 untagged 30-44 ip address 10.1.40.1 255.255.255.0 exit Configuring OSPF: first a unique Router-Identifier is defined, OSPF enabled and OSPF area(s) created: ip router-id 1.1.1.1 router ospf area backbone exit IP interfaces area assigned to Area 0 (backbone) vlan 100 ip ospf exit Vlan 110 ip ospf exit Vlan 120 ip ospf exit Vlan 130 ip ospf exit Vlan 140 ip ospf exit area 0 area 0 area 0 area 0 area 0 Cisco OSPF configuration conf t hostname Cisco Vlan creation and port assignment Vlan 10, 20, 30, 10, 100 Interface range fa1/0/1 - 10 Switchport access vlan 210 Interface range fa1/0/11 - 20 Switchport access vlan 220 Interface range fa1/0/21 - 30 Switchport access vlan 230 Interface range fa1/0/31 - 40 Switchport access vlan 240 Interface gi1/0/1 Switchport access vlan 100 IP routing is activated and IP addresses are assigned to VLAN Interfaces: ip routing interface Vlan100 ip address 10.1.100.2 255.255.255.0 no shutdown interface Vlan210 ip address 10.2.10.2 255.255.255.0 no shutdown interface Vlan220 ip address 10.2.20.2 255.255.255.0 no shutdown interface Vlan230 ip address 10.2.30.2 255.255.255.0 no shutdown interface Vlan240 ip address 10.2.40.2 255.255.255.0 no shutdown OSPF Configuration: a unique router-id is defined and IP interfaces are assigned to Area 0. router ospf 1 router-id 2.2.2.2 network 10.0.0.0 0.255.255.255 area 0 Checking IP and OSPF status Checking status on HP ProCurve List IP Interfaces: ProCurve# show ip Internet (IP) Service IP Routing : Enabled Default TTL Arp Age VLAN -----------DEFAULT_VLAN VLAN110 VLAN120 VLAN130 VLAN140 VLAN100 : 64 : 20 | + | | | | | | IP Config ---------Disabled Manual Manual Manual Manual Manual List connected IP routes: IP Address Subnet Mask Proxy ARP --------------- --------------- --------10.1.10.1 10.1.20.1 10.1.30.1 10.1.40.1 10.1.100.1 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 No No No No No ProCurve# show ip route connected IP Route Entries Destination Dist. -----------------10.1.10.0/24 10.1.20.0/24 10.1.30.0/24 10.1.40.0/24 10.1.100.0/24 127.0.0.1/32 Gateway VLAN Type --------------VLAN110 VLAN120 VLAN130 VLAN140 VLAN100 lo0 ---110 120 130 140 100 Sub-Type Metric --------- ---------- --------- ----connected 0 0 connected 0 0 connected 0 0 connected 0 0 connected 0 0 connected 0 0 List OSPF Interfaces: ProCurve# show ip ospf interface OSPF Interface Status IP Address --------------10.1.10.1 10.1.20.1 10.1.30.1 10.1.40.1 10.1.100.1 Status -------enabled enabled enabled enabled enabled Area ID --------------backbone backbone backbone backbone backbone State ------DR DR DR DR BDR Auth-type --------none none none none none Cost -----1 1 1 1 1 Priority -------1 1 1 1 1 Before learning IP routes via OSPF, routers must establish neighboring/adjacency. When routers agree to form an adjacency, they exchange their topological database and become synchronized which is described by FULL state. ProCurve# show ip ospf neighbor OSPF Neighbor Information Router ID Pri IP Address NbIfState State Rxmt QLen Events --------------- --- --------------- --------- -------- --------- -2.2.2.2 1 10.1.100.2 DR FULL 0 11 List the learned IP Routes via OSPF: ProCurve# show ip route ospf IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ------------------ --------------- ---- --------- ---------- ----------10.2.10.0/24 10.1.100.2 100 ospf IntraArea 2 10.2.20.0/24 10.1.100.2 100 ospf IntraArea 2 10.2.30.0/24 10.1.100.2 100 ospf IntraArea 2 10.2.40.0/24 10.1.100.2 100 ospf IntraArea 2 Checking OSPF status on Cisco List IP interfaces status Cisco#show ip int brief | include up Vlan1 unassigned YES Vlan210 10.2.10.2 YES Vlan220 10.2.20.2 YES Vlan230 10.2.30.2 YES Vlan240 10.2.40.2 YES Vlan100 10.1.100.2 YES manual manual manual manual manual manual up up up up up up down up up up up up --110 110 110 110 List IP connected routes Cisco#show ip route connected 10.0.0.0/24 is subnetted, 9 subnets C 10.2.10.0 is directly connected, Vlan210 C 10.2.30.0 is directly connected, Vlan230 C 10.2.20.0 is directly connected, Vlan220 C 10.2.40.0 is directly connected, Vlan240 C 10.1.100.0 is directly connected, Vlan100 Check IP OSPF Neighboring Cisco#show ip ospf neighbor Neighbor ID 1.1.1.1 Pri 1 State FULL/BDR Dead Time 00:00:33 Address 10.1.100.1 Interface Vlan100 Verify all IP interfaces have been assigned to OSPF Area Cisco#show ip ospf interface brief Interface PID Area IP Address/Mask F/C Vl240 1 0 10.2.40.2/24 Vl230 1 0 10.2.30.2/24 Vl220 1 0 10.2.20.2/24 Vl210 1 0 10.2.10.2/24 Vl100 1 0 10.1.100.2/24 Cost 1 1 1 1 1 State Nbrs DR DR DR DR DR 0/0 0/0 0/0 0/0 1/1 List learned IP routes via OSPF neighbor Cisco#show ip route ospf 10.0.0.0/24 is subnetted, 9 subnets O 10.1.10.0 [110/2] via 10.1.100.1, O 10.1.30.0 [110/2] via 10.1.100.1, O 10.1.20.0 [110/2] via 10.1.100.1, O 10.1.40.0 [110/2] via 10.1.100.1, 00:03:31, 00:03:31, 00:03:31, 00:03:31, Vlan100 Vlan100 Vlan100 Vlan100 Redistribution into OSPF Redistribute connected routes An other way for announcing networks via OSPF is to use the “redistribute connected” option. OSPF is enabled on the interfaces with an OSPF neighbor, other networks are simply redistributed into OSPF. Redistribute connected networks on Cisco Connected networks are redistributed with a metric 100 and a metric-type 1. Metric Type 1 means that metric is incremented with receiving interfaces costs along the announcements. The default type is 2, metric is not incremented. “Subnets” keyword is required to redistribute subnets of classfull networks. Conf t router ospf 1 router-id 2.2.2.2 redistribute connected metric 100 metric-type 1 subnets Following enables OSPF in VLAN 100 only network 10.1.100.2 0.0.0.0 area 0 Redistribute connected networks on HP ProCurve Connected networks are redistributed with metric 200 and metric-type 1 (Default type is 2) conf ip router-id 1.1.1.1 router ospf area backbone default-metric 200 metric-type type1 redistribute connected exit OSPF is enabled in VLAN 100 only vlan 100 ip ospf area backbone exit Checking learned routes via OSPF on Cisco Note OSPF type 1 and metric 201 (200 +1). Cisco#show ip route ospf 10.0.0.0/24 is subnetted, 9 subnets O E1 10.1.10.0 [110/201] via 10.1.100.1, O E1 10.1.30.0 [110/201] via 10.1.100.1, O E1 10.1.20.0 [110/201] via 10.1.100.1, O E1 10.1.40.0 [110/201] via 10.1.100.1, 00:04:04, 00:04:04, 00:04:04, 00:04:04, Vlan100 Vlan100 Vlan100 Vlan100 Checking learned routes via OSPF on HP ProCurve Note OSPF type 1 and metric 101 (100 + 1). ProCurve# show ip route ospf IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ----------------- -------------- ---- -------- --------- --------- ----10.2.10.0/24 10.1.100.2 100 ospf External1 101 110 10.2.20.0/24 10.1.100.2 100 ospf External1 101 110 10.2.30.0/24 10.1.100.2 100 ospf External1 101 110 10.2.40.0/24 10.1.100.2 100 ospf External1 101 110 Announcing a default route Configuring announcement of a default route on HP ProCurve… Default route is announced into OSPF just like any other static route. conf t ip route 0.0.0.0 0.0.0.0 10.1.30.2 router ospf redistribute static default-metric 300 metric-type type1 exit … and checking on Cisco Cisco1#show ip route ospf 10.0.0.0/8 is variably subnetted, 9 subnets, 2 masks O IA 10.1.10.0/23 [110/2] via 10.1.100.1, 00:01:52, Vlan100 O 10.2.10.0/23 is a summary, 01:04:57, Null0 O IA 10.1.30.0/24 [110/2] via 10.1.100.1, 00:01:52, Vlan100 O IA 10.1.20.0/24 [110/2] via 10.1.100.1, 00:01:52, Vlan100 O*E1 0.0.0.0/0 [110/301] via 10.1.100.1, 00:01:52, Vlan100 Configuring announcement of a default route on Cisco… router ospf 1 default-information originate metric 400 metric-type 1 default-metric 400 ip route 0.0.0.0 0.0.0.0 10.2.30.2 …and checking on HP ProCurve ProCurve1# show ip route ospf IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ---------------- ------------- ---- --------- ---------- ---------- ----0.0.0.0/0 10.1.100.2 100 ospf External1 402 110 10.2.10.0/23 10.1.100.2 100 ospf InterArea 2 110 10.2.20.0/24 10.1.100.2 100 ospf InterArea 2 110 10.2.30.0/24 10.1.100.2 100 ospf InterArea 2 110 453- Redistributing proprietary routing protocols into OSPF HP ProCurve supports OSPF and RIP, two standard for Interior Gateway Protocols (IGP). Cisco, support standards as well as proprietary IGP such as IGRP and EIGRP. When mixing both environments one may have to support both proprietary and standard routing protocols. In this case, the solution is to mutually redistribute routing protocols on the Cisco platform such as in the following example Cisco-2 configuration: internal router in EIGRP autonomous system EIGRP Configuration: 65 is the “Autonomous System” # for EIGRP and has to be the same on all routers part of EIGRP. Interface with no neighbors are defined as “passive”. Interface vlan 310 Ip address 10.3.10.1 255.255.255.0 No shutdown Interface vlan 200 Ip address 10.1.200.2 255.255.255.0 No shutdown router eigrp 65 network 10.0.0.0 passive-interface vlan 310 Check EIGRP Show ip eigrp neighbors Show ip route eigrp Cisco-1 configuration: “gateway” router between OSPF and EIGRP IP Configuration. Interface vlan 200 Ip address 10.1.200.1 255.255.255.0 No shutdown Interface vlan 100 Ip address 10.1.100.2 255.255.255.0 No shutdown EIGRP Configuration. The passive-interface on vlan 100 ensures that no EIGRP messages are sent on the OSPF Vlan 100 interface router eigrp 65 network 10.0.0.0 passive-interface vlan100 OSPF configuration. Conf t router ospf 1 router-id 2.2.2.2 network 10.1.100.2 0.0.0.0 area 0 Redistributing EIGRP into OSPF. The “Subnets” keyword is required to redistribute subnets of classfull networks into OSPF. A metric (default 20) and metric type (default type 2 = non incremented) may be specified as follows: router ospf 1 redistribute eigrp 65 metric 100 metric-type 1 subnets Redistributing OSPF into EIGRP. It is required to specify a metric for the redistribution into EIGRP to be effective router eigrp 65 redistribute ospf 1 metric 10000 100 255 1 1500 Note: if on a classfull network border (for example between 10.0.0.0/8 and 192.168.1.0/24) networks are by default automatically summarized within EIGRP. If this causes connectivity issues, this can be disabled using router eigrp 65 no auto-summary Checking redistribution. To check the redistribution effects, status should be displayed on the routers that are neighbors of the “redistributing” router. In our example these are Cisco-2 and ProCurve-1. On Cisco-2, in EIGRP OSPF redistributed networks will appear as “external EIGRP” networks with an Administrative distance of 170. C C Cisco-2#show ip route 10.0.0.0/24 is subnetted, 6 subnets D*EX 10.1.10.0 [170/19768] via 10.1.200.1, 00:04:29, vlan200 D*EX 10.1.20.0 [170/19768] via 10.1.200.1, 00:04:29, vlan200 D*EX 10.1.30.0 [170/19768] via 10.1.200.1, 00:04:29, vlan200 D*EX 10.1.100.0 [170/19768] via 10.1.200.1, 00:04:29, vlan200 10.1.200.0 is directly connected, Vlan200 10.3.10.0 is directly connected, Vlan310 On ProCurve-1, in OSPF ,EIGRP Redistributed network will appear as external OSPF networks ProCurve-1# show ip route IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ----------------- ------------ ---- --------- ---------- --------- ----10.1.10.0/24 VLAN110 110 connected 0 0 10.1.20.0/24 VLAN120 120 connected 0 0 10.1.30.0/24 10.1.100.0/24 10.1.200.0/24 10.3.10.0/24 VLAN130 VLAN100 10.1.100.2 10.1.100.2 130 100 100 100 connected connected ospf External1 ospf External1 0 0 101 101 0 0 110 110 Configuration of Multiple OSPF areas Sample topology In this example, ProCurve-0 and Cisco-0 are “Area Border Routers” (ABR). They interconnect Area 0 to other areas: the Areas 1 and 4, the “stub” Areas 2 and 5 and the “totally stubby” areas 3 and 6. Stub areas filter External networks and replace them by a default route into the area. Totally stubby areas are stub areas that also filter Summary networks and replace them by a default route into the area. Note that the NSSA area type is not supported on HP ProCurve. ProCurve as “Area border router” and Cisco as “Internal” routers Configuration of ProCurve-0 as ABR VLANs and IP configuration Conf t hostname ProCurve-0 ip routing vlan 110 ip address 10.1.10.1 255.255.255.0 ip address 10.1.11.1 255.255.255.0 exit vlan 120 ip address 10.1.20.1 255.255.255.0 exit vlan 130 ip address 10.1.30.1 255.255.255.0 exit vlan 100 ip address 10.1.100.1 255.255.255.0 exit OSPF configuration: enabling of OSPF and definition of OSPF areas and their types: ip router-id 1.1.1.1 router ospf Area 0, the Backbone area, is standard area backbone Area 1 is standard area 1 Area 2 is stub (filters External LSA). 22 defines the default metric of default route generated in area 2 area 2 stub 22 Area 3 is totally stubby (filters External LSA and Summary LSA). 33 defines the default metric of default route generated in area 3 area 3 stub 33 no-summary When announced into area 0, IP subnets 10.1.10.0/24 and 10.1.11.0/24 will be summarized as 10.1.10.0/23 area 1 range 10.1.10.0 255.255.254.0 exit Assign the IP interfaces to the various OSPF areas vlan 100 ip ospf exit vlan 110 ip ospf exit vlan 120 ip ospf exit vlan 130 ip ospf exit area 0 area 1 area 2 area 3 Checking status of OSPF neighbors ProCurve-0# show ip ospf neighbors OSPF Neighbor Information Router ID --------------1.0.0.1 1.0.0.2 1.0.0.3 2.2.2.2 Pri --1 1 1 1 IP Address --------------10.1.10.2 10.1.20.2 10.1.30.2 10.1.100.2 NbIfState --------BDR BDR BDR DR State -------FULL FULL FULL FULL Rxmt QLen --------0 0 0 0 Events ---------6 6 6 6 Configuration of Cisco-1, internal router of standard Area 1 Conf t hostname Cisco-1 ip routing Interface Vlan 110 ip address 10.1.10.2 255.255.255.0 router ospf 1 router-id 1.0.0.1 log-adjacency-changes network 10.1.0.0 0.0.255.255 area 1 Checking OSPF status on Cisco-1 Cisco-1#show ip ospf neigh Neighbor ID 1.1.1.1 Pri 1 State FULL/DR Cisco-1#show ip ospf int brief Interface PID Area Vl110 1 1 Dead Time 00:00:35 Address 10.1.10.1 IP Address/Mask 10.1.10.2/24 Cost 1 Interface Vlan1 State Nbrs F/C BDR 1/1 Checking OSPF routes: networks from other areas appear as “O IA” or OSPF Inter-Area networks. Cisco-1#sho ip route ospf 10.0.0.0/24 is subnetted, 6 subnets O IA 10.1.30.0 [110/2] via 10.1.10.1, 00:01:54, Vlan110 O IA 10.2.30.0 [110/3] via 10.1.10.1, 00:01:54, Vlan110 O IA 10.2.20.0 [110/3] via 10.1.10.1, 00:01:54, Vlan110 O IA 10.1.20.0 [110/2] via 10.1.10.1, 00:01:54, Vlan110 O IA 10.1.100.0 [110/2] via 10.1.10.1, 00:01:54, Vlan110 Configuration of Cisco-2, internal router of stub Area 2 hostname Cisco-2 ip routing Interface Vlan120 ip address 10.1.20.2 255.255.255.0 router ospf 1 router-id 1.0.0.2 log-adjacency-changes area 2 stub network 10.1.0.0 0.0.255.255 area 2 end Checking OSPF status on Cisco-2 Cisco-2#show ip ospf neighbor Neighbor ID Interface 1.1.1.1 Pri 1 State Dead Time Address FULL/DR 00:00:36 10.1.20.1 Cisco-2#show ip ospf int brief Interface PID Area F/C Vl120 1 2 Vlan120 IP Address/Mask Cost State Nbrs 10.1.20.2/24 1 BDR 1/1 Checking OSPF routes: OSPF networks from other areas appear as “O IA” or OSPF Inter-Area networks. A default route is also generated in area 2 to “hide” or “summarize” External networks (networks resulting of a redistribute). Note network 10.1.10.0/23 that results from summarization of Area 1. Cisco-2#sho ip route ospf 10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks O IA 10.1.10.0/23 [110/2] via 10.1.20.1, 00:01:19, Vlan120 O IA 10.1.30.0/24 [110/2] via 10.1.20.1, 00:01:19, Vlan120 O IA 10.2.30.0/24 [110/3] via 10.1.20.1, 00:01:19, Vlan120 O IA 10.2.20.0/24 [110/3] via 10.1.20.1, 00:01:19, Vlan120 O IA 10.1.100.0/24 [110/2] via 10.1.20.1, 00:01:19, Vlan120 O*IA 0.0.0.0/0 [110/23] via 10.1.20.1, 00:01:19, Vlan120 Configuration of Cisco-3, internal router of totally stubby Area 3 hostname Cisco-3 Interface Vlan130 ip address 10.1.30.2 255.255.255.0 router ospf 1 router-id 1.0.0.3 log-adjacency-changes area 3 stub no-summary network 10.1.0.0 0.0.255.255 area 3 end Checking OSPF status on Cisco-3 Cisco-3#show ip ospf neighbor Neighbor ID 1.1.1.1 Pri 1 State FULL/DR Cisco-3#show ip ospf int brief Interface PID Area Vl130 1 3 Dead Time 00:00:34 Address 10.1.30.1 IP Address/Mask 10.1.30.2/24 Cost 1 Interface Vlan130 State Nbrs F/C BDR 1/1 Checking OSPF routes: a default route is generated by ABR in the area 3 to “summarize” External networks (result of “redistribute” command) and Summary networks (networks of other areas). Cisco-3#show ip route ospf O*IA 0.0.0.0/0 [110/34] via 10.1.30.1, 00:01:42, Vlan130 Cisco as “Area border router” and ProCurve as “Internal” routers Configuration of Cisco-0 as ABR Configuration of IP forwarding and IP addresses Conf t hostname Cisco1 ip routing Interface Vlan100 ip address 10.1.100.2 255.255.255.0 Interface Vlan210 ip address 10.2.10.1 255.255.255.0 Interface Vlan220 ip address 10.2.20.1 255.255.255.0 Interface Vlan230 ip address 10.2.30.1 255.255.255.0 Enabling OSPF router ospf 1 router-id 2.2.2.2 Area configuration: area 4 is standard, area 5 is stub and area 6 is “totally stub”. area 4 range 10.2.10.0 255.255.254.0 area 5 stub area 6 stub no-summary Assignment of interfaces to areas network network network network end 10.1.100.2 0.0.0.0 area 0 10.2.10.0 0.0.0.255 area 4 10.2.20.0 0.0.0.255 area 5 10.2.30.0 0.0.0.255 area 6 Checking IP OSPF neighboring Cisco-0#show ip ospf neighbors Neighbor ID Pri State 1.1.1.1 1 FULL/BDR Dead Time 00:00:38 Address 10.1.100.1 Interface Vlan100 2.0.0.4 2.0.0.5 2.0.0.6 1 1 1 FULL/DR FULL/BDR FULL/BDR 00:00:33 00:00:38 00:00:31 10.2.10.2 10.2.20.2 10.2.30.2 Vlan210 Vlan220 Vlan230 Checking IP OSPF interfaces Cisco-0#show Interface Vl100 Vl210 Vl220 Vl230 ip ospf interface brief PID Area IP Address/Mask 1 0 10.1.100.2/24 1 4 10.2.10.1/24 1 5 10.2.20.1/24 1 6 10.2.30.1/24 Cost 1 1 1 1 State DR BDR DR DR Nbrs F/C 1/1 1/1 1/1 1/1 Configuration of ProCurve-4, internal router of standard Area 4 hostname "ProCurve-4" ip routing vlan 210 ip address 10.2.10.2 255.255.255.0 exit ip router-id 2.0.0.4 router ospf area 4 exit vlan 210 ip ospf area 4 exit Checking IP OSPF status ProCurve-4# show ip ospf neigh OSPF Neighbor Information Router ID Pri IP Address NbIfState State Rxmt QLen Events --------------- --- --------------- --------- -------- --------- ---------2.2.2.2 1 10.2.10.1 BDR FULL 0 6 ProCurve-4# show ip ospf interface OSPF Interface Status IP Address Status Area ID State Auth-type Cost Priority --------------- -------- --------------- ------- --------- ------ --------10.2.10.2 enabled 0.0.0.4 DR none 1 1 Checking OSPF routes: all routes are seen as Inter-Area routes ProCurve-4# show ip route ospf IP Route Entries Destination ---------------10.1.10.0/23 10.1.20.0/24 10.1.30.0/24 10.1.100.0/24 10.2.20.0/24 10.2.30.0/24 Gateway --------------10.2.10.1 10.2.10.1 10.2.10.1 10.2.10.1 10.2.10.1 10.2.10.1 VLAN ---210 210 210 210 210 210 Type --------ospf ospf ospf ospf ospf ospf Sub-Type ---------InterArea InterArea InterArea InterArea InterArea InterArea Metric ---------3 3 3 2 2 2 Dist. ----110 110 110 110 110 110 Configuration of ProCurve-5, internal router of stub Area 5 hostname "ProCurve-5" ip routing vlan 220 untagged 1-26 ip address 10.2.20.2 255.255.255.0 exit ip router-id 2.0.0.5 router ospf area 5 stub 55 exit vlan 220 ip ospf area 5 exit Checking OSPF status ProCurve-5# show ip ospf neighbor OSPF Neighbor Information Router ID Pri IP Address NbIfState State Rxmt QLen Events --------------- --- --------------- --------- -------- --------- ---------2.2.2.2 1 10.2.20.1 DR FULL 0 7 ProCurve-5# show ip ospf int OSPF Interface Status IP Address Status Area ID State Auth-type Cost Priority --------------- -------- --------------- ------- --------- ------ --------10.2.20.2 enabled 0.0.0.5 BDR none 1 1 Checking OSPF routes: all routes are seen as Inter-Area routes and a default route is generated by ABR to “hide” external networks. ProCurve-5# show ip route ospf IP Route Entries Destination ---------------0.0.0.0/0 10.1.10.0/23 10.1.20.0/24 10.1.30.0/24 10.1.100.0/24 10.2.10.0/23 10.2.30.0/24 Gateway --------------10.2.20.1 10.2.20.1 10.2.20.1 10.2.20.1 10.2.20.1 10.2.20.1 10.2.20.1 VLAN ---220 220 220 220 220 220 220 Type --------ospf ospf ospf ospf ospf ospf ospf Sub-Type ---------InterArea InterArea InterArea InterArea InterArea InterArea InterArea Metric ---------2 3 3 3 2 2 2 Dist. ----110 110 110 110 110 110 110 Configuration of ProCurve-6, internal router of “totally stubby” Area 6 hostname "ProCurve-6" ip routing vlan 230 untagged 1-26 ip address 10.2.30.2 255.255.255.0 exit ip router-id 2.0.0.6 router ospf area 6 stub 66 exit vlan 230 ip ospf area 6 exit Checking OSPF status. ProCurve-6# show ip ospf neigh OSPF Neighbor Information Router ID Pri IP Address NbIfState State Rxmt QLen Events --------------- --- --------------- --------- -------- --------- ---------2.2.2.2 1 10.2.30.1 DR FULL 0 7 ProCurve-6# show ip ospf int OSPF Interface Status IP Address Status Area ID State Auth-type Cost Priority --------------- -------- --------------- ------- --------- ------ --------10.2.30.2 enabled 0.0.0.6 BDR none 1 1 Checking OSPF routes: a default route is generated by ABR to “hide” external and summary (inter-area) networks. ProCurve-6# show ip route ospf IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. ---------------- --------------- ---- --------- ---------- ---------- ----0.0.0.0/0 10.2.30.1 230 ospf InterArea 2 110 Other OSPF features OSPF cost On HP ProCurve, a default value of 1 is assigned to OSPF interfaces. It can be changed as follows: ProCurve# conf ProCurve(config)# vlan 100 ProCurve(vlan-10)# ip ospf cost 10 Check with: ProCurve# show ip ospf int OSPF Interface Status IP Address Status Area ID State Auth-type Cost Priority --------------- -------- --------------- ------- --------- ------ --------10.1.100.1 enabled 0.0.0.0 BDR none 10 1 On Cisco Switch, default value is 1 on “interface Vlan”. It is defined by the formula “OSPF reference value”/Bandwidth on physical interfaces. The reference value is equal to 100 Mbits/sec by default. The “bandwidth” value is defined in kilobits/sec. Changing cost can be done directly or indirectly changing the “bandwidth” value. Cisco# conf Cisco(config)# int vlan 100 Cisco(config-if)# ip ospf cost 10 Cisco(config)# int Fa 1/0/1 Cisco(config-if)# bandwidth 100000 Cisco(config)# int Fa 1/0/2 Cisco(config-if)# ip ospf cost 100 Cisco(config)# router ospf 1 Cisco(config-router)# auto-cost reference-bandwidth 10000 OSPF password authentication On HP ProCurve, password authentication requires to define a key-chain first then to enable password authentication in the Vlan interface. conf hostname "ProCurve" key-chain "ospf-key" key-chain "ospf-key" key 1 key-string "hp-cisco" ip router-id 1.1.1.1 router ospf area backbone exit vlan 100 ip ospf area backbone ip ospf authentication-key "ospf-key" exit On Cisco, password authentication is defined in the IP interface: Int vlan 100 ip ospf authentication-key hp-cisco OSPF MD5 authentication On HP ProCurve, MD5 authentication is defined as follows: key-chain "ospf-key" key-chain "ospf-key" key 1 key-string "hp-cisco" vlan 100 ip ospf area backbone ip ospf md5-auth-key-chain "ospf-key" exit On Cisco, MD5 authentication is defined in the IP interface: Int vlan 100 ip ospf message digest-key 1 md5 hp-cisco IP Multicast interoperability Introduction The following demonstrate IP Multicast routing using PIM (Protocol Independent Multicast) in dense and sparse modes. The configuration uses the following topology shown below as its basis. It is a typical L3 architecture, where each uplink is a unique broadcast domain and IP subnet. A Stream server connected to Cisco-1 in subnet 10.1.1.100, sends a multicast flow to the multicast IP address 225.1.1.1. For our test, a receiver is connected in 10.1.200.0/24 In the following we’ll configure the network in PIM dense mode then in PIM sparse mode. 10.1.200.0/24 10.1.1.0/24 Gi1/1 e1 Procurve-1 Gi1/3 Gi1/2 e2 10.1.2.0/24 Gi1/1 Gi1/3 10.1.5.0/24 Gi1/2 Cisco-2 Cisco-1 Gi1/4 10.1.100.0/24 PIM DENSE Mode This first configuration demonstrates interoperability of Cisco and ProCurve switches in PIM dense mode. In PIM Dense mode, routers periodically flood multicast flows. If no receivers exist on the network “leaves”, routers “prune” branches of the multicast tree advising their upstream neighbors to stop sending the not requested flows. Periodic flooding happens every 3 minutes. To avoid periodic and unnecessary flooding, the state refresh mechanism has been created. With State-refresh Multicast Routers advertise their PIM Dense neighbors a packet to maintain the flows in pruning state. In other words, it’s prevention against reaction. To be effective, the feature needs to be supported by all routers in the Multicast network PIM Dense Configuration of ProCurve-1 hostname "ProCurve-1" First let’s enable ip routing and define VLANs, port assignment and IP addresses. ip routing vlan 10 untagged 1 ip address 10.1.1.2 255.255.255.252 exit vlan 20 untagged 2 ip address 10.1.2.2 255.255.255.252 exit On IP subnet/VLAN where there is potential receiver or source, we activate IGMP. As VLANs 10 and 20 are defined on uplinks, there is no need to define IGMP. vlan 200 untagged 19 ip address 10.1.200.1 255.255.255.0 ip igmp exit For Multicast routing, the initial step is to enable globally IP multicast routing ip multicast-routing When a router receives a multicast flow, it checks the flow is received via the interface that leads to the source via the shortest path. This is called the “reverse path forwarding” process for which PIM uses the IP unicast routing table. This is why we enable OSPF as well as PIM. ip router-id 1.0.0.0 router ospf area backbone exit router pim exit The IP interface, defined in VLAN context on ProCurve switches, is assigned to the OPSF area 0 and is set as a PIM-Dense mode interface. Here are the commands you’ll enter: vlan 10 ip ospf area 0 ip pim-dense exit Here is what you’ll see in a show run: vlan 10 ip ospf 10.1.1.2 area backbone ip pim-dense ip-addr any exit exit The “ip ospf 10.1.2.2 area backbone” indicates that interface is assigned to area 0 and OSPF messages are sent with the source address 10.1.1.2. On a multinet interface (with multiple IP), you can specify what IP address is used to be source of OSPF packets. The “ip-addr any” within pim-dense mode specifies that this IP Interface accepts flows from any IP source address. You could restrict what multicast flows are allowed to enter this interface. Note: ProCurve switches automatically support PIM state-refresh. vlan 20 ip ospf 10.1.2.2 area backbone ip pim-dense ip-addr any exit exit vlan 200 ip ospf 10.1.200.1 area backbone ip pim-dense ip-addr any exit exit In PIM dense mode, ProCurve automatically enables the “state refresh” mode. The state refresh feature allows a PIM device to mention to other PIM device that a flow has not to be sent when no downstream receiver requires a given flow. This eliminates the need for PIM dense mode devices to regularly flood a flow to all devices within a network. Configuration of Cisco-1 hostname Cisco-1 ip routing On Cisco switch, first step is also to enable ip multicast-routing. ip multicast-routing The “no switchport” command sets a Physical interface as a L3 interface. After IP address is assigned, we set the IP interfaces as PIM interfaces in dense mode. In this example we’ve also defined the state-refresh interval to 60sec, which matches the default interval on ProCurve. Note that in Cisco IOS, the “ip pim” command sets automatically “ip igmp”. This is why no IP IGMP command is seen. interface GigabitEthernet1/1 no switchport ip address 10.1.1.1 255.255.255.252 ip PIM state-refresh origination-interval 60 ip PIM dense-mode interface GigabitEthernet1/3 no switchport ip address 10.1.5.1 255.255.255.252 ip PIM state-refresh origination-interval 60 ip PIM dense-mode interface GigabitEthernet1/4 no switchport ip address 10.1.100.1 255.255.255.0 ip PIM state-refresh origination-interval 60 ip PIM dense-mode Following commands set OSPF for this device router ospf 1 router-id 0.0.0.1 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 Configuration of Cisco-2 Configuration of Cisco-2 is identical to configuration of Cisco-1. hostname Cisco-2 ip routing ip multicast-routing interface GigabitEthernet1/1 no switchport ip address 10.1.2.1 255.255.255.252 ip PIM state-refresh origination-interval 60 ip PIM dense-mode interface GigabitEthernet1/3 no switchport ip address 10.1.5.2 255.255.255.252 ip PIM state-refresh origination-interval 60 ip PIM dense-mode router ospf 1 router-id 0.0.0.2 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 Checking PIM dense mode on ProCurve-1. The “show ip pim” command displays PIM global parameters. Note the stateRefresh interval equal to 60 seconds. ProCurve-1# show ip pim PIM Global Parameters PIM Status State Refresh Interval (sec) Join/Prune Interval (sec) SPT Threshold Traps : : : : : enabled 60 60 Enabled Let’s list IP PIM interfaces and see their PIM mode. ProCurve-1# show ip pim interface PIM Interfaces VLAN ---10 20 200 IP Address --------------10.1.1.2 10.1.2.2 10.1.200.1 Mode -----------dense dense dense We expect Cisco-1 and Cisco-2 to be our PIM neighbors. If they’re not, we should verify that PIM is enabled and that the IP interfaces has been configured as PIM interfaces. ProCurve-1# show ip pim neighbor PIM Neighbors IP Address --------------10.1.1.1 10.1.2.1 VLAN ---10 20 Up Time (sec) -----------------2686 2113 Expire Time (sec) -----------------76 89 If multicast sources are active on the network, the “show ip mroute” or the “show ip pim mroute” should show entries: ProCurve-1# show ip pim mroute PIM Route Entries Group Address Source Address Metric Metric Pref --------------- --------------- ---------- ----------225.1.1.1 10.1.100.100 0 100 In our example, the Receiver of 225.1.1.1 is on ProCurve-1 and the source (10.1.100.100) on Cisco-1. Following shows IGMP status and what multicast groups has been “pulled”. ProCurve-1# show ip igmp Status and Counters - IP Multicast (IGMP) Status VLAN ID : 10 VLAN Name : VLAN10 IGMP is not enabled VLAN ID : 20 VLAN Name : VLAN20 IGMP is not enabled VLAN ID : 200 VLAN Name : VLAN200 Querier Address : This switch is Querier Active Group Addresses Reports Queries Querier Access Port ---------------------- ------- ------- ------------------225.1.1.1 8 0 The following allows us to locate on what port the flows is received. ProCurve-1# show ip igmp group 225.1.1.1 IGMP ports for group 225.1.1.1 Port Type Access Age Timer Leave Timer ----- --------- ----------- --------- ----------19 host 0 0 Checking PIM Dense mode On Cisco-1 First let’s list the IP PIM interfaces. Note that IP PIM is in Version 2 Mode (V2), as on ProCurve switches, and in Dense mode (D). Cisco-1#show ip pim interface Address Interface 10.1.1.1 10.1.3.1 10.1.5.1 10.1.100.1 GigabitEthernet1/1 GigabitEthernet1/2 GigabitEthernet1/3 GigabitEthernet1/4 Ver/ Mode v2/D v2/D v2/D v2/D Nbr Count 1 0 1 0 Query Intvl 30 30 30 30 DR DR Prior 1 10.1.1.2 1 10.1.3.1 1 10.1.5.2 1 10.1.100.1 We display IP PIM neighbors to verify PIM is active. Cisco-1#show ip pim neighbor PIM Neighbor Table Neighbor Interface Address 10.1.1.2 GigabitEthernet1/1 10.1.5.2 GigabitEthernet1/3 Uptime/Expires Ver 00:54:09/00:01:39 v2 00:44:38/00:01:24 v2 DR Prio/Mode N / DR S 1 / DR S A Multicast source is active on 225.1.1.1, its source address is 10.1.100.100. It can be seen displaying IP multicast routes. Note: 224.0.1.40 multicast entry is due to the “Auto-RP” protocol, a Cisco proprietary protocol that has equivalent functionality in PIM V2. Cisco-1#show ip mroute IP Multicast Routing Table Flags: D- Dense, S- Sparse, B- Bidir Group, s- SSM Group, C- Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 225.1.1.1), 00:29:41/stopped, RP 0.0.0.0, flags: D Incoming interface: Null, RPF nbr 0.0.0.0 Outgoing interface list: GigabitEthernet1/3, Forward/Dense, 00:29:41/00:00:00 GigabitEthernet1/1, Forward/Dense, 00:29:41/00:00:00 (10.1.100.100, 225.1.1.1), 00:29:41/00:02:58, flags: T Incoming interface: GigabitEthernet1/4, RPF nbr 0.0.0.0 Outgoing interface list: GigabitEthernet1/1, Forward/Dense, 00:29:41/00:00:00, H GigabitEthernet1/3, Prune/Dense, 00:27:16/00:02:19 (*, 224.0.1.40), 00:54:33/00:02:14, RP 0.0.0.0, flags: DCL Incoming interface: Null, RPF nbr 0.0.0.0 Outgoing interface list: GigabitEthernet1/3, Forward/Dense, 00:45:00/00:00:00 GigabitEthernet1/1, Forward/Dense, 00:54:33/00:00:00 In the display above, you can see 225.1.1.1 flow enters Cisco-1 on interface Gigabit Interface 0/4 (Incoming Interface) and leaves on Gigabit 1/1 (Outgoing Interface and in “forward” state). Note Gigabit 1/3 is “pruned” Cisco-1#show ip igmp groups IGMP Connected Group Membership Group Address Interface 224.0.1.40 GigabitEthernet1/1 Uptime Expires Last Reporter 00:53:30 00:02:21 10.1.1.1 Checking PIM Dense On Cisco-2 List IP PIM interfaces. Cisco-2#show ip pim interface Address Interface 10.1.2.1 GigabitEthernet1/1 Ver/ Mode v2/D Nbr Count 1 Query Intvl 30 DR Prior 1 DR 10.1.2.2 10.1.4.1 10.1.5.2 GigabitEthernet1/2 GigabitEthernet1/3 v2/D v2/D 0 1 30 30 1 1 10.1.4.1 10.1.5.2 List IP PIM neighbors. Cisco-2#show ip pim neighbor PIM Neighbor Table Neighbor Interface Address 10.1.2.2 GigabitEthernet1/1 10.1.5.1 GigabitEthernet1/3 Uptime/Expires Ver 01:02:34/00:01:15 v2 01:03:04/00:01:16 v2 DR Prio/Mode N / DR S 1 / S Let’s display multicast routes. Note: the (10.1.100.100, 225.1.1.1) flow enters int on Gi1/3 (interface between Cisco-1 and Cisco-2) and is pruned on Gi 1/1 (interface leading to ProCurve-1). Cisco-2#show ip mroute IP Multicast Routing Table Flags: D- Dense, S- Sparse, B- Bidir Group, s- SSM Group, C- Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 225.1.1.1), 00:48:04/stopped, RP 0.0.0.0, flags: D Incoming interface: Null, RPF nbr 0.0.0.0 Outgoing interface list: GigabitEthernet1/3, Forward/Dense, 00:48:04/00:00:00 GigabitEthernet1/1, Forward/Dense, 00:48:04/00:00:00 (10.1.100.100, 225.1.1.1), 00:48:04/00:02:07, flags: PT Incoming interface: GigabitEthernet1/3, RPF nbr 10.1.5.1 Outgoing interface list: GigabitEthernet1/1, Prune/Dense, 00:45:39/00:02:07 (*, 224.0.1.40), 01:03:21/00:02:18, RP 0.0.0.0, flags: DCL Incoming interface: Null, RPF nbr 0.0.0.0 Outgoing interface list: GigabitEthernet1/1, Forward/Dense, 01:03:21/00:00:00 GigabitEthernet1/3, Forward/Dense, 01:03:21/00:00:00 List IGMP Groups. Except “Auto-rp” entry, no other IGMP entry can be seen as no receiver is present. Cisco-2#show ip igmp groups IGMP Connected Group Membership Group Address Interface 224.0.1.40 GigabitEthernet1/1 Uptime 01:03:32 Expires 00:02:07 Last Reporter 10.1.2.1 PIM SPARSE Mode Here are some explanations about PIM V2 sparse mode In PIM Sparse mode, there is no more periodic flooding of Multicast flows. Instead, routers call for Multicast flows to a “Rendez-Vous Point” (RP) Router. And a mapping group-to-RP is set manually or statically. “A Bootstrap router (BSR) is elected to advertise the different mappings to all PIM Sparse multicast routers. Here are the fundamental mechanisms as defined b y the IETF: 1- BSR Election. Each Candidate-BSR originates Bootstrap messages (BSMs). Every BSM contains a BSR Priority field. The C-BSR with the higher priority becomes the elected BSR, and its BSMs inform all the other routers in the domain that it is the elected BSR. 2- C-RP Advertisement. Each Candidate-RP sends periodic CandidateRP-Advertisement (C-RP-Adv) messages to the elected BSR. A C-RP-Adv message includes the priority of the advertising C-RP, as well as a list of group ranges for which the candidacy is advertised. In this way, the BSR learns about possible RPs that are currently up and reachable. 3- RP-Set Formation. The BSR selects a subset of the C-RPs that it has received C-RP-Adv messages from to form the RP-Set. In general it should do this in such a way that the RP-Set is neither too large to inform all the routers in the domain about, nor too small so that load is overly concentrated on some RPs. It should also attempt to produce an RP-Set that does not change frequently. 4- RP-Set Flooding. In future Bootstrap messages, the BSR includes the RP-Set information. Bootstrap messages are flooded, which ensures that the RP-Set rapidly reaches all the routers in the domain. BSMs are originated periodically to ensure consistency after failure restoration. PIM Sparse-mode configuration of ProCurve-1 Vlan and IP configuration. Vlan 200 contain receivers and IGMP is enabled. hostname "ProCurve-1" ip routing vlan 10 name "VLAN10" untagged 1 ip address 10.1.1.2 255.255.255.252 exit vlan 20 name "VLAN20" untagged 2 ip address 10.1.2.2 255.255.255.252 exit vlan 200 name "VLAN200" untagged 19 ip address 10.1.200.1 255.255.255.0 ip igmp exit Global OPSF Configuration ip router-id 1.0.0.0 router ospf area backbone exit Enabling of IP Multicast routing ip multicast-routing PIM Configuration: we define the ProCurve router to be a bsr-candidate as well as a rp-candidate. VLAN 200 as the IP source interface and priority is defined equal to 10 (highest is best). router pim bsr-candidate bsr-candidate source-ip-vlan 200 bsr-candidate priority 10 rp-candidate rp-candidate source-ip-vlan 200 rp-candidate group-prefix 224.0.0.0 240.0.0.0 rp-candidate hold-time 150 priority 10 exit IP interfaces are defined in PIM Sparse mode and by default accept all flows (ip-addr any) vlan 10 ip ospf 10.1.1.2 area backbone ip pim-sparse ip-addr any exit exit vlan 20 ip ospf 10.1.2.2 area backbone ip pim-sparse ip-addr any exit exit vlan 200 ip igmp ip ospf 10.1.200.1 area backbone ip pim-sparse ip-addr any exit exit PIM Sparse-mode configuration of Cisco-1 hostname Cisco-1 IP multicast routing is enabled ip multicast-routing Interfaces are defined as sparse-dense mode which means that router can run in both modes depending on the environment. “Sparse-mode” could also be used in this example. interface GigabitEthernet0/1 no switchport ip address 10.1.1.1 255.255.255.252 ip pim sparse-dense-mode interface GigabitEthernet0/3 no switchport ip address 10.1.5.1 255.255.255.252 ip pim sparse-dense-mode interface GigabitEthernet0/4 no switchport ip address 10.1.100.1 255.255.255.0 ip pim sparse-dense-mode OSPF is enabled. router ospf 1 router-id 0.0.0.1 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 The router is defined as bsr-candidate (default priority is 200) and a rpcandidate with priority 200 ip ip ip ip pim pim pim pim bsr-candidate GigabitEthernet0/1 0 rp-candidate GigabitEthernet0/3 priority 200 rp-candidate GigabitEthernet0/1 priority 200 rp-candidate GigabitEthernet0/2 priority 200 end PIM Sparse-mode configuration of Cisco-2 Configuration is similar to Cisco-1’s configuration except the rp-candidate is set to 100 instead of 200. hostname Cisco-2 ip routing ip multicast-routing interface GigabitEthernet0/1 no switchport ip address 10.1.2.1 255.255.255.252 ip pim sparse-dense-mode interface GigabitEthernet0/2 no switchport ip address 10.1.4.1 255.255.255.252 ip pim sparse-dense-mode interface GigabitEthernet0/3 no switchport ip address 10.1.5.2 255.255.255.252 ip pim sparse-dense-mode ip ip ip ip pim pim pim pim bsr-candidate GigabitEthernet0/3 0 rp-candidate GigabitEthernet0/3 priority 100 rp-candidate GigabitEthernet0/1 priority 100 rp-candidate GigabitEthernet0/2 priority 100 router ospf 1 router-id 0.0.0.2 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 end Check PIM Sparse-mode on ProCurve-1 PIM Global parameters ProCurve-1# show ip pim PIM Global Parameters PIM Status State Refresh Interval (sec) Join/Prune Interval (sec) SPT Threshold Traps : : : : : enabled 60 60 Enabled PIM Interface parameters ProCurve-1# show ip pim interface PIM Interfaces VLAN IP Address Mode ---- --------------- -----------10 10.1.1.2 sparse 20 10.1.2.2 sparse 200 10.1.200.1 sparse PIM Neighbors ProCurve-1# show ip pim neighbor PIM Neighbors IP Address --------------10.1.1.1 10.1.2.1 VLAN Up Time (sec) Expire Time (sec) ---- ------------------ -----------------10 9805 83 20 9802 84 What router is elected PIM Bootstrap router. Based on priority, it could be Cisco-1 or Cisco-2. E-BSR means Elected BSR. It is Cisco-2 (10.1.5.2) C-BSR=Candidate BSR, C-RP=candidate RP. ProCurve-1# show ip pim bsr Status and Counters - PIM-SM Bootstrap Router Information E-BSR Address E-BSR Priority E-BSR Hash Mask Length E-BSR Up Time Next Bootstrap Message : : : : : 10.1.5.2 200 16 6 hours 90 secs C-BSR C-BSR C-BSR C-BSR C-BSR C-BSR : : : : : : This system is a Candidate-BSR 10.1.200.1 10 30 60 200 : : : : : : This system is a Candidate-RP 10.1.200.1 150 60 10 200 C-RP C-RP C-RP C-RP C-RP C-RP Admin Status Address Priority Hash Mask Length Message Interval Source IP VLAN Admin Status Address Hold Time Advertise Period Priority Source IP VLAN Group Address Group Mask --------------- --------------224.0.0.0 240.0.0.0 PIM Candidate router. ProCurve-1# show ip pim rp-candidate Status and Counters - PIM-SM Candidate-RP Information C-RP C-RP C-RP C-RP C-RP C-RP Admin Status Address Hold Time Advertise Period Priority Source IP VLAN : : : : : : This system is a Candidate-RP 10.1.200.1 150 60 10 200 Group Address Group Mask --------------- --------------224.0.0.0 240.0.0.0 Following displays the RP-set = mapping between RP and IP Multicast flow. Note that no static mapping has been set and that all RP-candidates are set to accept all IP Multicast flows. ProCurve-1# show ip pim rp-set Status and Counters - PIM-SM Static RP-Set Information Group Address Group Mask RP Address Override --------------- --------------- --------------- -------- Status and Counters - PIM-SM Learned RP-Set Information Group Address --------------224.0.0.0 224.0.0.0 224.0.0.0 224.0.0.0 Group Mask --------------240.0.0.0 240.0.0.0 240.0.0.0 240.0.0.0 RP Address --------------10.1.1.1 10.1.2.1 10.1.5.1 10.1.200.1 Hold Time --------168 163 172 116 Expire Time ------------109 104 113 57 Check PIM Sparse-mode on Cisco-1 List PIM interfaces Cisco-1#show ip pim interface Address Interface 10.1.1.1 10.1.5.1 10.1.100.1 GigabitEthernet0/1 GigabitEthernet0/3 GigabitEthernet0/4 Ver/ Nbr Mode v2/SD 1 v2/SD 1 v2/SD 0 Query Count 30 30 30 DR DR Intvl Prior 1 10.1.1.2 1 10.1.5.2 1 10.1.100.1 List PIM neighbors Cisco-1#show ip pim neighbor PIM Neighbor Table Neighbor Interface Address 10.1.1.2 GigabitEthernet0/1 10.1.5.2 GigabitEthernet0/3 Uptime/Expires Ver 02:42:31/00:01:17 v2 04:05:42/00:01:15 v2 DR Prio/Mode 1 / DR 1 / DR S List IP Multicast routes Cisco-1#show ip mroute IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 225.1.1.1), 03:49:31/stopped, RP 10.1.200.1, flags: SPF Incoming interface: GigabitEthernet0/1, RPF nbr 10.1.1.2 Outgoing interface list: Null (10.1.100.100, 225.1.1.1), 02:43:12/00:03:29, flags: FT Incoming interface: GigabitEthernet0/4, RPF nbr 0.0.0.0, Registering (data-header) Outgoing interface list: GigabitEthernet0/1, Forward/Sparse-Dense, 02:37:22/00:03:08, H List PIM RP and BSR information. Note BSR is 10.1.5.I2 (Cisco-2) Cisco-1#sh ip pim rp Group: 225.1.1.1, RP: 10.1.200.1, v2, uptime 02:28:15, expires 00:01:07 PIMv2 Bootstrap information BSR address: 10.1.5.2 (?) Uptime: 00:05:07, BSR Priority: 200, Hash mask length: 16 Expires: 00:02:22 This system is a candidate BSR Candidate BSR address: 10.1.1.1, priority: 0, hash mask length: 0 Candidate RP: 10.1.5.1(GigabitEthernet0/3) Advertisement interval 60 seconds Next advertisement in 00:00:10 Candidate RP priority : 200 Candidate RP: 10.1.1.1(GigabitEthernet0/1) Advertisement interval 60 seconds Next advertisement in 00:00:05 Candidate RP priority : 200 Check PIM Sparse-mode on Cisco-2 List PIM interfaces Cisco-2#sh ip pim interface Address Interface 10.1.2.1 10.1.5.2 GigabitEthernet0/1 GigabitEthernet0/3 Ver/ Mode v2/SD v2/SD Nbr Count 1 1 Query Intvl 30 30 DR Prior 1 1 DR 10.1.2.2 10.1.5.2 List PIM neighbors Cisco-2#sh ip pim neighbor PIM Neighbor Table Neighbor Interface Address 10.1.2.2 GigabitEthernet0/1 10.1.5.1 GigabitEthernet0/3 Uptime/Expires Ver 02:20:52/00:01:24 v2 03:44:10/00:01:41 v2 DR Prio/Mode 1 / DR 1 / S List IP Multicast routes Cisco-2#sh ip mroute IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel Y - Joined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 225.1.1.1), 03:29:12/stopped, RP 10.1.200.1, flags: S Incoming interface: GigabitEthernet0/1, RPF nbr 10.1.2.2 Outgoing interface list: GigabitEthernet0/3, Forward/Sparse-Dense, 02:00:20/00:00:00, H (10.1.100.100, 225.1.1.1), 02:22:53/00:02:46, flags: PT Incoming interface: GigabitEthernet0/3, RPF nbr 10.1.5.1 Outgoing interface list: Null Display of PIM RP and BSR routers information Cisco-2#sh ip pim bsr-router PIMv2 Bootstrap information This system is the Bootstrap Router (BSR) BSR address: 10.1.5.2 (?) Uptime: 00:00:02, BSR Priority: 200, Hash mask length: 16 Next bootstrap message in 00:00:57 Candidate RP: 10.1.5.2(GigabitEthernet0/3) Advertisement interval 60 seconds Next advertisement in 00:00:10 Candidate RP priority : 100 Candidate RP: 10.1.2.1(GigabitEthernet0/1) Advertisement interval 60 seconds Next advertisement in 00:00:04 Candidate RP priority : 100 Display Mapping between RP and Multicast groups/flows Cisco-2#sh ip pim rp Group: 225.1.1.1, RP: 10.1.200.1, v2, uptime 02:22:22, expires 00:02:06
