Getting to know the HP GbE2C Blade Switch

The HP GbE2C Blade Switch is a common option for network connectivity in HP’s “C” class enclosures. I had my first experience with one a few days ago and wanted to give a quick introduction to you.

First, I believe this switch is old. Not 1-2 years aged, but more of a mid-2006 era design. It seems to be capable of a lot, so I’m not disrespecting the capabilities – but the interface is interesting. Perhaps it’s very common for HP/3COM equipment.

I pick up on these things pretty quickly, and I’m guessing you probably do too – so here are a few pointers that might help get you there.

Initial Configuration

In my blade enclosure, it faithfully picked up the EBIPA address I handed out – there is a Web and CLI version of the interface – and the username and password are both admin by default. From there, I was able to connect to the IP by Telnet and HTTP. The CLI is a menu/tree system leading to your configuration commands. The HTTP interface will show to a tree-based setup that almost exactly mirrors the CLI menu structure.

The command structure is a mix between DOS commands and URL structures. An example might work better:

The Main Menu Structure:
------------------------------------------------------------
[Main Menu]
 info - Information Menu
 stats - Statistics Menu
 cfg - Configuration Menu
 oper - Operations Command Menu
 boot - Boot Options Menu
 maint - Maintenance Menu
 diff - Show pending config changes [global command]
 apply - Apply pending config changes [global command]
 save - Save updated config to FLASH [global command]
 revert - Revert pending or applied changes [global command]
 exit - Exit [global command, always available]
Entering the Info Menu
>> Main# info
------------------------------------------------------------
[Information Menu]
 sys - System Information Menu
 l2 - Layer 2 Information Menu
 l3 - Layer 3 Information Menu
 qos - QoS Menu
 acl - ACL Information Menu
 rmon - Show RMON information
 link - Show link status
 port - Show port information
 geaport - Show system port and gea port mapping
 transcvr - Show Port Transceiver status
 ufd - Show Uplink Failure Detection information
 dump - Dump all information
From the Info menu, we look at link status:
>> Information# link
------------------------------------------------------------------
 Port Phy-Type Speed Duplex Flow Ctrl Link
 ---- -------- ----- -------- --TX-----RX-- ------
 1 GE 1000 full no no up
 2 GE 1000 full no no up
 3 GE 1000 full yes yes up
 4 GE 1000 full yes yes up
 5 GE 1000 full yes yes disabled
 6 GE 1000 full yes yes disabled
 7 GE 1000 full yes yes disabled
 8 GE 1000 full yes yes disabled
 9 GE 1000 full no no up
 10 GE 1000 full no no up
 11 GE 1000 full yes yes up
 12 GE 1000 full yes yes up
 13 GE 1000 full yes yes disabled
 14 GE 1000 full yes yes disabled
 15 GE 1000 full yes yes disabled
 16 GE 1000 full yes yes disabled
 17 GE any full yes yes disabled
 18 GE any full yes yes disabled
 19 GE 100 full yes yes up
 20 GE any any yes yes down
 21 Cu 1000 full yes yes up
 22 Cu 1000 full yes yes up
 23 GE any any yes yes down
 24 GE any any yes yes down

However, life can be much easier – you can issue commands and parameters in one line from any menu:

From the VLAN Menu (16 Selected), get Port 10 Info:
>> VLAN 16# /info/port 10
Port Tag MediaRMON PVID NAME VLAN(s)
---- --- ---- ----- -------------- -------------------------------
10 n Auto d 1* Downlink10 1

* = PVID is tagged.

>> Information#

For my dollar, the first few commands to enter are life-savers if you are using the command-line:

Set timeout to 30 minutes and disable console logging
>> Syslog# /cfg/sys/idle 30
Current idle CLI timeout: 5
Pending new timeout: 30

>> System# /cfg/sys/syslog/console d
Current Syslog console output: enabled
New Syslog console output: disabled

>> Syslog# /apply
------------------------------------------------------------------
Apply complete; don't forget to "save" updated configuration.

Please note the /apply command above – I cover it below.

Port Mapping and Cross-Connects

In my configuration, I’m using an HP c7000 enclosure with two HP GbE2C switches each in Mezzanine Slot 1 and Slot 2. If you look at the switch from the Onboard Administrator site, you’ll see 16 ports and (out of the box) there is a direct link between the Port # on the switch and the Bay # – for example, Device Bay #4’s first ethernet adapter connects to Port #4 on Mezzanine Slot #1’s switch, and the second ethernet adapter connects to Port #4 on Slot #2’s switch. This makes life easy and there’s probably no reason to change that.

However, this is a 24-port switch – so, where are the other ports? Well, let’s take a look:

  • Ports 17 and 18: These are “cross-connect” ports that match up to the neighboring mezzanine slot. In my configuration, Ports 17/18 on Slot #1’s switch were cross-connected to Ports 17/18 on Slot #2’s switch. These are disabled by default and are part of the factory-default trunk group (#1), so if you want that cross-connect capability remember to enable Spanning Tree or some other loop-protection mechanism and then enable all four ports.
  • Port 19: This puppy sits on VLAN 4095 and holds the management interface for the switch. Internally, this is connected to the same internal switch fabric that the ILO ports and onboard administrator ports are connected to.
  • Ports 20-24: These are the ports on the back of the switch for external connections.

Configuration Changes and Registers

This switch has three “configuration blocks”: activebackup and factory. Factory is the most obvious – it contains the default factory settings. Active is the current configuration block and anytime you save your switch changes, it will copy the active block to the backup block. You can control this behavior in the /boot menu.

As you make configuration changes through either interface, the switch is not actually applying them. It is queuing up those changes to be applied when you either issue the /apply setting or click the Apply button in the web interface. If you are mid-change and forget what you’ve done so far, you can use the /diff command to see what’s queued up to be changed or the /revert command to revert back to the active configuration block.

Once you are done with your configuration changes, you must use the /save command to save those changes to flash. Otherwise, they’ll not be loaded on the next reboot.

VLANs, Trunks and LACP

A few quick items of note regarding these topics:

  • VLANs are created using the /cfg/l2/vlan menu. From there, you start with the VLAN number, which then places you in a menu with options for that VLAN.
  • VLANs must be enabled before they can be used. For example, issuing the command /cfg/l2/vlan 30 will create the VLAN, but it will not be available for use until you issue the command /cfg/l2/vlan 30/ena.
  • All ports come with tagging disabled, meaning they will send untagged traffic only. Assigning such a port to a VLAN simply changes its PVID.
  • On many switches, you create Trunk/LAG groups, turn LACP on for those groups, and assign VLAN options to those groups. For the GbE2C, you can create a Trunk Group or enable LACP for those ports and you must assign VLANs to each interface in that group.

Let’s do a quick example where we’ll tag traffic on our uplink ports (21/22), but make it the default PVID on Ports 4 and 5. We’ll also enable LACP on Ports 21/22 for aggregation purposes:

>> Main# /cfg/l2/lacp/port 21/mode active
Current Port LACP mode setting: off
New Port LACP mode setting: active

>> LACP Port 21# /cfg/l2/lacp/port 22/mode active
Current Port LACP mode setting: off
New Port LACP mode setting: active

>> LACP Port 22# /cfg/port 21/tag e
Current VLAN tag support: disabled
New VLAN tag support: enabled

>> Port 21# /cfg/port 22/tag e
Current VLAN tag support: disabled
New VLAN tag support: enabled

>> Port 22# /cfg/l2/vlan 30/ena
VLAN number 30 with name "VLAN 30" created.
Reminder: VLAN 30 needs to be enabled.
Current status: disabled
New status: enabled

>> VLAN 30# /cfg/l2/vlan 30/def 21 22
Current ports for VLAN 30: empty
Pending new ports for VLAN 30: 21 22

>> VLAN 30# /cfg/l2/vlan 30/add 12
Port 12 is an UNTAGGED port and its current PVID is 1.
Confirm changing PVID from 1 to 30 [y/n]: y
Current ports for VLAN 30: empty
Pending new ports for VLAN 30: 12 21 22

The net result of this command will be the creation of a LACP-enabled group on Ports 21/22, a new VLAN is created, traffic for that VLAN will be tagged on Ports 21/22 and will be untagged on Port 12

Routing Capabilities

The GbE2C can act as a basic Layer 3 router as well. Simply define an interface on each network you wish to route for and then enable IP forwarding.

Let’s build on the above example and set up routing between VLAN 1 and VLAN 30. First, we need to create an interface for both VLANs. Note that the interface numbers below are simply index numbers – they aren’t important. Interface 256 is the out-of-box VLAN 4095 management interface, so we’ll start with 255 and work down:

/cfg/l3/if 255
ena
addr 172.17.0.1
mask 255.255.255.0
vlan 30

/cfg/l3/if 254
ena
addr 172.25.41.4
mask 255.255.255.0

VLAN 1 will now have an interface at 172.25.41.4 and VLAN 30 will have an interface at 172.17.0.1. But how do we go about routing between these two networks? By turning on routing, of course – and defining a default gateway:

>> Layer 3# /cfg/l3/frwd/on
Current status: OFF
New status: ON

>> IP Forwarding# /cfg/l3/gw1/addr 172.25.41.1
Current IP address: 0.0.0.0
New pending IP address: 172.25.41.1

>> Default gateway 1# /cfg/l3/gw 2/ena
Current status: disabled
New status: enabled

The GbE2C supports gateway polling which allows it to PING a gateway value every so often and make sure it’s alive before sending traffic to it – this lets you have redundant gateways out of your network. It can do this by PING or ARP checks. Reference the menu for questions.

Of course, I ran into a large caveat setting up routing that I wanted to mention to save you some time. Out of the box, the GbE2C switch comes pre-configured to DHCP an address from the enclosure on VLAN 4095. This works out nicely for initial management, but it also configures a Default Gateway on Index #4 for traffic to escape. This means that your management network must be able to pass your traffic, or you must disable this functionality to prevent the EBIPA-assigned address from becoming your default destination for out-of-network traffic.