##################################################################### Appendix A - HP 2824 CLI relevant commands ##################################################################### show config show running-config [status] show interfaces [brief] [config] show spanning-tree [detail] show vlan show lacp show cdp neighbors show lldp info remote-device configure password manager user-name admin end write mem reload ##################################################################### Appendix B - Basic switch configuration ##################################################################### hostname "switch" snmp-server contact "network services" time timezone -480 time daylight-time-rule Continental-US-and-Canada lldp run cdp run sntp server 128.223.32.35 sntp server 128.223.60.22 ip icmp burst-normal 20 ip icmp reply-limit ip ttl 6 timesync sntp sntp unicast snmp-server community "public" manager restricted snmp-server host 10.X.10.100 "public" Not-INFO snmp-server enable traps authentication vlan 1 name "DEFAULT_VLAN" untagged 1-24 ip address 10.X.10.5 255.255.255.0 ip igmp exit fault-finder broadcast-storm sensitivity low ip authorized-managers 10.X.0.0 255.255.0.0 no dhcp-relay crypto key generate ssh rsa ip ssh ip ssh key-size 1024 ip ssh port default interface 1 no lacp exit interface 2 no lacp exit interface 3 no lacp exit interface 4 no lacp exit interface 5 no lacp exit interface 6 no lacp exit interface 7 no lacp exit interface 8 no lacp exit interface 9 no lacp exit interface 10 no lacp exit interface 11 no lacp exit interface 12 no lacp exit interface 13 no lacp exit interface 14 no lacp exit interface 15 no lacp exit interface 16 no lacp exit interface 17 no lacp exit interface 18 no lacp exit interface 19 no lacp exit interface 20 no lacp exit interface 21 no lacp exit interface 22 no lacp exit interface 23 no lacp exit interface 24 no lacp exit no telnet-server ##################################################################### Appendix C - Spanning Tree Configuration ##################################################################### spanning-tree spanning-tree protocol-version STP spanning-tree priority 6 * For the aggregation switch, use priority 0 ##################################################################### Appendix D - Management VLAN ##################################################################### * On the Aggregation switches: vlan 255 name "MGMT" tagged 19-20 tagged 24 ip address 10.X.255.Y 255.255.255.0 exit * On the access switches: vlan 255 name "MGMT" tagged 23-24 ip address 10.X.255.Y 255.255.255.0 exit ##################################################################### Appendix E - Port Bundling ##################################################################### * On the Aggregation switches only: interface 23 lacp active interface 24 lacp active ##################################################################### Appendix F - Multiple Spanning Tree (MSTP) ##################################################################### * On all switches: spanning-tree protocol-version MSTP write mem reload * On the first aggregation switch: spanning-tree config-name "mstp1" spanning-tree config-revision 1 spanning-tree instance 1 vlan 1 spanning-tree instance 1 priority 0 spanning-tree instance 2 vlan 255 spanning-tree instance 2 priority 2 * On the second aggregation switch: spanning-tree config-name "mstp1" spanning-tree config-revision 1 spanning-tree instance 1 vlan 1 spanning-tree instance 1 priority 2 spanning-tree instance 2 vlan 255 spanning-tree instance 2 priority 0 * On the access switches: spanning-tree config-name "mstp1" spanning-tree config-revision 1 spanning-tree instance 1 vlan 1 spanning-tree instance 2 vlan 255 ##################################################################### Appendix G - Rogue DHCP prevention ##################################################################### dhcp-snooping no dhcp-snooping option 82 no dhcp-snooping verify mac dhcp-snooping option 82 untrusted-policy keep interface dhcp-snooping trust