I keep wanting to write one for Cisco IOS to HP A-series. And I will eventually do that, but in the mean time, here is a PDF that is a nice big reference guide to all the commands.

Enjoy!

HP A E Cisco-CRG-final.pdf

Well, when I left that job my world was turned upside down. I ended up joining a reseller who sold /some/ Cisco but the bread and butter was HP ProCurve. How could this be? People really bought networking products from other vendors? Yes, people do. A lot of people do.

The transition was easy. The command line took only a couple minutes to get myself used to and I was off to the races. Building off my existing knowledge, I could apply everything I knew from protocols and standards to foundational design theory. I quickly understood that Cisco wasn’t the only major player in my market space. Don’t get me wrong, I don’t hate Cisco. I still work with it and in some cases it’s the right fit. But in most cases, HP is my go-to networking vendor.

I also still maintain Cisco certifications – a CCNP, CCDA as well as a plethora of various Partner specific certifications to keep my employer happy. They have a great education program, there’s no doubting that. My knowledge foundation comes from it. HP’s education program is pretty good too and always improving – it’s one to keep an eye on. I carry an HP ASE myself. Career wise, if you really know what you’re doing, you shouldn’t have to worry about the letters that follow your name – those alone aren’t going to get your very far if your knowledge is challenged.

Now having gotten that ramble out of the way, I’d like to take you through the basic differences between configuring the two vendors switches.

I’ll compare Cisco’s IOS and the OS found in HP E-Series (aka ProCurve). I’ll save Nexus vs HP A-Series for a future post.

I will refer to Cisco IOS as IOS and HP E-Series as HP’s for the remainder of this post.

So let’s start with some basic ideas.

How to Login

IOS:

switch> enable

switch# configure terminal (conf t)

switch(config)#

HP:

switch# conf t  //because you will be in privileged mode by default

switch(config)#

Basic Setup

IOS:

switch(config)# hostname SW1

SW1(config)# enable secret 0 p@ssw0rd

SW1(config)# clock set 12:00 Feb 10 2011

HP:

switch(config)# hostname SW1

SW1(config)# password all //you will be prompted for an Operator and Manager password, set them the same to basically negate the Operator user

SW1(config)# clock set 02/10/2011

SW1(config)# clock set 12:00

Creating a VLAN, Assign an IP and Setting a Default Gateway

IOS:

SW1(config)# int vlan 100

SW1(vlan-100)# ip address 10.1.100.254 255.255.255.0

SW1(vlan-100)# exit

SW1(config)# ip default-gateway 10.1.100.1

HP:

SW1(config)# int vlan 100

SW1(vlan-100)# ip address 10.1.100.254/24 //255.255.255.0 will also work but the /24 is a handy short cut

SW1(vlan-100)# exit

SW1(config)# ip default-gateway 10.1.100.1

Enabling Layer 3 Routing and Setting a Layer 3 Default Route

IOS:

SW1(config)# ip routing

SW1(config)# ip route 0.0.0.0 0.0.0.0 10.1.100.1

HP:

SW1(config)# ip routing

SW1(config)# ip route 0.0.0.0 0.0.0.0 10.1.100.1

So far so good right? So here come the curve balls, but they’re easy to navigate.

Assigning VLANs

In IOS, you assign VLANs to ports and in HP you assign ports to VLANs. Let’s create an additional VLAN and configure fictitious ports 1-12 on VLAN 100 and 13-24 on VLAN 200.

IOS:

SW1(config)# int vlan 200

SW1(vlan-200)# ip address 10.1.200.254 255.255.255.0

SW1(vlan-200)# exit

SW1(config)# int range fa1-12

SW1(int-range)# switchport access vlan 100

SW1(int-range)# int range fa13-24

SW1(int-range)# switchport access vlan 200

HP:

SW1(config)# vlan 200

SW1(vlan-200)# ip address 10.1.200.254/24 //once again using the short cut

SW1(vlan-200)# exit

SW1(config)# vlan 100

SW1(vlan-100)# untag 1-12

SW1(vlan-100)# vlan 200

SW1(vlan-200)# untag 13-24

So let’s review that. In HP, you create an “access port” by “untagging”? Well, ya, an access port is sending frames without a dot1q tag on it, understood by default servers, PCs, printers, etc. So HP quite literally has you specify that you are sending frames untagged.

Link Aggregation

Moving on, let’s say we want to aggregate ports 23 and 24 into an aggregated link.

IOS:

SW1(config)# int range fa23-24

SW1(int-range)# channel-group 1 on

//a virtual interface is now created called “Port-Channel 1″ and instead of configuring ports 23 and 24 individually, you will now configure Port-Channel 1 as you would any other port

HP:

SW1(config)# trunk trk1 23-24

//a virtual interface is also created here called Trk1 and you will also be applying any any configuration to Trk1 now and not 23 or 24 individually, in fact HP will remove it from the config all together

VLAN Trunking

The last thing I wanted to cover was VLAN Trunking, which is carrying multiple VLANs on a single link. Used for connecting switches that have several VLANs, Firewalls, Routers or virtualization hosts. We’ll configure VLANs 100 and 200 to be carried across our newly created aggregated link.

IOS:

SW1(config)# int po1 //this is how you refer to Port-Channel 1

SW1(po1)# switchport mode trunk

SW1(po1)# switchport trunk allow vlan 100,200

HP:

SW1(config)# vlan 100

SW1(vlan-100)# tag trk1

SW1(vlan-100)# vlan 200

SW1(vlan-200)# tag trk1

I’ve created a quick chart of those last three points for your reference.

HP has come a long way, I’ve worked on some of their very old gear (because of ProCurve’s lifetime warranty they stay in production for a long time) and configuring the older stuff was easy with the menu system but using a command line is far more robust. CLI is great for backing up configs, running quick config scripts and quickly reviewing how the switch is configured.

Hopefully this post can be of help to you if you are considering HP or have just received your first one and are scratching your head for where to start.

Feel free to leave a comments!

]]> http://www.networksandsecurity.com/home/2011/02/11/lost-in-translation-converting-your-cisco-or-hp-networking-knowledge-from-one-to-the-other/feed/ 8 http://www.networksandsecurity.com/home/2010/03/22/cisco-and-check-point-vpn-interoperability/ http://www.networksandsecurity.com/home/2010/03/22/cisco-and-check-point-vpn-interoperability/#comments Mon, 22 Mar 2010 18:12:15 +0000 buu http://www.networksandsecurity.com/home/?p=57 For the life of me, I could not find my notes from the last time I configured a site to site VPN between a Cisco ASA and a Check Point gateway. I wanted to see if I’d left myself any reminders about caveats.

I also couldn’t find the perfect Check Point Secure Knowledge article so I found this rather quickly on Google and it seems to fit the bill.

http://www.imacandi.net/sin/wiki/IPSec_VPN_between_Cisco_ASA_and_Check_Point_NGX

The web site in general has some additional useful articles so here is my way of bookmarking it.

However, ProCurve now has the ProCurve Open Network Ecosystem (ONE). This is an initiative that has joined many vendors (other than Cisco) together to test, certify and deliver combined solutions through the use of an Intel-based services module that will fit right into your ProCurve zl series chassis switch (5400 and 8200). This ONE services module already has some big players lined up, several of which I work with a lot. The notable ones for me will be:

• Mitel 3300 IP-PBX
• F5 Local Traffic Manager
• HP NAC
• A variety of firewalls, IPS and antivirus
• Microsoft NAP (Windows Server 2008)
• Riverbed Steelhead
• AirMagnet

While I still have an agnostic view on vendors, I like to have choices when I design a network for a customer and this will be great for all the people who don’t want to pay the big dollars for Cisco but still give you similar module options. Granted, the 5400 and 8200 series ProCurves don’t quite have what it takes to go toe to toe with a Cisco 6500 chassis , most notably lacking stateful management switchover and having lower port capacity. However, if someone isn’t looking for those features, the 8200 chassis switch makes for a great option and the zl series chassis switches in general will be even more appealing with ProCurve ONE. I’m looking forward to getting my hands on a setup and write up an article about the experience.

Cheers

-buu