Monday Sep 25

Posts Tagged ‘Tips & Tricks’

Layer 1: Mr Bump and the Bad Wire
Last Updated on Tuesday, 12 August 2008 03:52
Written by JJ
Wednesday, March 19th, 2008

No, not a bad Mr Bump, or a bad Bump in the Wire… But one of the Bumpster’s recent posts brings about a good topic for mention- bad cable (or wire, as is more appropriate for his post).

In his friendly KISS-it note, he shares a story to remind us of our Layer 1 woes. I can’t TELL you how many times there’s a mystery problem… which almost always later surfaces as a physical dis-connect or mis-connect along the way.

In fact, just last night a certain someone called me from the road while setting up a demo… after hours of agony (and fixing some other issues) the final problem was- YEP- a cable in the wrong spot.

It’s something that happens to all of us- certainly nothing to be ashamed of. And it doesn’t always work out to be a misplaced cable… quite frequently we see bad cables, older cheap Cat 5 that’s not behaving well, home-made ends that corrode or break and even the occasional patching mis-match (see my previous post on 568A vs B).

Don’t we feel stupid after hours (or days) of puzzling, only to find out there’s a piece of metal, plastic or fiber to blame?

Here are a few Tips & Tricks to check Layer 1 and possibly eliminate frustration when you have your next ‘mystery’ problem:

  • Cable placement. Obvious one, but check and double-check, then have someone else check. It’s like proof-reading your own writing.
  • Cable REplacement. If you’re not sure- just replace the cable when possible with a known good. (Note the ‘known good’, I’ve seen batches of lemons more than once).
  • Ditch Home Mades. This little gem comes from my father- many years ago, he started noticing home-made cable ends (even those made with the BEST crimping tools) would eventually deteriorate. It may be fatigue, corrosion or little aliens- you can’t always be 100% sure of the cause, but it happens more often than not.
  • Don’t Bend It. If you are working with fiber, be nice to the fiber… wrap it gently in loose coils. Don’t bend it, squish it or let it get crimped in the cable management. You may know this, but others rummaging in your closet may not.
  • Check Negotiation. Hop in the switch or device interface and see what speed and duplex it auto-negotiated to. This culprit is probably a close 2nd behind finding bad cables.
  • Check Neighbors. A good way to dig around and investigate a possible Layer 1 issue is to jump back in that switch interface and do a show arp or show neighbors (clear old first) and see if you what you think should be there is actually there.( Pings can work too, but it’s possible ICMP is disabled, so I prefer the former method personally.)
  • Check Patching Termination. Instead of repeating myself, I’ll direct you to the recent post on 568A vs B. You’ll usually see this when you upgrade from 10/100 to Gig.

Layer 1 is the FIRST thing we check for when doing a site survey or network migration plan. If you don’t get that one right, the others are surely to fail… which may take you to Layers 8 & 9… and as we know- we like to stay a 7 and below. ;)

# # #

ProCurve PCM+ Quick Start Tips
Last Updated on Tuesday, 12 August 2008 03:35
Written by JJ
Wednesday, January 30th, 2008

Tips & Tricks: HP ProCurve PCM+ (ProCurve Manager Plus)

Occasionally I like to throw something useful out there- so here goes! Included are some tips and tricks for getting started with ProCurve’s PCM+. PCM is the management software for ProCurve Networking devices, switches, wireless and security. I’ll give you a brief overview of the available options and plug-ins at the end.

What to Install. When you install PCM+, other plug-ins are included in the install package, so you’ll be prompted to select which components to install. My advice- start with PCM+ only. Once you layer in the other plug-ins, the menus, options and views become intertwined and it’s hard to tell what’s a native PCM+ option, or something included in IDM, NIM or PMM (see end for plug in details). If you’ve already purchased licenses for one or more of the others, go ahead and install them. Otherwise, load PCM+, get used to it, then add a plug in. It’s the only way you’ll know if you want/need the additional features from the plug in.

Selecting a Start From Device. When you first install PCM or PCM+, it will ask for a ‘start from’ device, which is exactly what it sounds like- it’s a starting or seed device from which the network sweep will start. Generally, you want something close to the ‘root’ of the network tree- something in the center. Most likely, you have a mixed environment, with other equipment in the WAN or core area of the network. In these cases, we suggest you use a start from device that’s the ProCurve device closest to the core/WAN area, even if it’s a hop or two out from what you consider your core. If the management server you’re loading PCM on is directly attached to a ProCurve switch, that’s another good place to start. You can change this setting later under Preferences if your first choice isn’t working well for you.

Connecting PCM to You may have a reason you don’t want to do this, but barring that, I recommend customers select the option to link PCM+ to their MyProCurve account. MyProCurve provides some asset management and is how you download software and generate license keys for purchased software. If it’s linked to your PCM, it makes the transfer one step easier, keeps a correct inventory of your network devices and lets you set alerts when new software updates are available for your switch types.

Structure. Understanding the general structure will give you a good feel for where to find things. There are a variety of menus, each available in a variety of contexts. You can view information for a) the entire network, b) a group of switch series, c) a custom defined group, d) a specific switch and even e) a specific port (where applicable). If you’re looking for specific information, be sure you’re where you want to be in the left navigation pane- on the overview, on the group, or on a single switch.

Initial Configuration Scan. PCM will give you nice dashboard views of your switches at a glance, from the main dashboard, or a series of sub-boards. The information used for these tallies is incomplete until the device has undergone an initial Configuration Scan. Your pie charts may display unscanned switches as ‘other’. The Scan Device option is available from drop-down menus when you right click on device(s) and in the main tool menu (look for the wrench). You can set an optional comment for the scan- not required and not necessary for initial scans, but may be helpful when scanning after config changes. The Scan Device tool will pull down the current software version and all the configuration details. You can then see if all switches are up to current (or your preferred) firmware version and see a side by side comparison of the most recent configurations. You can perform a manual scan, or schedule scans for a single device or group of devices.

Network Map View. Click Network Map in the left navigation pane for an overall Network Map View. This view is a good ‘default view’ for checking out your network. Switches appear with green backgrounds when all is good. If you see yellow or red- you’ve got problems. When you’re in the Network Map view, you see the default option to the immediate left to view health based on Ping Status. If you have NIM loaded, you’ll see other security-related options in the drop down. In that same area, you can also select to view the switch connections based on other parameters, such as VLANs and link traffic. Other check boxes let you select to display labels for Port Numbers, Link Speed and Discovery Protocol (usually LLDP). Another nice option is the ‘save layout’ checkbox at the top of the screen. Use this to preserve your arrangement of switches in the view. (Note, each view will have its own saved version).

Checking Out the Switches. The best screens to start familiarizing yourself with PCM and the switch views would be under the device Dashboard tab. Dashboards are available in several contexts, your PCM main dashboard displays a variety of network information (and security details if NIM is installed). To view details for a particular switch, click on the switch (IP/name) from the left navigation pane and view the Dashboard tab. The main screen here will give you basic switch info, the friendly name you assigned it, it’s IP, serial number, firmware, etc. At the bottom of the Dashboard, you’ll see a generic photo of the switch model. You can click on this photo to connect directly to the switch’s Web GUI interface in a browser window. In that photo area in the PCM Dashboard is also a ‘Live View’ tab. Click this tab for a current look at active ports and an overview of which are drawing PoE. You can click on ports to view the assigned port name and properties. Note, the Live View requires Java, so if the image doesn’t display that’s the first thing to check.

VLAN Views. It’s easy to miss an uplink tag here or there along the way. A great way to check your VLANs at a glance is to use the Network Map > VLANs view. You can select an individual VLAN and look for any inter-switch links missing. There’s also a tab available at the top for Port Properties- which will show you all the tagged and untagged ports in that VLAN. A great troubleshooting tool if you have multiple VLANs and several switches.

Using Find Neighbors Of. I love the Find Neighbors tool- look for the binoculars icon. This lets you enter an IP or MAC address and find directly connected devices- whether they’re other switches, servers, desktops or other devices (APs, Phones, etc). It’s an easy way to view the connected devices, or map edge ports, such as servers, on a switch. The results will give you (among other things), port number, IP and DNS name (if applicable).

Traffic Views. Use the traffic views, either for the entire network under the main dashboards, or for a specific switch or group, to track down Ports Behaving Badly (maybe Ports Gone Wild?) anyway- it’s a great troubleshooting tool for finding traffic problems, oversubscribed links and even chatty NICs. You can drill down to specific ports and get some very detailed information on Tx, Rx and types of traffic- broadcast, multicast, protocol and such.

Managing from Your Desktop. PCM+ comes with a desktop agent that can be installed to operate PCM+ from your desktop (vs the server it’s installed on). Many customers choose to RDP into the server, but that’s not always the most reasonable solution, especially if multiple users are accessing PCM. Installing the desktop agent is easy- you simply download it by browsing to the secure web GUI. There is a trick though- you need to add your desktop to the list of allowed management PCs in PCM+. This is done in a basic text file (.txt) located in the PCM+ directory. Think of it as an allowed managers IP list on a switch. 

Troubleshooting. Software is never perfect. If you get pages hanging, you might try to just close and restart PCM+. If you start PCM+ and it “can’t find the PCM Server”, stop and restart the PCM-related services in Windows. If it appears new devices aren’t appearing or updating, go to Preferences > Discovery and stop, then start each of the discovery methods. If your switches aren’t connected in the Network Map, there are probably non-ProCurve devices between them that are hindering the discovery protocol(s) (ie ICMP may be turned off).


Plug-ins for PCM+. There are some pretty nifty options available for PCM+. All the software add-ins from ProCurve run as plug-ins to PCM+, offering a ‘single pane of glass’ view for network management. I’m giving you the 20-second drive-by version of each- feel free to find more at ProCurve’s site.

I’ll start with my favourite- Network Immunity Manager (NIM), which is a security add-in that collects and uses sFlow data for a network-wide analysis of traffic to identify anomalous behaviour actually take action at the port level. NIM can also interact with 3rd party security devices (firewalls) for more in-depth analysis. Next, check out ProCurve Mobility Manager (PMM) if you’re running ProCurve wireless solutions- including their light (WESM/Radio Port) or heavy AP (420/530) solutions. If you were using PMM 1.X, you’ll be delighted at several new features in the new 2.0 release. Last, but definitely not least is Identity Driven Manager (IDM), which installs and latches an agent to your RADIUS to offer a truly unique and full-featured user management solution. Set specific ACLs and QoS per user and enforce them throughout the network, instead of at a central point. You can get a free 30-day trial of any or all of these from ProCurve’s site. \

# # #

The 3 C’s- Your Other Network Stuff
Last Updated on Saturday, 28 January 2012 07:10
Written by JJ
Friday, January 18th, 2008

Tips & Tricks: Fully documenting your network.

During regular ‘closet crawling’ (aka site surveys) we often find a few important details overlooked… and we all know… the devil is in the details! (more…)

More Content

Find more of my content at
- Low Tech Hacking book
- Dark Reading
- Network Computing
- SearchSecurity
- TechTarget

Get Social



Enter your email address:

Delivered by FeedBurner