Monthly Archives: July 2017

SNTP on HP Procurve 2530

Leave a comment Posted by on July 18, 2017

SNTP is used to synchronize time from a switch (HP in this case) with any time server. SNTP is actually fully compatible with NTP so life is easy in that respect . SNTP is a scaled down version off NTP. There are a few difference between the protocols – some being simplicity in how the time is synchronized between server and client, and processing of server failures.

I had to configure SNTP on a few HP Procurves (2500, 3800, 2900, 2500)  of all makes and models today and thought it would be good to document/share. I was setting SNTP on the switch to synchronize time with an AD controller within the network for timestamps in logs, etc.

On the 2530 Code is as follows:

config t

sntp server priority 1 10.44.130.10  — Sets the server priority, and the server IP/NAME

sntp unicast — changes from Broadcast to Unicast.

timesync sntp — Sets timesync to use SNTP instead of NTP or other options.

  • On some older HP firmwares/switches I found that the priority command was not avaliable.

After these changes you can check the time with the “show time” command, and dig deeper with “Show sntp” commands.

show

 

Misc

FGT traffic shaping in 5.4 – Per Policy/shared options

Leave a comment Posted by on July 10, 2017

The best docs are always at docs.fortinet.com

Fortigate traffic shaping is awesome, lots of options and it all works really well. Going from 5.2 to 5.4/5.6 is quite different due to the creation of policies changing from within the firewall policy, to their own section. Either way, they all work great.

I did notice at least in 5.4 that the option to change how a policy is used do not seem to be in the GUI. Previously there were two options – “Per Policy”, and “all policies using this shaper”. Selecting “all policies using this shaper” would have all policies using that shaper object to share the guaranteed or Max bandwidth settings between all policies using that shaper. Selecting “Per Policy” allows you to dedicate those same settings to each policy referencing the shaper object.

Which gets to my point, in 5.2 you had the options below. Notice the options about how to apply the shaper.

5-2

In 5.4.5 at least notice that they are gone. Of course, if you upgraded from 5.2 the options are there.

5-4

So as with everything that does not show up in the GUI – you know it is in CLI. So I dropped down to CLI to check if the settings are still there. By editing the shaper, and using the “get” command I could see all settings and their values the policy had to offer. As I thought the option “Per-Policy” is there with the default settings of disabled. So by default, all Shaper policies have  settings shared between different traffic policies referencing that shaper.

edit-shaper

So in this case, I want to give the same percentage of bandwidth to each of the traffic shaper policies referencing my shaper object. So I will modify that option.

set-options

Now, in the GUI lets check that policy again –

after-changes

Awesome, now we have the actual options to change.

Fortigate ,

Brocade DHCP on 7450 Switch

Leave a comment Posted by on July 5, 2017

I had the need today to setup DHCP on a Brocade 7450 Switch. I had never done this before, but very straight forward. Thought I would document how to/options if anyone ever needs it.

DHCP pool to create – TX-POOL, scope 192.168.6.0/24

config t

ip dhcp-server pool TX-POOL
dhcp-default-router 192.168.6.1
dns-server 192.168.1.183
excluded-address 192.168.6.1 192.168.6.10
lease 1 0 0
network 192.168.6.0 255.255.255.0
deploy

Notice the “Deploy” option – this puts everything into motion. Lots more options available like Domain-name, Options, lease times, etc.

To make sure everything is working you have some great show commands:

Show

Misc , , ,