Concepts

Management communications with a managed switch can be:

  • In band—through the networked data ports of the switch

  • Out of band—through a dedicated management port (or ports) separate from the data ports

Out-of-band ports have typically been serial console ports using DB-9 or specially wired 8-pin modular (RJ-style) connectors. Some recent HPE switches have added networked OOBM ports. The following figure shows management connections for a typical switch.

Figure 67: Management ports

OOBM operates on a "management plane" that is separate from the "data plane" used by data traffic on the switch and by in-band management traffic. That separation means that OOBM can continue to function even during periods of traffic congestion, equipment malfunction, or attacks on the network. In addition, it can provide improved switch security: a properly configured switch can limit management access to the management port only, preventing malicious attempts to gain access via the data ports.

Network OOBM typically occurs on a management network that connects multiple switches. It has the added advantage that it can be done from a central location and does not require an individual physical cable from the management station to each switch's console port.

The following table summarizes the switch management ports.

Table 33: Switch management ports
 

In band

Out of band

Networked

Directly connected

Networked

Management interface

Command line (CLI), menu, Web

Command line (CLI), menu

Command line (CLI), menu

Communication plane

Data plane

Management plane

Management plane

Connection port

Any data port

Dedicated serial or USB console port

Dedicated networked management port

Connector type

Usually RJ-45; also CX4, SFP, SFP+, and XFP

DB9 serial, serial-wired 8-pin RJ

RJ-45

Advantages

Allows centralized management

Not affected by events on data network, shows boot sequence

Not affected by events on data network, allows centralized management, allows improved security

Disadvantages

Can be affected by events on data network; does not show boot sequence

Requires direct connection to console port (can be done via networked terminal server)

Does not show boot sequence